1Password app doesn't find all reused passwords, whereas 1Password.com (in browser) does

doray

The 1Password 7 app for Mac doesn't find all reused passwords, whereas 1Password.com (in my browser) does. For me, the 1Password app found 1/3 the number of reused passwords as 1Password.com. Why would that be? Do other people have the same issue?
(I try not to reuse passwords, but sometimes will have two logins for the same site [for both my husband and me] and have the same password for both of them.)

---

1Password Version: 7.3.2
Extension Version: 1.16.2
OS Version: macOS 10.15.1
Sync Type: Not Provided
Referrer: forum-search:1Password app doesn't find all reused passwords, whereas 1Password.com (in browser) does

AGAlumB

@doray: Can you tell me which "1Password app" you're referring to specifically, and some general information about the item and field types in which the passwords in question are stored? The details you included reference both 1Password X and probably 1Password for Mac, which are completely separate, so it would be helpful to know what you're looking at. :)

Also worth noting, you can have a single Login item with multiple URLs saved in it, rather than having more than one Login with the same password.

doray

Thank you for your prompt response, @brenty!
The 1Password app I'm referring to is 1Password 7.3.2 for Mac.
As for the item and field types, all of the items in question are login items (an example is American Airlines -- aa.com), and the passwords are stored in the password field.

I tried to save a single login item with multiple user IDs in it but don't know how. (I tried updating the item, but it just changed what I had instead of saving 2 user IDs.) How can you have a single login item with multiple user IDs, rather than having more than one login with the same password?

Thanks again in advance!

doray

Also, how do you have a single login item with multiple URLs saved in it? I don't know how to do that either.

doray

I think I may have figured out how to have a single login item with multiple URLs saved in it. Not sure if it's the best way to do it, but I edited the item and then put in a new website address (below the sign-in page field).
Still don't know how to have a single login item with multiple user IDs saved in it, though!

Ben

@doray

(I try not to reuse passwords, but sometimes will have two logins for the same site [for both my husband and me] and have the same password for both of them.)

To clarify our position here: we wouldn't recommend having the same password for both of your accounts. The primary purpose of 1Password is making it possible and easy to use strong and unique passwords for each account. Reusing the same password for both your account and your husband's account defeats a lot of the security benefit that 1Password provides.

I tried to save a single login item with multiple user IDs in it but don't know how. (I tried updating the item, but it just changed what I had instead of saving 2 user IDs.) How can you have a single login item with multiple user IDs, rather than having more than one login with the same password?

This isn't possible. Again if these are separate accounts (different usernames) then they should ideally have different passwords, and be entirely separate Login items in 1Password.

Also, how do you have a single login item with multiple URLs saved in it? I don't know how to do that either.

I took a screenshot that should help illustrate the concept:

As you can see I already have three separate URLs listed here, because these three websites all share the same accounts: www.amazon.com, www.amazon.co.uk, and www.audible.com (all are owned by Amazon and can be signed into with an Amazon account). Clicking on the example.com listing under website 4 will allow you to add a 4th URL (e.g. www.amazon.co.jp).

Does that help?

Ben

doray

Yes, thank you very much, Ben! To get back to my original question, what do I do about the fact that the 1Password application for Mac only finds 1/3 the number of reused passwords as 1Password.com? For example, our American Airlines passwords are not considered reused passwords in the application, but they are, and 1Password.com finds them and lists them as such.

doray

P.S.: I tried changing the password for one of my reused password sites -- the same one for both my husband's account and mine, just in case something wasn't working right before -- and it still doesn't show up as a reused password in the 1Password application, though it does in the browser.

AGAlumB

@doray: Without any details, I can only guess. Are they maybe in different vaults?

doray

No, I only have one vault that I save everything in. Thank you for the guess, though!

doray

Is there a way to reset the Watchtower function in the 1Password application?

doray

I just noticed something: Except for one case (authy), the reused sites that do show up in the 1Password application are all cases where the password was the same across different sites (e.g., VRBO and HomeAway, which are owned by the same company and share the same password).
But if it's the same site (where my husband & I have different user IDs but the same password), it does not show up as a reused password in the 1Password application! (Again, except for authy.)

Whereas 1Password.com, in the browser, shows every reused password, whether or not it's the same site.

AGAlumB

@doray: That's correct. In the app, if the website and password are the same, it is assumed that it's the same account, as that's usually how SSO works. It sounds like your problem is that you're actually reusing passwords in the first place, but specifically for the same website in some cases, for both you and your spouse's accounts. As Ben mentioned already, don't reuse passwords; that's the purpose of 1Password, after all: to generate and keep track of unique passwords for each account so you don't have to. And with Watchtower in the mix, you're actually making more work for yourself by not using unique passwords. Change your passwords and make them stronger, and you don't even need to worry about any of this. :)

doray

Thank you, @brenty! It was just confusing because the app and the browser were showing me different results.
But of course you and Ben are right. Changing habits just takes some getting used to.

Ben

Changing habits just takes some getting used to.

Indeed it can be, but in this case it is change for the better. :)

It was just confusing because the app and the browser were showing me different results.

I agree that is confusing... I'll pass that feedback along to the team to see if there is a way we can make the results more consistent.

Ben

doray

Now that I know what each is showing me -- the app and the browser -- there is some value to having it shown each way (e.g., just showing reused passwords across different sites and not within the same site, vs any reused passwords regardless of site). Just wanted to make sure there wasn't anything wrong on my end.
Thank you to Ben and everyone who responded!

Ben

You're welcome. :+1: :)

Ben