"Password Strength" meter green bar graphic appearing slightly off place...

uwalakabuwalakab
edited November 28 in Memberships


Using 1Password webpages for Family and Enterprise on the following browsers......

Firefox 70.0.1 (64-bit)
Chrome 78.0.3904.108 (Official Build 64-bit)

Have you noticed how the green bar is misaligned? (see attachment).
Seeing this on both Windows 10 Home and Enterprise.

Please can you check this out? Many thanks.

(Also tried restarting browsers and rebooting OS, even tried this on different machines, but to no avail)

Regards,

Benet.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Password Strength meter

Comments

  • GregGreg

    Team Member
    edited December 2

    Hi @uwalakab,

    Thank you for reporting this!

    I am seeing the same on my side, so I will forward your report to our team. We will take a look at what happened there. :)

    On a related note, is there a particular reason you use the web interface on 1Password.com and not 1Password apps that are available for both macOS and Windows?

    Thanks in advance!

    ++
    Greg

    ref: dev/b5/b5#7069

  • uwalakabuwalakab
    edited November 28

    Hi @Greg

    Personally I use 1Password X in Chrome and Firefox more so. This is because many websites I use require password access and hardly any desktop apps that I use, do.
    Also I think it has become a force of habit for me that as I use 1Password X more I don't really require the desktop app. I personally found that 1Password X does what I need and it kind of (for me) made 1Password desktop like an extra and not required.
    I use the website 1Password.com for quick password maintenance (as 1Password X will take you there when you "Edit" a password entry) and also it has nice little touches like "Large Type" of the password shows the number of characters in the password (handy for systems that request specific character positions of a password, like "Please enter characters 2,4 and 7 of your password".
    HINT: This would be good to have on the Android app too.)
    Also the website shows things like "Authorized Devices". I know that the Android app does not have this, but am not sure if the desktop app does.

    Regards,

    Benet.

  • Hi,

    Just another thought... Do you think it'd be possible to have the password strength indicator on the app like you have on the 1Password.com site version? The app has Watchtower so maybe the indicator would be good to have too.
    What do you think?

  • brentybrenty

    Team Member

    Thanks for the additional feedback! I'm glad that you're enjoying 1Password X so much. :) 1Password for Android does support Large Type, but I agree that numbering each character could be helpful in some situations, and perhaps we can do something similar to a "password meter" as well. None of the native 1Password apps (yet?) support advanced account management features like viewing Authorized Devices, but we would like to add more stuff like that in the future. Cheers! :)

    ref: dev/android/onepassword-android#543

  • Hi @brenty

    Thank you for your reply. 1Password X is great. Said this before but really liking the 2FA feature.
    Just another feature to possibly add... Can you make the password strength meter in ALL areas (website, app etc.) be live/immediate?
    By this I mean as you type in your (new) password, you can see how 1Password / 1Password X rates its strength as you type.
    Please, what are your thoughts on this?

    Best regards,

    Benet.

  • ag_anaag_ana

    Team Member

    That would indeed be nice @uwalakab. I am not sure if this can indeed be done, but thank you for suggesting this too :+1::)

  • brentybrenty

    Team Member

    @uwalakab: More importantly, the purpose of 1Password is not manually creating passwords. Use the password generator. "There's an app for that", as they say. ;)

  • Understood re: Password Generator. Just thought that as there is a meter present, that it could be more interactive and a guide.
    (It's also interesting using the password generator seeing each random password has very subtly different strengths indicated).

    Regarding password strength, some vendor websites need to start supporting the use of symbols in passwords and password lengths greater than 20 chars. But until then there's nothing we can do immediately or let alone soon with that.

    Thank you @ag_ana and @brenty

  • BenBen AWS Team

    Team Member

    Regarding password strength, some vendor websites need to start supporting the use of symbols in passwords and password lengths greater than 20 chars.

    Indeed. These have been industry recommendations for years. Some vendors are slow to adapt, unfortunately.

    Ben


  • True @Ben .... Thus the attachment (which you might have seen before)
    :)

  • brentybrenty

    Team Member

    No comment. :lol:

  • Going back to the main issue, just for reference I am also seeing the out of place password meter on Android Chrome too.
    Looking forward to your next update.

  • robrob Agile Customer Care

    Team Member

    Thanks, @uwalakab. :+1:

  • uwalakabuwalakab
    edited December 4

    Hey @ag_ana @brenty and team,

    Regarding my post on Nov 30th with the below.....

    "By this I mean as you type in your (new) password, you can see how 1Password / 1Password X rates its strength as you type.
    Please, what are your thoughts on this?"

    ..... The Adndroid app does not do this exactly, but the 1password.com website does do this already if you:

    1. Edit a password.
    2. Click once on the "key" icon next to the password.
    3. This generates a random password, opens an area showing the password strength meter and password criteria (i.e. length, digits, symbols etc.)
    4. As you type a password for yourself, the password meter shows in realtime the password strength. :)

    So this works on the 1password.com website which is nice. :)
    The Android app shows the password strength meter, but it does not update in realtime as you type.

  • brentybrenty

    Team Member

    The problem is that it isn't reliable at all if you're manually entering it. "Password strength" is not a real thing. It's just a best guess. And the only way for that guess to be reasonably good is by calculating entropy, which is only possible when 1Password is generating it itself, since then it knows the full character set being used and therefore the number of possibilities. Plus we don't want to be encouraging users to make passwords themselves. :)

  • "Plus we don't want to be encouraging users to make passwords themselves."

    Fair point. Agreed.

    Thanks for the reply.

  • brentybrenty

    Team Member

    :):+1:

  • @brenty - Just an example of how a -very- important website has the following password policy, which I think is a bit crazy.

    Your new password must:

    • be between 8 and 12 characters
    • have at least one number (0 to 9)
    • have at least one letter
    • not contain special characters

    The first line should at least say "8 characters or more".

  • brentybrenty

    Team Member

    Yeah, I think they need to join us in the 21st century, especially if it's anything important. :lol: It is, however, easy to generate a compliant password meeting those criteria in 1Password -- questionable security practices notwithstanding. :)

  • @brenty - At least the said site has 2FA on it. It has its own but you can also use another app to do the 2FA.

    Guess what app I chose to do the 2FA? ;) (Need I ask?)

  • brentybrenty

    Team Member

    ;):+1:

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file