Procedure to update weak passwords

I'm new to 1P, on a Mac (plus iPad and iPhone). Many of my passwords are weak and need to be changed, and many of my websites use the identical password. I don't mind changing them one at a time, but I haven't tried yet because I don't want to screw up and get locked out of some of my websites.

Can the password generator in 1P generate a new password, log in, change my password, then remember the new password? I'd rather use the PW generator than have to make up dozens of long, complicated passwords on my own. Do you have a step by step procedure to show me how to upgrade and save my passwords in the easiest and most effective manner? I have some of my old, weak passwords saved in 1P presently, but not all of them. So, I'd love a procedure on updating and changing passwords already stored in 1P, plus one on how to create new passwords as new entries in 1P. Hope that made sense.

Got a link to the procedure to do this, or any advice?

Thanks, Lou


  • The basic answer to:

    Can the password generator in 1P generate a new password, log in, change my password, then remember the new password?

    is "Yes". There's a really helpful knowledge base article on updating the password for a site. If you follow that carefully you should find it works perfectly.

    Do post back if you have any problems though.


  • hawkmothhawkmoth
    edited April 2014

    I've just changed lots of my passwords in response to the Heartbleed issue. Here is what I did for the ones I have in 1Password already. Unfortunately, you will need to visit each web site individually and follow whatever process each requires to update a password. There is lots of variation ion my recent experience.

    Open 1Password and go the record of the site you want to update. Click on the URL for the site (assuming you have that stored in your record). When you have logged on, do whatever the site requires to change passwords. Usually they ask for the old password and the to enter the new one and confirm it. 1Password can help you there. I usually copied the existing password directly out of the record by hovering the mouse over the password and then clicking the button that says Copy. Paste this into the field for the existing password at the web site. I then typically open 1Password mini by clicking the key in the menu bar. From there I select the password generator. If you are at a URL that mini recognizes, the button next to the generated password will say "Fill." Click that and 1Password will automatically fill in the new password and confirm it. You then do whatever the web site requires to save the new password.Typically, you will then see a dialog asking if you want to update your existing record. It you answer that you do, 1Password will replace the old password with the new one. Save the record and you're done. BTW, when you select Fill, the new password is copied to the clipboard at the same time, so if you go astray somehow, you can always manually paste the new one into your 1Password record.

    Some sites have a different enough URL for their login screen that 1Password won't recognize it. IN those cases, mini offers to Copy the new password rather than fill it. Click that button, which will put the new password in the clipboard. Then you paste it in to the new password field and the confirmation field at your web site.

    Some sites send you an email with a link to reset a the password. In those cases, I've used the manual approach.

    I'm betting my memory has faded a little, so you may find that this does't cover it all. But I think it will get you started.

    Now, if you don't have a record for a site in 1Password, when you log in for the first time, 1Password should pop up a dialog and ask if you want to create a new record for that site. Agree, and then return to follow the change directions above.

    I hope that helps a little. It is tedious, and there isn't anyway to completely automate it because there is no way to program 1Password to deal with all of the odd ways different sites work.

    There might be more information in the support section of the AgileBits main web site, but I haven't found it.

  • Hawkmoth, Thanks for the detailed reply. I decided to follow Stephen's link first, and it worked fine. It's pretty much the same as what you do.

    Stephen…one question. The link you supplied enabled me to update and strengthen my PW fine. You link talks about updating manually if 1P doesn't ask for the information. The knowledge base said the passwords would be listed at the left, but I didn't see Passwords listed under my categories. I did see the previously used password under that specific login item. My concern is that if it automatically update my login in 1P, I won't know what the new password is and won't have any way to find it.


    Thanks again, Lou

  • Stephen_CStephen_C
    edited April 2014

    Lou, I think you are referring to the Passwords category in the list of categories in the left pane of the main 1P4 app. If so, you won't see that until you:

    1. generate a password; but
    2. don't save it to a specified login item.

    In other words, it's a sort of safety repository to store any password not specifically linked to a saved login item. For a bit of bonus information, if you need to, when you see that category, you can remove passwords from it by going to 1P4 > Help > Tools > Remove Redundant Generated Passwords.

    Edit: when you follow the procedure to update a password the new password is saved to your clipboard so if you're paranoid you can always copy it temporarily to Notes or some such (not forgetting to delete it once you've checked all is well with the updated login item.)


  • Lou, if I had found what @Stephen_C directed you to, I never would have written that all out! And he posted while I was writing my reply.

  • Thank you Stephen. You've been very helpful.

    So, if I understand correctly, the "Passwords" category in the left pane is only a safety net and is only used IF 1P didn't automatically update my login for that item. If it did automatically update my login item, then it would not be shown in that pane.


  • @hawkmoth, sorry—it's just so frustrating when that happens: I know!


  • Lou, yes that is correct.


  • @Stephen_C - what is frustrating is that I am not nearly as good at resurrecting the instructions that are already provided as you are! Don't care if I get posted over at all.

    And, @lbdina - I have found that you will sometimes find passwords preserved in the Passwords category, even if you successfully updated a record. It's easy to find those entries by clicking on the Duplicate Passwords item in the sidebar, under Security Audit. That will group the Passwords passwords with the main database entry that contains the same password. You can then delete them with confidence.

  • Thanks to your both. Much appreciated. I'll get there.


  • MikeTMikeT Agile Samurai

    Team Member

    Hi Lou,

    On behalf of hawkmoth and Stephen_C, you're welcome.

    Please don't hesitate to let us know if you have more questions or concerns regarding to the process here.


  • Back at the Google passwords, all the Google sites use the same login but I'm getting each one needing to be updated. Is there a way to let 1P know that YouTube, for example, has already been changed through the generic Google password change?

  • Doug in AlaskaDoug in Alaska Junior Member

    I've had numerous problems updating my passwords using the 'Password Generator' and following the procedures shown in this thread and also following the instructions on the website. Most of the time I update a password using the 'Password Generator', I don't see the dialog box asking if I want to update the existing record. Then of course, I'm unable to sign in because my old password is still stored in 1Password and I don't have a clue what the newly generated password is. I've learned to copy the new password before I submit it for change. Several times I've had to click the 'I forgot my password' link on the web-site and start over from scratch. Perhaps a better set of instructions is in order.

  • Any newly generated password not linked to a specific login item should be found in your Passwords category, so if you appear to lose the new password when updating a login look there for it.

    My personal experience is that you do have to follow exactly the steps outlined in the link in post #2 above in order to ensure you get the "upate" prompt.


  • Hi @JoyceC,

    If you use your Google Login for multiple sites, a solution here might be to save all secondary URLS (such as YouTube) in the Google Login. This will ensure that 1Password doesn't prompt you to change the same password multiple times. :)

    Hi Doug,

    I'm sorry to hear that you've been having trouble updating passwords lately! Please check in the password generator in the Mini and ensure that 'Copy to Clipboard before Filling' is checked off. (This option is visible if you click the arrow next to the 'Fill' button.) If this option is selected, your newly generated password will be on the clipboard for those cases where 1Password does not ask you to update your existing Login. You can simply open the correct Login in the main app and paste this new password into the password field. :)

    I hope this helps, but we're here if you have any further questions!

  • Fnially got around to it (they are hard to find, aren't they?) and it appears it worked flawlessly. You folks are the best!

  • Hi @JoyceC,

    I'm so glad to hear that things worked flawlessly! Thanks for letting us know. :) We're here if you have any further questions or concerns.

  • I'm new to 1password! I have several weak passwords. If I use password generator, do I have to write it down and remember it as I do now with the weak passwords or is it remembered automatically. I 'm shy about changing the passwords and not being able to access the sites. Please advise.

    Jim Philpot

  • Personally, my technique is to have 1Password open at the same time I'm changing a password with that specific login item highlighted and ready to be edited. Once I've entered my old password and pasted in the new one twice (usually the requirement when changing a password), I paste the password into the login item straight away and save while also submitting on the website. Worse case scenario something goes wrong but login items keep a password history so easily recoverable. I prefer doing it by hand because I then know I've done it. I love 1Password and I do really appreciate the 1Password extension now I use a browser it works on but as I started off being an Opera browser fan I'm used to doing a lot of stuff manually.

  • Hi @Jim Philpot

    I hope that @littlebobbytables‌ suggestions helped you out! We do also have a handy article in our user guide that shows you how we recommend changing passwords:

    Changing a saved password

    If you have any further questions, we're here to help!

  • Thanks lbt and Megan. Your responses were helpful.

  • BenBen AWS Team

    Team Member

    Thanks for the update!

This discussion has been closed.