New User: Questions about the User Guide

DonaldWardlaw
DonaldWardlaw
Community Member
edited October 2014 in Mac

5.0/safari extension/10.10/8.1

I'm drawn to 1P because I have a ton of lousy passwords. To use 1P, I need to convert them to strong ones.

Here are the issues:

  1. What I see in use, differs from the User Guide. e.g., p. 14. I see the categories in the mini dialogue in the main window, but not on the mini window.

  2. I've installed the extension more than once. It has asked me to install it more than once.

  3. p. 18, welcome to extension. I never see this.

  4. I am able to save an existing login as a login in 1P. Changing it to a more secure pw is a frustrating crap shoot. On two bank accounts I've managed to change the password to a suggested one that 1P doesn't automatically remember or prompt me to remember, thus leaving me unable to log into my accounts. This puts me into the security checks of the banks to get a password reset, which I did. I did manage to get it remembered, just by improvisation*. It's making me very shy about using this program, no confidence it will do what it is supposed to do, or more particularly what the UG says it will do and how it will do it.

  5. p. 26, steps 4 and 5. The pw I tried to update tonight, I could not reliable put the new generated pw into the new pw field on the website. "Fill did nothing." Copy and paste didn't work. If I copy the pw text in the window, and then paste it somewhere, like in a sticky to remember it, it doesn't paste the same set of characters, so again I'm not confident I'm creating the pw that 1P will remember.

  6. Since I'm not confident of what is being entered if I paste, I hesitate to hit the "change password" button to conclude everything because twice I did that and was locked out of my accounts.

  7. *I guessed that the password "key" icons had the right string and somehow got that back into the login dialog.

  8. I can't tell from the UG whether a second vault sits side by side with the primary vault or inside it. I'd like to have a second vault for a different class of passwords. I can't see how, if I have already created a login I could move it from one vault to the other.

Donald

Comments

  • Megan
    Megan
    1Password Alumni
    edited October 2014

    Hi @DonaldWardlaw‌

    I'm so sorry to hear that you're having trouble with 1Password, and I'll do what I can to help you sort things out! It's awesome that you have decided to increase your security and improve your lousy passwords. :)

    Unfortunately, I don't have a printed copy of the User Guide here, so I'm not certain I'll be able to follow exactly what you're seeing, but we'll get through this. :)

    What I see in use, differs from the User Guide. e.g., p. 14. I see the categories in the mini dialogue in the main window, but not on the mini window.

    In this case I'm not quite sure where you're looking ... Could you tell me a bit more about which categories you see in the main app but not in the mini? There are some categories that will not be visible in the sidebar or the mini until you create an item in that category. The ones that you should always see in both locations are the Primary categories: Logins, Secure Notes, Identities and Credit Cards.

    I've installed the extension more than once. It has asked me to install it more than once.

    I apologize for the trouble! Is it staying put now as it should?

    p. 18, welcome to extension. I never see this.

    The welcome to the extension pane will only show up once, after a successful installation. Do you see the 1Password extension in your menu bar now? If so, I wouldn't worry too much about this message.

    I am able to save an existing login as a login in 1P. Changing it to a more secure pw is a frustrating crap shoot. On two bank accounts I've managed to change the password to a suggested one that 1P doesn't automatically remember or prompt me to remember, thus leaving me unable to log into my accounts. This puts me into the security checks of the banks to get a password reset, which I did. I did manage to get it remembered, just by improvisation*. It's making me very shy about using this program, no confidence it will do what it is supposed to do, or more particularly what the UG says it will do and how it will do it.

    I'm so sorry to hear that 1Password wasn't recognizing when you changed your password for your bank. I don't blame you for being a bit wary here.

    The good news is that we do have a couple of safeguards built in here to help you out. By default, whenever you click 'Fill' to fill a generated password from the Mini into the password fields, this new password will also be copied to your clipboard. You can confirm that this option is selected by clicking on the arrow next to the 'Fill' button: 'Copy to Clipboard Before Filling' should be checked. Then, if 1Password does not prompt you to update your password after you've filled it in, you can simply open the entry in the main app, and paste the new password from your clipboard into the appropriate field.

    As an additional safeguard, all generated passwords are also saved into the 'Passwords' category. So again, if 1Password doesn't ask you to save a password, simply go to the 'Passwords' category, find the most recent entry and copy/paste it into your existing Login.

    p. 26, steps 4 and 5. The pw I tried to update tonight, I could not reliable put the new generated pw into the new pw field on the website. "Fill did nothing." Copy and paste didn't work. If I copy the pw text in the window, and then paste it somewhere, like in a sticky to remember it, it doesn't paste the same set of characters, so again I'm not confident I'm creating the pw that 1P will remember.

    Could you tell me which website you were attempting to fill a password on? I'd like to do a bit more testing here - something sounds a bit odd.

    Since I'm not confident of what is being entered if I paste, I hesitate to hit the "change password" button to conclude everything because twice I did that and was locked out of my accounts.

    I hope that my suggestions above help with this hesitation. Again, I don't blame you for being a bit wary of changing passwords when you're not completely familiar with the process. Do you have a Google Login? It might help to go through the process of changing your password step-by-step alongside the User Guide (which uses Google as an example) to ensure that you have the workflow down before moving on to other sites.

    *I guessed that the password "key" icons had the right string and somehow got that back into the login dialog.

    It sounds like you found the 'Passwords' category and managed to get things sorted out - that's great! I hope my previous explanations help to tell you a bit more about why your generated password was in that category.

    I can't tell from the UG whether a second vault sits side by side with the primary vault or inside it. I'd like to have a second vault for a different class of passwords. I can't see how, if I have already created a login I could move it from one vault to the other.

    I'd be happy to explain a bit about multiple vaults here. Our document gurus are still working on polishing up some articles for our User Guide, and I apologize that we don't have one to walk you through this process yet.

    The real benefit to multiple vaults is sharing. This feature allows you to share some of your secure information with family or co-workers, while keeping your personal details private. In previous versions of 1Password, users only had the option to share their entire database, or none at all. Clearly this is not an ideal situation - there are some items that I need to share with my co-workers, but I certainly don't want them seeing my personal Facebook Login or my banking information! So, multiple vaults were created to meet this need. I now have a family vault, a work vault, and my primary (personal) vault.

    If you're a single user, just looking to organize your information, I would consider looking into Tags or Smart Folders (or just plain ordinary Folders if you prefer). In most cases, a single user might not need to separate data into different vaults.

    It is important to note that unlocking your primary vault with your Master Password will also unlock all secondary vaults. This is done to ensure that you only have to remember one password, no matter how many vaults you create. This also means though, that a secondary vault is not necessarily 'inside' your primary vault. It's not an extra layer of security. Your strong and unique Master Password should be all the protection that your data needs. :)

    I hope this helps to explain things, but of course we're here if you have any further questions or concerns!

  • DonaldWardlaw
    DonaldWardlaw
    Community Member

    Hi Megan,

    WRT the user guide, it's on your website, that's where I downloaded it.

    I'm sorry, but it's too easy to do something confusing.

    For example, I have a Charles Schwab account. I logged in with my old password. I never received a "save login" dialogue. I then went into their change password zone. It allows me to save the password, answer a security question or change it, and my log in id. I entered by current password then clicked on Password generator. It filled in every field, including the hospital I was born in. I clicked on save password and was told I couldn't save the login name at this time, call a phone number.

    Did it put a new password in? I now have a log in with an icon for this site. I now have a password key for this site. Both the log in panel (in the main window) and the password key shown password strength. The login panel shows a weak password, like my original one. The password key shows a very strong one.

    Either one will log me into the site and take me to ----- the change password page. That requires a log in because from that page I can also go to all my accounts. Yet, the visual feedback I'm getting from 1P is that there are two different passwords, of different strength, being used to log into this site.

    If confusing situations are this easy to come by, I'm really then very gun shy about trusting what is going on with this program.

    I guess this is enough for now.

    Donald

  • Megan
    Megan
    1Password Alumni

    Hi @DonaldWardlaw‌,

    I understand that you're using the Guide from our website, but when I'm viewing it online, I don't get page numbers. That's where my confusion was coming in. If you'd like to continue to discuss the Guide, I'll be sure to download a copy so I can better see what you're seeing.

    I have a Charles Schwab account. I logged in with my old password. I never received a "save login" dialogue.

    I just went to (what I think is) the main page of Charles Schwab: https://www.schwab.com, and entered some dummy data into the log in fields. When I hit the 'Log in' button, 1Password popped up to ask me to save my details, as expected. Did you already have these Login details for this site saved in 1Password? If 1Password recognizes that you already have saved details for the site, it won't pop up to ask you to save the details a second time, unless the details that you are filling in are different than the ones saved in 1Password.

    If you do have your details saved in 1Password, there's no reason for you to ever type them again. When you're viewing the Charles Schwab log in page, you can use ⌘\ ( Command- \ ) to fill the details from your Login entry in on the form.

    I entered by current password then clicked on Password generator. It filled in every field, including the hospital I was born in.

    That's definitely a bug. Now, because I don't have an account with Charles Schwab, I can't see that page. If you'd like to help us improve 1Password's behaviour here, please go to the change account page, then use File > Save As in your browser's menu bar. Select the format 'Page Source' and save to a memorable location on your drive. You can email that file in to us at support+forums@agilebits.com and I'll be sure that our filling gurus take a look at it.

    I clicked on save password and was told I couldn't save the login name at this time, call a phone number... Did it put a new password in?

    If you clicked on the 'save' button but received a message that the password couldn't be saved, I would imagine that your original password is still the current one.

    I now have a log in with an icon for this site. I now have a password key for this site.

    The 'Login' item with the icon for the site is the one you generally want to use. The item with the password key, in the 'Passwords' category is simply the generated password that you created while viewing the page. Because a 'password' item generally just contains a password and a website address, it won't be able to log you in.

    Either one will log me into the site and take me to ----- the change password page. That requires a log in because from that page I can also go to all my accounts. Yet, the visual feedback I'm getting from 1P is that there are two different passwords, of different strength, being used to log into this site.

    I think I understand where things are getting tangled up here. When you click on the 'Password' item, you're taken to the change password page because that is the website you were viewing when the password was created. However, you mention that it "requires a log in." So it doesn't sound like the password that is saved in the 'Password' item is actually the correct password.

    If your 'Login' entry is also taking you to the change password page, could you check and see what website address you have saved in your Login? It sounds like you may have saved your details using a different page than the main log in page. I'm including a screenshot of the test Login that I created, as an example.

    I hope this helps to explain things a bit, but of course we're here if you have further questions!

  • DonaldWardlaw
    DonaldWardlaw
    Community Member

    Megan,

    Thank you for your patience.
    If I do what you say vis-a-vis the schwab page, will I be sharing confidential information?
    Somehow I managed to save the change password page. But it requires a log in to get there. Either the save pw or the login icon takes me there.

    Trying to be constructive, I'm starting to think the 1P is jumping to conclusions and that more steps, clearly identified, so it is clear what it is doing would, give less confusion. Maybe even a chart showing progress and the ability to reverse and fix things as it progresses. As an example, when fields are filled in while I'm watching, all I see are black dots. There's no feed back that gives me assurance that the right things are being filled in. Sometimes they are not.

    Also, with respect to vaults, as I understand it, all vaults use the same pw because someone things remembering two would be too difficult. Actually 2 is not a problem. 25 is. Further, what I'd like to be able to do is have one area that would be open to our bookkeeper and another area open only to me.

    Thanks. Don't worry. I'm patient. Hope springs eternal.

  • Megan
    Megan
    1Password Alumni

    Hi @DonaldWardlaw‌

    If I do what you say vis-a-vis the schwab page, will I be sharing confidential information?

    It was my understanding that saving the page would save only the website's code, but just to be sure I've checked with a few colleagues, and there is a chance, depending on the site, that it might include some personal information, so let's hold off on that for now. I'll see if I can find a colleague who has a Charles Schwab account so we can test that out on our own. :)

    As an example, when fields are filled in while I'm watching, all I see are black dots. There's no feed back that gives me assurance that the right things are being filled in. Sometimes they are not.

    How your username and password are filled in on a site is up to the website itself, not 1Password. Some sites will choose to obscure the password, while some will let it be displayed in plain text.

    Also, with respect to vaults, as I understand it, all vaults use the same pw because someone things remembering two would be too difficult. Actually 2 is not a problem. 25 is. Further, what I'd like to be able to do is have one area that would be open to our bookkeeper and another area open only to me.

    1Password's new multiple vault feature was designed so that you still only have to remember one password, no matter how many vaults you create. Your primary vault holds the encryption keys for all of your secondary vaults. This means that unlocking your primary vault will give you quick and easy access to all of your data, regardless of which vault it is stored in.

    However, you still can unlock a secondary vault on its own. In the main app, use 1Password > Switch Vault menu. (In the 1Password mini, click on the lock image on the lock screen to select the secondary vault.) Please note that when you unlock the secondary vault alone, all other vaults will remain locked. You won't be able to copy items between vaults, and you will need to enter your Master Password to view another vault.

    We have an article on how to share a non-primary vault. This is likely what you would want to do for your bookkeeper.

  • DonaldWardlaw
    DonaldWardlaw
    Community Member

    Hi Megan,

    I'll get you the Schwab source.

    WRT vaults, you are saying I only need one pw, and every vault has the same pw, but I can open one and the other with the same pw?

    Then, what is the point of having two vaults? If someone knows the pw to one, they know them to all, correct? Like having two drawers in a chest, once you are in the bedroom you can open both, even the underwear drawer.

    Today I receive a second form email from Mr. Teare. He said:

    "if you prefer to have more control, you can manually save logins by selecting Save New Login from the Settings menu."

    Maybe I'm dumber than a fence post, but I've looked in the main app menus, and the mini app menu and there is no "Settings menu."

    In a great app, confusion is difficult, even for timbers.

    Donald

  • thightower
    thightower
    Community Member
    edited November 2014

    @DonaldWardlaw‌

    The email may have been referring to the extension settings.

    Here is a screen shot :

  • Hi @DonaldWardlaw,

    WRT vaults, you are saying I only need one pw, and every vault has the same pw, but I can open one and the other with the same pw?

    That’s why the app is called 1Password as in one master password. Think of it as a master key in a building, it can unlock any doors in the building but each door has its own key you can unlock.

    Each door is locked with its own lock just like your vault has its own vault password.

    To summary it a bit:

    1. Your primary vault holds the master password to unlock everything in your 1Password database, meaning all secondary vaults as well.
    2. All vaults are encrypted with its own vault password, it is not replaced by the primary vault’s master password. We simply encrypt the key used to unlock your secondary vaults with the master password
    3. If you unlock with the master password, all vaults are unlocked
    4. If you switch to a secondary vault, you have to use that vault’s password, not the master password to unlock it.

    Then, what is the point of having two vaults? If someone knows the pw to one, they know them to all, correct? Like having two drawers in a chest, once you are in the bedroom you can open both, even the underwear drawer.

    No, it’s more like two rooms in a building. A super with the master key can unlock both rooms but the tenants that has the key to one of the room cannot unlock the other room.

    In this case, when you send the vault to your family member or co-worker, they do not actually get the data related to your primary vault, just that specific vault. The vault does not contain any information about any other vaults in your 1Password database nor does it contain any keys belonging to your 1Password database. For them to unlock the vault, they must use that vault's password.

    "if you prefer to have more control, you can manually save logins by selecting Save New Login from the Settings menu."

    Thightower in the above post shows where the setting is but it might be difficult to see in the dark mode on Yosemite. We’re working on an update to fix this. For the regular light mode, here’s what it look like:

  • DonaldWardlaw
    DonaldWardlaw
    Community Member

    Thanks for all the assistance. This app is taking more time than I expected, but it still seems like the right approach.

    To clarify one detail about vaults. If I read the responses correctly, secondary vaults can be accessed remotely over iOS, they can be shared. What I was hoping to find, however, was that someone who had direct access to my computer (my bookkeeper does) could have limited password access. But she could not get to a secondary vault on my computer without first entering the master password, thereby giving access to all logins. Is that correct?

    The landlord tenant analogy breaks a bit in this situation. Ideal for me, would be side by side rooms (separate pws), or a room within a room that required a second password for entry. <3Passwords. Have marketing take a look at this ok?

    Maybe my needs are not in the main stream.

    Megan, I'll get the Schwab info to the address you included.

    Thanks again,

    Donald

  • Megan
    Megan
    1Password Alumni

    Hi @DonaldWardlaw‌

    Thanks so much for your patience here - I'm glad that you're taking the time to understand this all. I know it can be overwhelming and confusing, but I'm confident that 1Password can make you more secure, and save you time online.

    If I read the responses correctly, secondary vaults can be accessed remotely over iOS, they can be shared.

    Using Dropbox, you can sync your secondary vaults to your iOS devices, and you can share the secondary vault with other users.

    What I was hoping to find, however, was that someone who had direct access to my computer (my bookkeeper does) could have limited password access. But she could not get to a secondary vault on my computer without first entering the master password, thereby giving access to all logins. Is that correct?

    Your bookkeeper can access a secondary vault directly, without having access to the Master Password that you use to unlock your primary vault. Here's how it will work. When 1Password is locked, it will default to your primary vault and request your Master Password. However, when your bookkeeper wants to view the secondary vault, she can use the 1Password menu and select 'Switch to vault'. Once she selects the secondary vault with the data that she needs, she'll enter the password for the secondary vault on the lock screen. This will give her access to the secondary vault only. If she tried to switch to your primary vault, 1Password would require your Master Password, so your personal Logins would still be secure.

    I hope this helps!

This discussion has been closed.