This is revisiting an issue from a closed 2013 thread in the Mac Beta forum.
I just went to create a secondary vault for securely exchanging passwords with my wife. I was greeted with the following:
Let’s count the serious problems here (I do not count as serious problems grammar issues, or the fact that the “only password you have to remember” tag line makes no sense in the context of secondary vaults—you probably do not have to remember a secondary vault password, but even if you do it is not the only password you have to remember):
I could go on at length, but the tl;dr version is already in the 2013 beta forum thread. In that thread, a plausible defense of the master password-composing advice in this vault creation box was offered: we don’t want to scare off new users with complicated ideas like diceware when they first encounter the app. While there is some merit to keeping vault creation simple in the first-use setting, this argument has no validity IMO in the context of creating a secondary vault. Fixing the secondary vault creation box to facilitate the generation and secure storage of a strong master password is worth doing for its own sake. As a bonus, It will probably yield lots of insights on how to improve things for first-time users as well.
The final status of that 2013 beta forum thread was “rest assured that we'll improve this in a future update.” I was very disappointed to discover this morning that the wait is not yet over. The continued absence of a random generator when creating a new vault—especially a new secondary vault—is just incomprehensible to me. And while I am on the subject of random generators, Agilebits has been advocating the use of randomly-selected words (diceware-style) in master passwords for many years—Jeff’s original “Toward Better Master Passwords” blog post dates from mid-2011. Your 1P/Mac customers have been waiting for a diceword generator for far too long.