Smart Folder: Required Action

MrC

What is the meaning of the Required Action term when constructing a smart folder? The possible selector values are None, Unknown, Change Password and Avoid.

How are these values set within an entry? What are their meanings? It would seem that Change Password would be a flag based on some of the tests in Security Audit, but I find the results make no sense. And what is Unknown? And how do I set an entry to be flagged as Avoid?

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

littlebobbytables

That is a very good question @MrC and the answer is I don't know. I shall make a point of enquiring tomorrow when everybody is back, refreshed from their respective weekends. My thought is it might turn out to be some kind of leftover from a time gone by but who knows :smile:

MrC

Ok, cool.

While you're at it, take a look at the Weak Passwords security audit section. It seems to be missing some items. For example, the Change Password selector described above catches two entries with empty passwords, but these two are not found in the Weak Passwords audit.

I don't trust the Security Audit section!

Jasper

Hi @MrC,

I believe those are the Watchtower statuses.

• None: No action is required. This website has never been vulnerable, or your password has been changed since a vulnerability.
• Unknown: The vulnerability status could not be determined.
• Change Password: Your password has not been changed since a vulnerability occurred, and should be changed.
• Avoid: The site is currently vulnerable and should be avoided until it has been fixed.

MrC

Ok, great. But something is not working. I have two Login items that appear when Required Action is Change Password, but Watchtower shows no items. These Logins have no password values. But I have other Login items with no password values, and these do not appear under Change Password.

sjk

Hi @MrC,

I've noticed unexpected differing results like this with custom search and Security Audit matches.

I have two Login items that appear when Required Action is Change Password, but Watchtower shows no items. These Logins have no password values.

If you select Watchtower in the sidebar, then Edit > Find > Show Search Options from the menu (⌃⌥⌘F shortcut), do those items show up in the item list? Ignore which search options are displayed and click Cancel when finished.

But I have other Login items with no password values, and these do not appear under Change Password.

And none of those show up in the item list for both Watchtower and Weak Passwords?

Do any of all the aforementioned Login items have website fields/values?

Thanks for helping both of us figure out what's going on with this!

MrC

Yes, when I enable Show Search Options, the items do appear suddenly, and disappear when I Cancel out.

At least one entry (BuyMeAPie) does not have a password in the Password field (but does have web form password data and it is weak). It does not appear under Weak Passwords.

At least two entries do not have passwords, and do not appear under Weak Passwords like some other empty-password'd logins.

All of these have associated website values.

sjk

Thanks, @MrC. I believe that's helpful towards unraveling this mystery. :)

My understanding is/was that Login items without designated passwords never appear under Security Audit > Weak Passwords, but do appear in Password strength is less than or equal to weak search results. I filed a bug for this a couple months ago.

At least two entries do not have passwords, and do not appear under Weak Passwords like some other empty-password'd logins.

If indeed you have Logins without passwords that do appear under Weak Passwords then I'd like to determine why. That would contradict my previous findings for the bug report and I'd like to accurately update it.

I'll contact you later with more details. Cheers!

ref: OPM-3090