Restricted passwords
I created my initial user name and password for my MediCare account. I have since purchased and installed and started using 1PW. I am converting all of my old, short, weak passwords using the password generator in 1PW. The requirements for a new password on the Medicare website are: "Password must be changed every 60 days (!) and must be: 8 to 16 characters, at least one letter, at least one number, one or more of special characters @!$%^*(), different from previous six passwords, not the same as user name and may not contain M’Care number or SSN." I can set the 16 character max and I can allow numbers and set how many to allow but I have options only to allow special characters and set a number of those to include OR disallow special characters. I need an option to allow specified special characters as listed by MediCare. Is there a work-around that will allow me to do that in 1PW? I tried to find one and it appears not to be available. PS: I did find numerous complaints about inability to set password parameters for single sites. I hope the 1PW team can read the tea leaves and see that this should be a priority item for a subsequent upgrade if there is not a way to deal with this now.
1Password Version: 6.01
Extension Version: 4.5.3
OS Version: OS X 10.11.3
Sync Type: iCloud
Referrer: forum-search:Medicare Password criteria
Comments
-
If I allow 1PW to generate a password and I save it on the site and I update it in 1PW but then discover it doesn't work for the site, probably because of inclusion of a disallowed special character, can I edit it for the site and the 1PW details so that it will work (by finding and changing the disallowed special character)? I can find it in the "Passwords" list and retrieve it safely, even if it doesn't get "saved" to the 1PW login details list, thus not risking a lost and unrecoverable password, but my question is about the ability to edit it so the Medicare requirements are then met for the website and than saving it again or even saving it manually into the 1PW details section as a manual edit.
0 -
Hi @dmiller0219,
Thanks very much for the suggestion,
Unfortunately it would be a complicated scenario to have that sort of setup. It's quite a complicated process to implement the sort of solution that would make the right controls for any and every website out there and their requirements. But that is definitely on our radar and have had a lot of discussion about it.
Fortunately, you should easily be able to configure the generator to get a base password (right length, valid characters), and then just directly edit the generated password to contain some special characters of your choosing.
0 -
I tried to edit a generated password but that didn't seem to be something either 1PW or the site wanted to allow. The password generator window would disappear every time I tried to delete or replace a character. What I did do that seems to have worked, however, was to set password preferences that included all the other requirements and the necessary minimum if one special character and then generate a password and review it for the disallowed special characters. The first three I got by clicking the "regenerate password" button in the password generator window all contained disallowed special characters. The fourth try was a password that fit the criteria. I used that one, hit "fill", and saved it as an update to my entry into 1PW. I have since tried it and the new login works fine. The message I got after the attempted substitution showed "success" and the 1PW software was OK with all the intermediate changes and didn't get confused or lose my password. All I had to do to make this workable for the long term and to allow me error-free password changes every 60 days was to add the list of allowed special characters in the "notes" window of the details section of my login entry for reference while generating and choosing my subsequent passwords. That will allow me to check the password without risking a lot of hassle from making an erroneous entry or having it disappear into limbo and having to find it and cut it and paste it to restore it and then having to go through the change process again if I make a mistake.
0 -
Hi dmiller0219,
Glad to hear you got it working. We are always looking at ways to improve situations where web sites restrict password choices. The challenge is that different sites have different restrictions.
Thank you for writing in. We appreciate your feedback and how you worked around the restrictions.
Cheers,
Kevin0
