feature suggestion/request: tell me to change password every X days/months

First, love your product, sold all my family and many of my coworkers and peers on it.

Just got word of a Twitter database breach that may include plaintext passwords, so went in and updated the Twitter password. I heard about it very much by chance, however, and it’s possible that my password could have been left alone for some time.

Database breaches that I haven't heard about probably happen all the time. One way to mitigate the damage would be a 1Password preference where the the software prompts me to login and change passwords after they have been stored for some preferenced period of time (I'd go with a year, smarter people might choose a shorter period).

Another would be if Agilebits had a service that pushed notifications for publicized breaches, but that might be a bit much to ask of you. On the other hand, it could sell some of us on subscription packages…


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • PilarPilar

    Team Member

    Hi @Eric_WVGG,

    Thank you for your kind words! I'm glad that you like 1Password so much :chuffed: While we don't have a feature that reminds you to change your password periodically, we're one step ahead on your second suggestion!

    1Password Watchtower checks for website vulnerability information and gives you an alert suggesting you to change a password if it might have been compromised. If you want to enable Watchtower go to Preferences on 1Password and click on Watchtower.

    You can read more about Watchtower and how it works on this blogpost by Jeff Goldberg, our security expert:
    https://blog.agilebits.com/2016/01/28/more-watchtower-still-no-watching/

    Please let us know what you think about this and if you have any other questions that we can help you with! :chuffed:

  • margeaumargeau

    Hi @Eric_WVGG,
    I have thought about this same thing, knowing some of my passwords are surely over a decade old by this time. If you are looking at the Security Audit section in the left side panel of the Mac app you will see 3 items under Watchtower which filter entries by age. This stops short of a notification, but does allow you to easily review your credentials at an interval of your choosing.

    Your post has motivated me to be more proactive. Thanks, Margeau

  • brentybrenty

    Team Member

    @Eric_WVGG, @margeau: I'm glad to hear that you're taking a look at areas where you might improve your security! Watchtower and Security Audit are great tools for this, but I did want to mention something that might save you some hassle without compromising security.

    So long as you're using a long, strong, unique generated password for each login, there's no need to periodically change any unless they've been compromised. After all, even if one is stolen, it won't affect other accounts. And using an awesome random password also ensures that no one will be able to guess it or brute force it. Cheers! :)

This discussion has been closed.