Password Standards on Master Passwords of Individual Users

Is there a way for an administrator to set password policy requirements on Master Passwords of team members?


1Password Version: n/a
Extension Version: n/a
OS Version: n/a
Sync Type: Teams
Referrer: forum-search:master password requirements

Comments

  • BenBen AWS Team

    Team Member

    Hi @wlavallee,

    At the moment, there is not a way to define password requirements for team members. That may be something we can include in the future.

    Thanks!

    Ben

  • We just want to make sure people's master passwords are secure -- you know password1234 or something :)

  • JacobJacob

    Team Member

    Indeed. :) Hopefully we'll have something to help you do that down the road.

  • chasanchasan
    edited August 2017

    "Much of what I did, I regret": The guy behind password rules says sorry

    The next time you’ve been forced to reset a password after the umpteenth incorrect guess, clench your fist and shout the name Bill Burr.

    The man who literally wrote the book on passwords has admitted he didn’t really know what he was doing at the time.

    Burr, a former manager at the National Institute of Standards and Technology (NIST), was responsible for putting together a set of recommendations and standards around creating secure passwords in 2003.

    “NIST Special Publication 800-63. Appendix A” probably isn’t on your bedside table, but if you’ve ever been asked to create six-figure passwords with random numbers and capitalisations, you’ve felt its effect.

    Full Article

    http://www.alphr.com/security/1006567/password-rules-bill-burr-apology

    `

  • brentybrenty

    Team Member
    edited August 2017

    I loved reading similar articles about this. Honestly, he's a smart guy, and I think we can chalk this up to "no battle plan survives contact with the enemy": this engineering effort, socio-psychologically, resulted in adoption of these recommendations by companies which just frustrated users and resulted in a net loss of security. After all, in the context of password managers, these are good recommendations. But password managers didn't exist until roughly a decade ago, and many people still don't use them. And as a result, these practices drive those people to (re-)use predictable passwords. The bad news is that this stuff is pretty well-entrenched, but if we can get the word out change will happen in time. Cheers! :)

  • chasanchasan
    edited August 2017

    Honestly, he's a smart guy, and I think we can chalk this up to "no battle plan survives contact with the enemy"

    Well lets hope Bill Burr won't be on Robert Mueller list of subpoenas

    ~~~

  • FrankFrank

    Team Member

    Well I hope not (knock on wood). :smile:

This discussion has been closed.