Feature Request - Security - Password Expiration

@MorgothSauron: Thanks for reaching out. I’m sorry for the confusion! Passwords should not be changed without good reason. Something like:

1. Password is weak
2. Password has been reused
3. Password has been compromised

For #1 and #2, since you're using 1Password, hopefully you're using long, strong, unique passwords for each website, so that won't be an issue in that case. And for #3, that still isn't time-based. A truly random password you generate today will be no better than one you generated in 1Password even a decade ago (unless you used a very short length originally, perhaps due to account limitations). So ultimately while it's definitely good to change passwords if there is something wrong with them, there isn't any security benefit to discarding them solely due to time.

That said, finding weak, reused, or compromised passwords is important. The desktop apps can help with this, with Watchtower (#3) and other Security Audit (#1 and #2) features. It isn't something 1Password for Android can do currently, but perhaps as devices become even more powerful, searching and filtering in real time will allow us to add these kinds of features there as well. Thanks for bringing this up! :)

Ok, without a password change (I use strong password generated by 1P) it would be interesting to know when password was changed the last time.

@MorgothSauron: I agree completely. We're working on some changes to the item editor, and version 6.7 includes modified dates in the item details. :)

With a filter sorting password by date I could identify 'sensitive' accounts for which I want a 'regular' password change (6 months to 12 months).

Again, this doesn't offer any security benefit then unless the account is compromised, just extra work for you. ;)

I can still add a reminder in my calendar for password change, but having application showing last password change would help track which one I changed and those I didn't.

Yup! :chuffed: