1Password X doesn't seem to be set up sensibly for handling new password creation for a specific case which I will describe below. I recently signed up for 1Password X and just finished going through the process of adding all my accounts and changing passwords where appropriate.
Most of the websites I want to change the password for, I'd already be logged in to. What this means is that the first time I save a password using 1Password is from the change password page of a given website.
A great example of where this leads to problems is Hilton's website. The change password page also contains fields / form entries for other sensitive information including telephone, address, and ID numbers for programs associated with Hilton (i.e. your ID number for AARP). Some of these fields are auto-filled by default, to the extent I had already given the information to Hilton. However, that doesn't mean that I want 1Password X to save these fields. Unfortunately, in some instances (like Hilton), 1Password X does save these sensitive fields.
An even better example of this would be www.ladwp.com. It's pretty clear this is bad design on LADWP's part, but the page to enter a new password opens with pre-autofilled fields showing the answers to my password recovery questions (i.e. my father's middle name). Obviously, not something I want 1Password X to save.
I understand that it would be very difficult for 1Password X to "know" which fields are sensitive / should not be captured and that capturing web field capture can be helpful for login. With this in mind, I have two questions:
What is the 1Password team's suggested "workflow" for saving new passwords using 1Password X? Is the correct procedure to first log out of the given website, then log back in and save the old password, then create the new password and update the entry? Is it wrong to initially save a new login from a change password page?
It seems like a lot of these issues could be solved by giving users more power to edit web form details, remove old passwords, remove item history entries, etc. Either that or create some kind of "cleanse entry" button that could remove old and unnecessary (and potentially sensitive) details from login entries.
By the way, other than this, love the service! Hope to hear your feedback soon.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided