Password generator feature request: add special characters to (non)sensical sentences

In 1password, the generator offers 2 choices: a garbled, totally senseless mash where you can specify the use of special characters and a 3(+x)-word-password where you can't. I absolutely despise the first ones, impossible to remember. But most websites demand numbers, special characters and caps in passwords now, making the 2nd option useless, so then I have to skip the generator at all.
Could you add special characters for the 2nd option?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @mcbohx: Not remembering them is the whole point, because then no one can guess them and -- ta da -- there's an app for that: 1Password! :) Word-based passwords are useful when you absolutely do need to be able to remember/type a password yourself, but they will never be as strong as a character-based password of the same length. We'll continue to iterate on the password generator, but adding a bunch of non-word stuff to word-based passwords makes them less-well-suited for their purpose. And you'll have a more secure and convenient time using the 1Password extension to save and fill random passwords so you don't have to:

    https://support.1password.com/1password-extension/

    Cheers! :)

  • mcbohx
    mcbohx
    Community Member

    Ta da -- oh yes! I know there's an app for that, but I do not want to rely exclusively on software and sometimes it is not available.
    And it's not about guessing: nobody can guess a random string of strange words, but it is incredibly easier to memorise some of them instead of garbled letters, and also easier to type! I hate it when I am forced to include all that rubbish and usually my passwords become quite Pr0fan3, then. If they want special characters, I'll fit them where they kinda make sense.
    I once read an article about the irony of passwords that are hard to handle for humans and easy for machines and could not have agreed more.
    What I am saying is that one of your two options for creating passwords is frustratingly incompatible with most login mechanisms, so you might either upgrade or remove it entirely.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Sure, it's easier to memorize words. Or weak passwords. Maybe you're able to manage all of them in your head, but I sure can't and I don't personally know anyone who can. And that leads to password reuse on top of using weak passwords. So it isn't something we're ever going to be able to recommend. I can definitely relate to frustration with the bizarre password requirements/restrictions some websites have though. I feel your pain. Fortunately, if a password you get isn't "compatible", you're just a click away from generating a new one -- and we have some ideas of how we might be able to automate that in the future as well. Thanks for bringing this up! :)

  • KishoreBhargava
    KishoreBhargava
    Community Member

    I feel adding the option of numbers and capitalisation to the "word" generator would actually solve this issue. Surely, that is not too hard to implement. You guys have done such an incredible job with the rest of the app!

    Cheers...Kishore

  • crackingtoast
    crackingtoast
    Community Member

    @brenty The request is not so passwords can be more easily memorized for type-ability. Sometimes you just can't fill a password or copy and paste. A Windows Remote Desktop login screen for example. I have multiple Windows logins for servers and the like. Those passwords cant be filled or pasted. They must be typed. In this case when I need to generate one of these passwords the ability to have numbers or capitalization would be nice.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @crackingtoast: I believe that the "Type in window" feature works with Remote Desktop software usually, but I'd need a specific example to test. Have you tried that?

    But you're right that in cases where you cannot use that or copy/paste, a word-based random password is the way to go. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @KishoreBhargava: While that conflicts with the primary use case -- memorizing and typing a password -- it's certainly something we'll continue to evaluate. We don't want to add too many options (and we are asked for many), but it's possible we could do something like that in the future. Thanks for the feedback! :)

  • KishoreBhargava
    KishoreBhargava
    Community Member

    @brenty Thanks for your response. I do understand the memorable passwords defeat the purpose of a password manager, but there are many use cases for remembering complex passwords. The master password for 1password is one example, and like I said passwords for a laptop or corporate active directory where the policy dictates at least 16 characters, with 1 upper case, 1 special symbol and one number as being the minimum requirement. My solution, for now, is to generate a password and then modify it. Not the most elegant way of doing it, but it does work.

    Cheers...Kishore

  • AGAlumB
    AGAlumB
    1Password Alumni

    I do understand the memorable passwords defeat the purpose of a password manager,

    Just to clarify, that's not what I said, and definitely not what I meant. Some passwords must be remembered, and that's generally not a decision you even have as a user. Nothing wrong with a password in any form that is random, strong, and unique. :chuffed:

    but there are many use cases for remembering complex passwords.

    Many use cases, but rare on the personal level. For example, for most 1Password users, the only password we need to memorize and type is our Master Password. ;)

    My solution, for now, is to generate a password and then modify it. Not the most elegant way of doing it, but it does work.

    Absolutely! The important thing is to be pragmatic and do what you need to for yourself, since everyone's situation can be a bit different. Glad you found a good option for your own use case. Cheers! :)

This discussion has been closed.