I have way too many 1P generated passwords (and a question about how they work..) [resolved]

Hi, @camner.

First, I'd like to refer you to my response to @samangh: here. There's overlap happening between this and that topic so I may merge them, as mentioned there, so we're not all bouncing back and forth. :)

And here's something from @chrisdj:

The two items @sjk mentions are our first steps toward making it easier to remove or convert Generated Passwords. We'll naturally adjust as we observe how things play out in the mainstream. We need to start somewhere, and I think these two menu items are as good as any place to start. :)

"convert" being Convert to Login, about which you asked:

2. If there is no associated login, I can use "convert to login" to kill the generated password, yes?

That's one way of doing it, although unnecessary for items in the Passwords category you've determined no longer serve any purpose and can simply be removed. We'll eventually get around to ideas for figuring out which Password items matter or not; hang in there. :)

Okay, briefly, here's one. Duplicate Passwords usage under Security Audit is discussed in Jeff's blog post:

Time to give 1Password 4 for Mac’s Security Audit a whirl

Any Password items you spot in Duplicate Passwords may be candidates for removal, likely more often than for conversion to Login items.

Let's step back a bit and a look at which items might be in your Passwords category. Here's a brief description from @MikeT:

Passwords is just a simpler version [of Logins] where it is only focused on a specific password, key, combination #, codes or anything of that sort. It's also being used as a safety net for the 1Password's Generator Password. Each time you generate a password, a copy of it is recorded into Passwords.

The first kind are items you would manually create there, but completely optionally. The second kind are items that are automatically created there, which isn't an option.

So how do you manage those items, especially if manually and automatically created kinds are both stored there? Obviously you'd want to retain them while they still serve their intended purpose. :)

If you've chosen to manually create Password items then you'll need some way to identify them, e.g. with tags and/or in folders, so they won't get mixed up with ones created automatically. Then it's relatively simply to know which you want to keep and remove.

Knowing which automatically created Password items to keep and remove can be less obvious. You already know about Remove Redundant Generated Passwords and Convert to Login. RRGP picks items for removal; CtL leaves the picking to you (possibly with the aid of Duplicate Passwords mentioned earlier). And you asked:

1. Wherever there is a login and a generated password for the same site (even if RRGP didn't find it), if the login works, I presume I can kill the generated password?

Correct, when you're confident the Password item no longer services a useful purpose by being superseded by the Login item.

Then there's something like this:

For what it's worth, almost all of these "wrong" generated passwords were generated on exactly the day that the associated login was created. Sounds like something was amiss…

Offhand I can only speculate why. Maybe you unintentionally stepped on the Password Generator gas that day? :)

In one of my primary 1P4 vaults with all All Items, sorted by Date Created, I see this:

Since there isn't a Login item for Facebook created on the same day (or modified later) as that www.facebook.com Password item it's a candidate for status checking before removal. And the other three Password items there are more obvious fluff, making it likely the other is too.

With the Passwords category selected, another tip for weeding out remaining items for possible removal or conversion to Login is to search for the Title of any you're unsure of and see if that matches any other items. And tapping the Option key to temporarily reveal passwords in password fields and under Previously used passwords may even help.

As you can see by all that, there's a pruning process involved in getting the Passwords category into the shape where it may have more overall value then simply leaving it grow uncontrolled. Doing it initially may have some challenges, then managing it after that it can be relatively easy to sustain. One way to simplify it is choosing not to store manually created items there, or only have a small number that are clearly identifiable.

Hopefully that addresses most of your questions and concerns about this. Oh, and please forgive me postponing a bit longer what I'd still like to mention about your "specific incident".

Feedback welcomed. :)

You're welcome, @camner. My pleasure to help.

I think you're underestimating how much you understand. :)

The part I don't understand is what you describe as the "first kind," or "manual" passwords. This is perhaps because this is functionality that I don't think I use.

It's totally up to you how to make use of manually created Password items, if at all. :)

Someone might use Password items for storing information that isn't associated with a web site, e.g. lock combinations, alarm codes, VINs, etc., and doesn't fit well in other predefined categories,

Manually created Password items can act like "Generic" items.

Is this when there is some web site that has some entry that I want to remember (not necessarily a password) that isn't associated with a login?

Adding certain types of extra information (e.g. security questions/answers) in custom fields of Login items is generally preferable to having separate Password items for it.

Perhaps an example is the second of a two-step login process (as many banks use)?

Using Login items for additional pages of multi-page logins is still suggested for that purpose, at least when 1P4 can match an item with the page and possibly autofill on it.

Interestingly, autofill from the password field of a single Password item can be used with different sites. But it lacks site matching (except when no Login items override it) and additional form field autofill support of Login items. Sort of in a pre-Covert to Login state.

But let's not make this unnecessarily confusing. :)

I presume that the second, or "automatically generated" situation is when I click on the "generate password" button, yes?

Each time Copy or Fill is used in the 1P mini/extension Password Generator a new Password item is created. That's the only way new items are automatically added to the Passwords category. If there's another way it's probably a fluke/bug, like your unusual item overload:

As for stepping on the "Password Generator" gas pedal, I know that there have been a few times when I've clicked on the Generate Password button inadvertently, but it seems hard for me to believe that I did that 67 times!

Do you know/remember which date range those were create in? Maybe not easy to find since:

I now have 0 entries in the Passwords category

Nice!

I use the same password

Shhh. :)

Cheers!