Changing All My Passwords Can Be Frustrating
I'm probably not doing something properly that creates this problem...hence I'm posting here regarding my rising frustration level. :)
I'm in the process of changing all of my passwords, as it seems a new data breach exposing passwords is happening every week somewhere. I know that 1Password is the key to attaining a higher degree of security, but I'm getting a bit frustrated as I work towards changing my password on all of the sites I have saved in the application.
My biggest frustration is not knowing when 1Password will offer to create a new login or update an existing login. Here's what happens way too often for me:
I go to a website and navigate to the page where I can change my password. I'll use the 1Password browser extension (Safari) to fill in my current password (doesn't always work...sometimes it puts the password where the username goes...sometimes nothing happens). Then I'll change the focus in Safari to the new password field and go back to the 1Password browser extension to generate a new password. If I choose Fill, sometimes it fills in the fields (typically most sites want you to enter the new password twice) properly...sometimes it doesn't. At first, I wasn't concerned, as it was my understanding that it not only fills in the fields, but saves the newly generated password to the clipboard.
So, given the above sequence, I'll click Save on the web page to save this new password. And here's where it gets dicey. Sometimes I don't get a 1Password prompt to create a new login or update the existing login. At this point I'll go into the 1Password application (not the browser extension) and select the password I need to change...then click Edit. I'll erase the old password and paste the newly generated password into this field. But all too often, after I erase the old password and try to paste the new one in, there's no paste option available...meaning, it didn't save the newly generated password to the clipboard.
At this point, I've no choice but to go back to that website and go thru the steps of resetting my password. This time, I'll still have 1Password generate a new password for me, but instead of selecting Fill, I choose Copy. Then I manually copy this new password into the web site fields and, before leaving this site, I go back into the 1Password app (again..not the browser extension) and edit the the item, pasting this new password in. Then I go back to the website and click Save to save this new password.
How can I streamline this process to ensure that every time I generate a new password, 1Password updates it in the app?
1Password Version: 7.2.4
Extension Version: 7.2.4
OS Version: OS X 10.14.2
Sync Type: iPassword
Comments
-
Hello @mhosborn,
So there is one piece of 1Password's behaviour that I believe is working against you and that you're not aware of and then something else that 1Password is doing that you might find useful to know.
So the behaviour that is probably working against you. In 1Password's preferences, in the Security tab you should see an option titled Clear clipboard contents after x seconds. That applies to copying the generated password to the clipboard whenever the Password Generator used as well as any other copying from items in general. I'm not sure what the default value is but mine is currently at 30 seconds.
You can leave that option enabled though as while we do want 1Password to always prompt at the correct times the staggering variety in page designs mean we need a safety net in place in case things don't go as planned. Any time you use the Password Generator a Password item is created in your default vault as specified in the Vaults section of 1Password's preferences. If 1Password correctly prompts to save/update and you do so then 1Password will delete the Password item, it's purpose fulfilled. If that doesn't happen the item will remain in your vault and not only will it contain the generated password and timestamp but the title and website field will reference the open page in the browser. So in the worst case scenario you should never be locked out of an account because a generated password was used but not correctly recognised by the extension.
Could that help a bit?
0 -
Your reply helps tremendously...thank you!
LOL....I don't want to think about how many minutes I might have saved had I known 1Password saves each and every password created with the Password Generator!
(I assume that, if you're creating a password using the Password Generator and use the regenerate button three times, it will save all three generated passwords?).
0 -
Greetings @mhosborn,
Thankfully 1Password won't save multiple Password items if you use the regenerate button, I would imagine that would cause a lot of confusion for you and I if it did. You can safely generate new passwords until you find one acceptable and it's only when you perform an action that suggests you're going to use the password that the Password item is created. You can even edit the generated password (it's just a standard editable text field) and it's the edited password that would be recorded.
Actions that will see the Password item created are using the action button to the right of the generated password either with the default Fill action or if accessing the small menu via the ∨ the Copy action. Selecting the password and copying it to the macOS clipboard via the standard macOS techniques will also have 1Password do the right thing.
If you have any follow-up questions please do let me know :smile:
0 -
Thank you, Bobby.
Another follow up question, then, if you don't mind...
Once I've saved the password into the appropriate 1Password record and tested it to ensure it works on the site, is it good practice to delete the Password record? I see there are quite a few of those in my 1Password file (60 of them, actually).
0 -
Greetings @mhosborn,
Please, keep asking questions until you're thoroughly satisfied you're getting everything out of 1Password and I'll try to be a bit more prompt in getting back to you.
If you do reach the point where you have Password items for site A and having tested you know with absolute certainty that the Login item is good then yeah, I would delete any now redundant Password items. Whatever their reason for still existing is, if you've got a good Login item that's you covered. In the really unlikely situation that you delete a Password item you later discover you need there's the 1Password Trash which is only cleared when you explicitly instruct 1Password to empty it. So there is even a second layer of protection there but given your good practices in testing the Login item I don't see you needing this extra layer. Always good to know what protection there is though.
0 -
Thanks, Bobby.
I probably will delete all those Password entries, if for no other reason than to make it less confusing when filling fields on an iOS device, since sometimes I'm not sure which of multiple 1Password choices I want.
0 -
I'd agree, if you know they're useless for whatever reason then their continued presence can really only potentially cause confusion down the line or at best slow down locating a new entry. My macOS Downloads folder often looks a mess but I do keep a tidy vault :lol:
0