Reused Password and Trash

The other day I was going through my vault and noticed that I had 21 accounts flagged as having "Reused Passwords". This did not make sense as 1Password had added an item to each of the 21 accounts making it look like there were duplicates. I elected to move those "extra" items to the Trash bin. Then tried to empty the Trash bin ... to no avail.

Researching the Forum provides a clue that there is a bug with the system in that a duplicate entry is created for the same account which then creates the Reused Password scenario. It appears that this "feature" may occur when passwords are changed/updated. Is this a true bug or feature"? If a bug, any idea when it will be addressed?

Which then leads to the 2nd question ... "why the Trash Bin cannot be emptied".

I have attached an image of a couple of items in the Trash Bin.


1Password Version: 7.3.657
Extension Version: 4.7.3.90
OS Version: Win10 Pro 1809 Build 17763.379
Sync Type: Not Provided

Comments

  • MikeT
    edited April 2019

    Hi @BobArch2,

    Thanks for writing in.

    why the Trash Bin cannot be emptied".

    There's a known refresh bug in 1Password where if you empty the trash, it is done but the app doesn't refresh the list. If you exit and restart the app, the trash should be empty. This will be fixed soon.

    ref: opw/opw#1121

    It appears that this "feature" may occur when passwords are changed/updated. Is this a true bug or feature"? If a bug, any idea when it will be addressed?

    This is intentional as a safety measure; when you use 1Password password generator to change the password, 1Password will automatically save a copy of the password as a Password item in case you submit the password change to a site but 1Password extension doesn't prompt to update the Login item. That means you could get locked out when you try to sign in with the same Login item but it failed because it still has the old password.

    In a future update, we are going to clean up redundant Password items automatically as long as they share the same URL and password. In addition, we are going to do a quick improvement soon to stop Watchtower from flagging multiple items that have the same URL and password combination.

  • llcibm
    llcibm
    Community Member

    Is there a way to force WatchTower to refresh the "Reused Password" field count and on the individual logon entries?

  • It should update dynamically when you make changes, @llcibm. To my knowledge, there are no existing refresh issues that would cause it to persist, so if you are seeing reused warnings, chances are there is another item using that password somewhere. While we've updated to avoid flagging Password items created when you change a password most of the time, this does still depend on the password being generated on the same domain as that associated with your Login item, so it's not totally foolproof depending on how each was saved.

  • llcibm
    llcibm
    Community Member

    Thanks for the update @bundtkate , Turns out I had to delete the duplicate "password" entries and the count became more realistic.

  • Greg
    Greg
    1Password Alumni

    Hi @llcibm,

    On behalf of Kate you are very welcome! I am glad to hear you see the correct Watchtower count now.

    If you have other questions, we are always ready to help.

    Cheers,
    Greg

This discussion has been closed.