Saving 1 Password generated passwords - it's happening too soon now!
The previous version of 1 Password waited until the website accepted the 1 Password generated password as valid before asking if I wanted to save / update the password in 1 Password. Now, it asks prior to the site accepting it as valid (and there's now way to delay the process). Am I doing something wrong?
1 Password for Windows; Version 7.3684; using Chrome.
1Password Version: 7.3684
Extension Version: 1.15.2
OS Version: Windows
Sync Type: DropBox
Comments
-
@myred4re: Thanks for reaching out. I’m sorry for the confusion! Just to make sure we're on the same page, you listed "Dropbox" as your sync method but gave the version number for 1Password X, which does not work with Dropbox, only with 1Password membership accounts. So let me know either way. :)
But if you are using 1Password X, you're right that it saves the password when you fill it. That's both because it's running right there on the page (and there is no guarantee that it would be in the same state when you change pages) and so you have it saved right off the bat just in case. In a situation like you describe though, if you fill and save a new password and then find out afterward that it isn't accepted, you're not out anything: just generate a new password, and instead of saving a new Login item, update the existing one instead:
I hope this helps. Be sure to let me know if you have any other questions! :)
0 -
Sorry Dash my mistake on the dropbox mention. That was my older version of 1Password that used dropbox.
I still think that I am stuck however. Here is a better explanation. I realize that some of my passwords are weak. If I go to the site and try to update the password, many times, it asks for my current password. If I use my current password and then a new password generated by 1password, 1password immediately asks me to save or update and I don’t know yet whether the site has accepted the newly generated password. Make sense?
0 -
@myred4re: Thanks for clarifying! That makes perfect sense. :) In that case, if the new password is not accepted, you can simply try again, saved and then if it is accepted you're good to go. We just don't want people getting locked out of accounts, so we're a bit aggressive about saving when we can be.
One wrinkle you might encounter though is this:
- Enter current password
- Enter generated password
- Update the existing Login item with it
- Website rejects password
- Website requires current password to try again...but it was replaced with the rejected password in #3
- View the Login item's details and get the previous password under "previously used passwords"
- Attempt the password change and update again
Cheers! :)
ref: x/b5x#1273
0 -
@sixtram: I'm not sure I understand the "confidence loss" comment, since 1Password has your back and you'd have it under "previously used passwords", as I mentioned above. Certainly it's inconvenient (and bad security) for websites to be finicky about password composition/length, but 1Password can help with that. If you need help with 1Password though, just let me know. :)
0 -
@brenty I have a similar issue but not really sure what the suggested solution would be.
My issue is that when I manually edit the new password (due to it being too long for a website with crappy password security restrictions) it doesn't save the edited one, only the one it originally generated.
Perhaps there might be some way to hook into the "put" or prompt after the page change to see if it was accepted?
0 -
@deviant – Thanks for chiming in! I wanted to clarify something real quick. Are you referring to manually editing the password as in changing a few characters in the password you generated in the 1Password X popup like the following screenshot?
Or are you referring to editing the length/numbers/symbols and that not being reflected in the 1Password X inline menu?
I'd rather be sure before answering your question.
0 -
Generally I end up noticing that it is too long and simply back spacing in the password field on the site. I usually don't change the settings on the generator because then I generate (relatively) less secure passwords until I remember to change it back. Is the solution to have it generate a new one and edit it in the generator?
0