"Password Strength" meter green bar graphic appearing slightly off place...

uwalakab

Using 1Password webpages for Family and Enterprise on the following browsers......

Firefox 70.0.1 (64-bit)
Chrome 78.0.3904.108 (Official Build 64-bit)

Have you noticed how the green bar is misaligned? (see attachment).
Seeing this on both Windows 10 Home and Enterprise.

Please can you check this out? Many thanks.

(Also tried restarting browsers and rebooting OS, even tried this on different machines, but to no avail)

Regards,

Benet.

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Password Strength meter

Greg

Hi @uwalakab,

Thank you for reporting this!

I am seeing the same on my side, so I will forward your report to our team. We will take a look at what happened there. :)

On a related note, is there a particular reason you use the web interface on 1Password.com and not 1Password apps that are available for both macOS and Windows?

Thanks in advance!

++
Greg

ref: dev/b5/b5#7069

uwalakab

Hi @Greg

Personally I use 1Password X in Chrome and Firefox more so. This is because many websites I use require password access and hardly any desktop apps that I use, do.
Also I think it has become a force of habit for me that as I use 1Password X more I don't really require the desktop app. I personally found that 1Password X does what I need and it kind of (for me) made 1Password desktop like an extra and not required.
I use the website 1Password.com for quick password maintenance (as 1Password X will take you there when you "Edit" a password entry) and also it has nice little touches like "Large Type" of the password shows the number of characters in the password (handy for systems that request specific character positions of a password, like "Please enter characters 2,4 and 7 of your password".
HINT: This would be good to have on the Android app too.)
Also the website shows things like "Authorized Devices". I know that the Android app does not have this, but am not sure if the desktop app does.

Regards,

Benet.

uwalakab

Hi,

Just another thought... Do you think it'd be possible to have the password strength indicator on the app like you have on the 1Password.com site version? The app has Watchtower so maybe the indicator would be good to have too.
What do you think?

AGAlumB

Thanks for the additional feedback! I'm glad that you're enjoying 1Password X so much. :) 1Password for Android does support Large Type, but I agree that numbering each character could be helpful in some situations, and perhaps we can do something similar to a "password meter" as well. None of the native 1Password apps (yet?) support advanced account management features like viewing Authorized Devices, but we would like to add more stuff like that in the future. Cheers! :)

ref: dev/android/onepassword-android#543

uwalakab

Hi @brenty

Thank you for your reply. 1Password X is great. Said this before but really liking the 2FA feature.
Just another feature to possibly add... Can you make the password strength meter in ALL areas (website, app etc.) be live/immediate?
By this I mean as you type in your (new) password, you can see how 1Password / 1Password X rates its strength as you type.
Please, what are your thoughts on this?

Best regards,

Benet.

ag_ana

That would indeed be nice @uwalakab. I am not sure if this can indeed be done, but thank you for suggesting this too :+1: :)

AGAlumB

@uwalakab: More importantly, the purpose of 1Password is not manually creating passwords. Use the password generator. "There's an app for that", as they say. ;)

uwalakab

Understood re: Password Generator. Just thought that as there is a meter present, that it could be more interactive and a guide.
(It's also interesting using the password generator seeing each random password has very subtly different strengths indicated).

Regarding password strength, some vendor websites need to start supporting the use of symbols in passwords and password lengths greater than 20 chars. But until then there's nothing we can do immediately or let alone soon with that.

Thank you @ag_ana and @brenty

Ben

Regarding password strength, some vendor websites need to start supporting the use of symbols in passwords and password lengths greater than 20 chars.

Indeed. These have been industry recommendations for years. Some vendors are slow to adapt, unfortunately.

Ben

uwalakab

True @Ben .... Thus the attachment (which you might have seen before)
:)

AGAlumB

No comment. :lol:

uwalakab

Going back to the main issue, just for reference I am also seeing the out of place password meter on Android Chrome too.
Looking forward to your next update.

rob

Thanks, @uwalakab. :+1:

uwalakab

Hey @ag_ana @brenty and team,

Regarding my post on Nov 30th with the below.....

"By this I mean as you type in your (new) password, you can see how 1Password / 1Password X rates its strength as you type.
Please, what are your thoughts on this?"

..... The Adndroid app does not do this exactly, but the 1password.com website does do this already if you:

1. Edit a password.
2. Click once on the "key" icon next to the password.
3. This generates a random password, opens an area showing the password strength meter and password criteria (i.e. length, digits, symbols etc.)
4. As you type a password for yourself, the password meter shows in realtime the password strength. :)

So this works on the 1password.com website which is nice. :)
The Android app shows the password strength meter, but it does not update in realtime as you type.

AGAlumB

The problem is that it isn't reliable at all if you're manually entering it. "Password strength" is not a real thing. It's just a best guess. And the only way for that guess to be reasonably good is by calculating entropy, which is only possible when 1Password is generating it itself, since then it knows the full character set being used and therefore the number of possibilities. Plus we don't want to be encouraging users to make passwords themselves. :)

uwalakab

"Plus we don't want to be encouraging users to make passwords themselves."

Fair point. Agreed.

Thanks for the reply.

AGAlumB

:) :+1:

uwalakab

@brenty - Just an example of how a -very- important website has the following password policy, which I think is a bit crazy.

Your new password must:

• be between 8 and 12 characters
• have at least one number (0 to 9)
• have at least one letter
• not contain special characters

The first line should at least say "8 characters or more".

Unknown

This content has been removed.

AGAlumB

Yeah, I think they need to join us in the 21st century, especially if it's anything important. :lol: It is, however, easy to generate a compliant password meeting those criteria in 1Password -- questionable security practices notwithstanding. :)

uwalakab

@brenty - At least the said site has 2FA on it. It has its own but you can also use another app to do the 2FA.

Guess what app I chose to do the 2FA? ;) (Need I ask?)

AGAlumB

;) :+1:

uwalakab

Password meter looks healthy again. Thanks.

Greg

Hi @uwalakab,

I agree, this looks better:

Feel free to reach out to us anytime, your feedback is greatly appreciated. :) Thanks again!

++
Greg

uwalakab

Thank @Greg,

Am curious..... Was it some kind of code change on the website that caused that strange effect?

Ben

I would have to assume so. :)

Ben

uwalakab

Thanks @Ben @brenty and all.
We can consider this matter closed.
Many thanks again.

Ben

:+1: :)

Ben