Can you view stale passwords on Windows? (i.e. passwords that haven't been changed for 90+ days)
I want to view a list of any of my passwords that haven't been changed for 90+ days - is this possible on Windows?
1Password Version: 7.3.712
Extension Version: 1.18.0
OS Version: Windows 10 Enterprise
Sync Type: Not Provided
Referrer: forum-search:Can you view stale passwords on Windows?
Comments
-
The best you could do, @tylermurphy, is sort your Login items by date modified and check through those that are 90+ days from their last modification. This wouldn't be totally reliable as updating something other than the password would also update the date modified, but we don't offer a feature like what you're looking for.
With that said, it is no longer considered good practice to rotate your passwords every 90 days. In fact, the prevailing advice from experts is not to change your passwords at all unless you have reason to believe they're compromised. Our team discussed the rational behind that recommendation in this blog post:
https://blog.1password.com/how-often-should-you-change-your-password/
And, if you're feeling particularly adventurous, you can read about these recommendations direct from the source, NIST:
https://pages.nist.gov/800-63-3/sp800-63b.html
The bit covering password rotation is found in Sec. 5.1.1.2 Memorized Secret Verifiers.
I know that there are sites and organizations that still require password rotation, ill advised though it may be. The bank that handles my mortgage is one of them and they have obnoxious and unclear password requirements to boot so cursing at them every 90 days has become a tradition in my house. If you have any passwords you are required to rotate, my suggestion would be to use your typical calendar app to remind you about it rather than 1Password. I am lucky to only have a few of these today as most often its our work that makes us do that and our security team would have none of that, but even if I had more and could specifically track them in 1Password, I think I'd still find using my calendar to be a better fit. It will nag me no matter what device I'm using and it doesn't require that I open 1Password at all. One of the things I have always loved about 1Password – even before I worked here – is that it stays out of my way. Most of my work is handled by
Ctrl + \
and I don't even have to look in 1Password itself. Something that required me to expressly dig through the main app wouldn't work as well as my calendar which sends me notifications without my having to open an app at all.0 -
Thank you for these wonderful insights!
0 -
On behalf of Kate, you're super welcome!
I'm glad we were able to jump right in and point you in the right direction so that we were answering your question precisely. 💙
0