Watchtower -> Reused Passwords, Report is Incorrect

big_data
big_data
Community Member

Watchtower is reporting "Reused Passwords" on 37 of my websites. I reviewed each of those entries and found that 35 of them have strong, unique passwords, all generated from 1PW suggested passwords.

Why am I getting this inaccurate report of reused passwords from Watchtower?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: OS X 10.14.6
Sync Type: Not Provided

Comments

  • Hi @big_data

    Do these websites have anything in common? Also if you open up the View Saved Form Details view on each, do any of them have additional password fields beyond the primary one?

    Please let me know.

    Ben

  • big_data
    big_data
    Community Member

    Hi @Ben,

    These websites have nothing in common either in creation dates or function, everything from eBay to forums, airlines, banking.

    This is a subset of my 403 entries in 1PW. I'm using the web based 1PW, not an app.

    I did a "Show Web Form Details" for each entry and found only the primary password field.
    Is that what you mean by "View Saved Form Details"?

  • big_data
    big_data
    Community Member

    Is there a way to open a trouble ticket to get some support on this issue?

  • ag_ana
    ag_ana
    1Password Alumni

    @big_data:

    You have opened a trouble ticket here on the forum ;) My colleague Ben is also giving you support on this issue, so there is nothing else for you to do :+1:

    If you click on one of these items that Watchtower is reporting, you should see a little dropdown menu on the bottom right corner of the message:

    Do you see that? If you click on the 1 other item menu, what does 1Password show you?

  • big_data
    big_data
    Community Member
    edited March 2020

    @ag_ana

    I clicked on each item (37) that Watchtower is reporting as having a reused password, and none of them display the "1 other item v" dropdown. I created a test case where I did intentionally reuse the same password on two different sites, and the dropdown still did not display.

  • ag_ana
    ag_ana
    1Password Alumni

    @big_data:

    I see that you are on the 1Password.com website rather than in the app. The website won't show you the dropdown menu, that's an app feature.

    Since you posted in the Mac section of the forum, I assumed that you were working with the Mac app. Can you try doing this from 1Password for Mac?

  • big_data
    big_data
    Community Member
    edited March 2020

    Yes, I am using the 1Password.com website as I earlier posted.
    I use Chrome on an iMac with 1Password X browser extension.

    I'll install the 1pw Mac app and report back. Thanks for the help.

  • ag_ana
    ag_ana
    1Password Alumni

    Sounds good :+1: :)

  • big_data
    big_data
    Community Member
    edited March 2020

    @ag_ana

    I installed the Mac app 1Password 7.4.3 and compared it to 1Password.com.
    Both show the same account, same Vault, and All Items = 401 for both.

    1Password.com => Watchtower => Reused Passwords = 30
    Some of these "Reused Passwords" are false positives, they are not reused, and they do not appear in the 1Password 7 report.
    This is the issue that I originally posted about.

    1Password 7 => Watchtower => Reused Passwords = 16
    This report from the Mac app is inaccurate because it's incomplete.
    If a reused password is also listed in another Watchtower category, like "Two Factor Authentication", then it does not appear in the "Reused Password" report. In the 1Password.com Watchtower report this same entry is listed in BOTH "Reused Password" AND "Two Factor Authentication" reports.

    Am I missing something or are there problems with Watchtower reports on both the 1Password website and the Mac app?

  • big_data
    big_data
    Community Member

    @ag_ana

    Are there any updates on resolving this issue?

    Thanks.

  • Hi big_data - I have replied to your recent email that you sent to our support channel so let's keep the conversation there should you have any more questions :)

This discussion has been closed.