Watchtower has stopped identifying reused passwords

s_a
s_a
Community Member

Hi,

I use the desktop App.

When I use IPW to generate a pw and then accept the update to a login, Watchtower would identify these two as reusing the password. I have two questions:
1. why does it save the pw as a separate entry. Am I doing something wrong as it's time consuming to delete them.
2. why has Watchtower stopped identifying these under Reused Passwords?

Thanks
Surekha


1Password Version: 7.4.763
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: Dropbox
Referrer: forum-search:Hi, my Watchtower has stopped identifying reused passwords. Why is that?

Comments

  • bundtkate
    edited April 2020

    Great questions, @s_a!

    1. why does it save the pw as a separate entry. Am I doing something wrong as it's time consuming to delete them.

    These are "just in case" items. Essentially, if 1Password doesn't prompt you to update that Login for any reason, that Password item is there to save you so you're not locked out of that account now using a generated password you almost certainly don't know.

    1. why has Watchtower stopped identifying these under Reused Passwords?

    In short, because we taught it not to. You might have read around the internet that password reuse – using the same password for multiple accounts – is one of the biggest security threats you face. If one website is compromised, you have to change your password for many others if you're reusing passwords. In this case, though, you're not reusing a password. It's just in your vault twice because of how this failsafe is handled right now. Watchtower wants to protect you from genuine reuse and it can't do that job very well when it's also nagging you with these red herrings. So, we taught it to ignore these since they aren't indicative of any sort of security problem. :+1:

This discussion has been closed.