Feature Request: Increased Password Complexity Options

I have a couple hundred stored passwords, and thus far, the changes I detail below will address all issues that I currently have with the 1Password product.

I would love to see a couple of password complexity options added for auto generated passwords:
-Upper Case and number of upper required
-Lower Case and number of lower case required
-The type of symbols allowed, in addition to the symbol on/off button that already exists. (I envision a free form box where you can enter symbols to include. Also a check box for "Not" which configures the freeform text box to exclude the symbols entered. No symbols entered means all symbols are allowed.)

I ask for these enhancements because we have all seen instances where there are a set number of required upper/lower case characters for any given password. The symbol type ask is due to a very common instance where all symbols are not allowed. (Certain symbols not being allowed for a password is my biggest issue with using the auto generated passwords...) I truly believe that continued password complexity requirement additions, as password security practices evolve over time, will be crucial to keeping the product current and viable in the marketplace.

Thank you!

--Joe


1Password Version: Not Provided
Extension Version: 1.22.3
_OS Version: Windows 10 1903
_Sync Type:
Not Provided

Comments

  • LarsLars Junior Member

    Team Member

    Welcome to the forum, @eldrumo! Thanks for the suggestions. In fact, some of the ideas of what you're suggesting are how it worked for some time here at 1Password. Those finer-grained controls were removed for reasons of improving randomness in password generation (and thus overall security), as well as some other reasons. You can read more about the decisions that were made in this post from our Security Team lead, last year. Feel free to let us know if you have any questions. And again, welcome! :)

  • I read this post and linked thread. I don't think your answer meets business or user requirements.

    For reasons known only to them, multiple service providers (web sites and other types of logins) support only specific sets of special characters (symbols) and restricted lengths. When I need to change passwords on those sites, I do not waste my time by regenerating and hoping. This is obviously dangerous too, as too many attempts may even lock accounts. What I do now is simply edit generated passwords to meet the site requirements. Reduces randomness, but has to be done. But even this is a waste of time and not optimal.

    I have over 1000 passwords in 4 vaults on 10 MacOS, Windows and IOS devices. 1Password is a great tool and I have recommended it many times. That said, we need just a little more flexibility and your notion of reducing complexity is specious.

  • Lars,
    Thank you for the reply. I understand that things were changed to the way that they are now, but I'm requesting that you reevaluate that decision. I bet that if you poll the community, you will find that every single user has the same issues that I am posting about. There is clearly a business need for what I am suggesting because valuable features of the application have unneeded limitations that effects make those features unusable in many situations.

    Thank you,

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file