Weak password criteria inconsistent.

mikebore
mikebore
Community Member
in Mac

I have just been changing and strengthening some of my older passwords.

I changed one to a random eight character mix of numbers, small and capital letters and non-alphanumeric characters generated by 1Password and 1Password is reporting in a very large red banner as "Weak Password too easy to guess".

I have other eight character passwords which are reported as "good".

What is going on?!

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_tommy
    ag_tommy

    @mikebore

    It seems to be a visual bug that development is investigating.

    Another thought is if 1Password doesn't know where your password was generated (which is the case when pasting/typing/adding to the password yourself), it's supposed to lose some of the strength that being truly random gave it. Did you need to edit this password to meet site requirements? If so, that's likely a contributing factor.

    One additional thought is you might consider increasing the length of your passwords. 1Password.com, for example, requires a minimum of 10 characters. I use nothing shorted than 17 unless the site is stubborn and insists on something smaller, which necessitates an email from me. :sunglasses:

  • mikebore
    mikebore
    Community Member
    edited December 2020

    The password it replaced really was too easy to guess, not a site requirement issue. I didn't edit the password after 1P generated it.

    I do usually have much longer passwords, but a few have to be typed in manually, eg to a TV set, and for those I usually keep the length down.

    Some of my old passwords that 1P is reporting as 'fair' are definitely not random, eg two digits tacked onto the end of a name I chose. It makes no sense that these are usually "Fair" where 42df!dDT was 'weak'.

  • ag_ana
    ag_ana
    1Password Alumni

    @mikebore:

    Some of my old passwords that 1P is reporting as 'fair' are definitely not random, eg two digits tacked onto the end of a name I chose. It makes no sense that these are usually "Fair" where 42df!dDT was 'weak'.

    This sounds exactly like the bug my colleague ag_tommy mentioned then :+1:

  • mikebore
    mikebore
    Community Member

    Thanks, I thought the visual bug was referring more to the big red banner than the wrong categorisation (which is not really a visual bug).
    Not a big deal...I can apply my own brain to what is weak and strong!

  • ag_ana
    ag_ana
    1Password Alumni

    @mikebore:

    The bug makes 1Password show the wrong password strength indicator: even if the password itself is strong, it will show it as weak. So I believe that it is connected to what you are seeing.

  • mikebore
    mikebore
    Community Member

    Thanks....look forward to an update, but not a big problem. The worst part of it is the reproachful big red banner.

  • ag_ana
    ag_ana
    1Password Alumni

    @mikebore:

    In the meantime, you can make the banner smaller if you click on the little upward arrow next to the strength indicator icon.

  • mikebore
    mikebore
    Community Member

    Yes thanks. That is the default. I originally took the screenshot with the drop down activated to report the problem.

  • ag_ana
    ag_ana
    1Password Alumni

    Got it :+1:

This discussion has been closed.