length, syntax of created Passwords?

coyote3
coyote3
Community Member
in 1Password in the Browser

I just used 1Password to create my first new password. It suggested one, but it wasn't long (only about two dozen characters, for this forum, incidentally). How do I tell the automatic popup how long to make it and what characters to use? Or better yet, to always make it as long as possible.

Is this functionality only available on https://1password.com/landing/password-generator/ ?

I'm using 1Password 1.23.1 in Firefox on Linux and 1Password 7.7.3 in Firefox on Android 10

1Password Version: Not Provided
Extension Version: 1.23.1
OS Version: Linux Mint 19.2 Xfce
Sync Type: Not Provided

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @coyote3!

    You can tweak the password generator settings in the extension :+1:

    Create a custom password

  • coyote3
    coyote3
    Community Member

    Thank you very much for your reply, ag_ana!

    Now I see how to get to that Plus sign!

    (I couldn't because I had the icon in Firefox's toolbar's overflow menu instead of directly on the toolbar; in that case only the popup's left side is visible to a user.)

    I was immediately very excited to read about "Smart Password" functionality. (Because I find it extremely inconvenient that sites often don't say what password syntax they require, specifically maximum length and character type; and even--as I just mentioned over on another thread--"let one create a password that it then won't let one login with in future sessions".)

    However, I noticed a drawback to the Smart Password option. No matter how long a site's maximum length is (I tested this on a site I know allows long ones), it only allows 20 characters! (I know that's not terrible, but there's no good reason it should be so short. I'm used to LastPass allowing passwords up to 128 characters.)

    I thought that if I increased the default length in the "Random Password" mode that might carry over into the Smart Password mode, but no, Smart Password mode remained with a length of just 20.

    Incidentally, at first I was alarmed that the "Random Password" mode length slider only went up (from the default 20) to 50 characters, but then I found that one can manually edit the numeric value up to 999 characters [which I'm guessing would be too long to work on many sites anyway].)

    I would love for "Smart Password" mode to be configurable to provide much longer passwords. Is there a .ini file or something one can edit to enable that? If not, how may I suggest this feature?

  • Nhat_Nguyen
    Nhat_Nguyen

    Hello @coyote3,

    Thank you for your feedback. However, I assure you that having a longer than twenty characters random password does not make much difference.

    1. A strong password from the password generator is uncrackable at the default length, so having an extra-long password does not make much sense since it will take up more space.

    2. There usually is a maximum length in a website's requirements, and 1Password does its best to ensure its passwords are satisfactory.

    3. If you have to access your site where 1Password is inaccessible, such as a smartTV or on a device with an unsupported OS, you will not have too much trouble entering the password manually.

  • coyote3
    coyote3
    Community Member

    First, I should say that I've decided that I will be subscribing to 1Password, because it works (and the password manager I've now stopped using, LastPass, barely works at all in Android Firefox), and does what it does very well.

    I do have a general understanding that, as I said, 20 characters isn't terrible. However, you let us make longer ones, so why not in Smart Password mode? Please?

    I do not consider 'taking up more space' to be a sound justification for not giving users that option. 128 characters doesn't take up much more space as a database, or involve much more processing time per site, than 20 characters does. No one needs to take advantage of the option if they don't want to; it would be cool for the default to remain at 20.

    Even a little bit more security, obtained because there's no good reason not to, should be achieved.

    As for your #3, thankfully streaming sites address that issue by allowing one login on the website and enter just an authentication code in the TV app.

    Relatively few sites have max length requirements less than 20, so honestly it's not much of an achievement for Smart Password mode currently to avoid exceeding that parameter. What would impress me if it did so with a robust length.

    I've already told a lot of people how initially happy I was with 1Password. But it looks like I'm also going to need to tell them that I am not happy about this.

    I asked about where I may suggest this enhancement. Is there somewhere, please?

  • ag_ana
    ag_ana
    1Password Alumni

    @coyote3:

    I asked about where I may suggest this enhancement. Is there somewhere, please?

    This would be the right place :)

This discussion has been closed.