Watchtower duplicate password problem

I have a weird issues with Watchtower's password strength meter and duplicate password detection. I have many duplicate accounts, due to importing some from another password manager, and some that were saved in a browser. For example, I have "MyWebsite" imported with a nice name but no website, and https://www.mywebsite.com with the website field filled in but no nice name.

  • Two accounts that have the same password may have different "strength" labels. One will be "good", and the other "Very Good" despite being the exact same password.
  • Watchtower detects that the accounts use the same password despite the disagreement of the strength meter...until I edit the website field of the entry that didn't have it set originally. Now the two aren't listed as having duplicate passwords anymore, even though the password field hasn't changed.

The latter problem, in particular, makes it difficult to find & remove duplicate accounts.

This happened with 1Password desktop 7 & 8, and Windows 10 & 11.

Any ideas what's going on here? Is there some way to force a Watchtower resync to see if that fixes anything?


1Password Version: 8.4.1
Extension Version: Not Provided
OS Version: Windows 11

Comments

  • PeterG_1PPeterG_1P

    Team Member
    edited November 25

    Hi @kwaegel , thanks for raising this issue! πŸ™

    I've taken some time to reproduce the tasks you've mentioned here and found that I did see some unexpected weirdness with Watchtower's results (particularly around re-used passwords). This seemed to be independent of the app's sync, so unfortunately I don't have much in the way of advice on that right now.

    However, I have reported the issue to our developers, with links to both this conversation and my own testing, and we'll be sure to look into this further. πŸ‘

    I should note quickly that Watchtower will sometimes display different strength ratings for the same password depending on whether that password was created by the app's password generator or entered manually. This is because we have the ability to reliably rate the strength of passwords generated by the app, whereas it is much more difficult to do so for human-created passwords entered by the user.

    Thank you again for letting us know, and we'll make sure to dig into this one!

    ref: dev/core/core#11538

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file