Some newbie questions

OK, I've had and used 1Password for a while but I've finally capitulated, realizing now that still using passwords that I hope to remember is simply out of the question (email account credentials got out). So, I'm going through 1Password, logging into accounts (over 200 items) and updating passwords with ones unique to each site and that are complicated. Just navigating the different requirements of each site is a nightmare. (I had a situation once where I copied and pasted in a long password to set it, but invisibly only the first X characters were accepted; logging in with the full string failed until I figured out that only the first X characters actually got taken as the password.)

There are a number of items that don't really fall into just one category. The result is probably just user preference, but:

  • where do you put things like Apple IDs? Is webmail a "login" or "email account" (since the same credentials are used in email clients)?
  • Where do you put things like answers to security questions?
  • For sites that split the ID and password across two pages (sometimes with a graphic verification in between), do you have two "login" entries then one with the ID and one with the password? If so, then the ID entry has a blank password, which 1Password shows as "red" for password strength. If you copy your password into the ID entry (so the red warning goes away), then you have the password in two places (ID entry and password entry) which is a pain to maintain. Any best practice for this situation?
  • not to nitpick, but iCloud has been out for a while, so the reference to mobileme is a bit dated.

I'm now totally dependent upon a password manager, and I hate it.

Comments

  • khad
    khad
    1Password Alumni

    So sorry to hear about your email account, but you are doing the right thing by using 1Password to generate unique passwords for all your accounts. If it seems daunting, you can use these two tricks:

    1. Search for known reused passwords. You can even make a Smart Folder that will get cleared out automatically as you change passwords.
    2. Sort by password strength. Change the weaker passwords first.

    where do you put things like Apple IDs?

    I have mine saved as a Login item since I use it to log in at http://appleid.apple.com Anything that you can log in to via a web interface should be saved as a Login item.

    Is webmail a "login" or "email account" (since the same credentials are used in email clients)?

    This is a perfect example that illustrates my previous sentence. If you need to record your IMAP (or, if you're old school POP3) settings, you'll want to store that in an Email Account item. Many folks only ever the web interface of their email provider.

    Where do you put things like answers to security questions?

    The Notes field.

    For sites that split the ID and password across two pages (sometimes with a graphic verification in between), do you have two "login" entries then one with the ID and one with the password?

    That's the most reliable way to do it, but offhand I can't think of any sites for which I have Login items that I haven't been able to consolidate into one item. Just save a Login on the first page of the login process, then edit the item and type your password in before saving it. Then you can just use the same Login item to fill both pages. Command-\ on the first page, and then Command-\ on the next page. Easy. :)

    not to nitpick, but iCloud has been out for a while, so the reference to mobileme is a bit dated.

    The reason that it hasn't been updated yet is complicated, but it will be resolved in an update. Thanks for letting us know you will appreciate the change.

    I'm now totally dependent upon a password manager, and I hate it.

    You will learn to love it. Use your brain for more important things. Computers were supposed to make our lives easier. I'm happy to let them. As long as you have a strong master password that you don't forget, have an emergency plan in case of your unexpected passing, and make regular backups there shouldn't be any reason to ever regret it.

    If we can be of further assistance, please let us know. We are always here to help!

  • Nunuv Yurbiz
    Nunuv Yurbiz
    Community Member
    edited May 2013

    Thanks! Manually adding the password to the ID login entry mostly works, but...

    I can't think of any sites for which I have Login items that I haven't been able to consolidate into one item

    Bank of Hawaii. ID is on boh.com, password is entered at ibanking-services.com. (Full URLs are longer.) So, when it flips to the second page to enter the password, since the domain changed, the main entry with the ID (and password, manually) is not in the drop down list. Is there a workaround so that I can still use the password that I manually added to the ID login item? (Other than copy / past....)

    Search for known reused passwords. You can even make a Smart Folder that will get cleared out automatically as you change passwords.

    Out of 136 logins, 60 use the same 8 character alpha password. Ugh. 10 use my second most popular, 7 character alphanumeric. Ugh. Some are one-time use items, but you can never actually delete an account you setup somewhere just for a one-time use.

    I have many, many more pseudo accounts that use my dummy-account Facebook credentials (like this forum). It's really gotten out of control.

  • khad
    khad
    1Password Alumni

    Bank of Hawaii. ID is on boh.com, password is entered at ibanking-services.com. (Full URLs are longer.) So, when it flips to the second page to enter the password, since the domain changed, the main entry with the ID (and password, manually) is not in the drop down list. Is there a workaround so that I can still use the password that I manually added to the ID login item? (Other than copy / past....)

    Ah. That would definitely be a case where it would not be possible at this time to have a single Login item since Login items in 1Password 3 are tied to a single URL. 1Password 4 supports multiple URLs, so it should be possible in the future. (Right now 1Password 4 is only available on iOS. The Mac version is in development.) For now, I would just create two Login items as you initially suggested.

    It's really gotten out of control.

    Well, I hope 1Password can help you take control of your passwords. :)

    Please let me know if there's anything else I can help with. Cheers!

  • Nunuv Yurbiz
    Nunuv Yurbiz
    Community Member
    edited May 2013

    The manual suggests using logins instead of identities to record filled out forms online. Makes sense, but logins are still judged by the credentials information, which doesn't apply to a filled out form. Is there a way to segregate the filled out forms logins from the credentials logins?

    Edit: what I've done is create a folder called "web forms" and added a criteria to my smart folder for weak passwords that it's not in the folder labeled "web forms."

  • khad
    khad
    1Password Alumni

    Smart workaround using Smart Folders. :)

  • Nunuv Yurbiz
    Nunuv Yurbiz
    Community Member

    Why are generated passwords saved separately (in duplicate) from the item containing the password? Can I not just immediately delete them?

  • Hi,

    1Password automatically saves all the generated passwords into its own safety net in case the extension didn't save the data automatically.

    Imagine you've generated a new password, filled it in, and then update the site's password. However, 1Password didn't prompt to update the Login and you cannot log in again because the Login still has the previous password that never got updated. You'd be able to retrieve it from the Generated Passwords section and update the Login item manually.

    You can manually delete the generated password items if you want but we recommend just leaving it there if you don't need to do it.

This discussion has been closed.