I found this topic posted in two other places, but one was in regard to 1password X & the resolution was that it was intended in that version. The other version the OP never responded to questions from 1password, so I'm posting a separate post.
I am new to 1password & so far, I'm really liking it except for changing passwords. I was a LP user & am switching over to 1password. I plan on changing all my passwords (which will be a lengthy process), but I've noticed when I'm on a site & go to the settings area to change my password, 1password prompts me to enter my password (in current password box). When I move to the New password, it prompts me to use the suggested generated password, which is great. The problem is that it then wants me to save the suggested generated password BEFORE it's actually saved on the site. If I decline, it does not prompt me to save the generated password after its changed.
I was going through the trouble of doing a lot of copying & pasting, so that I have the new password saved in a place other than 1password & not updating it in 1password until I could confirm the password was successfully changed on the site. THat was a PIA, so I thought, 'well, what are the changes that a password change will be unsuccessful?'. Apparently, the chances are high. WIthin 10 minutes, I had two password changes not go as expected. For one site, the site went down right after I clicked to save the new password in 1password, but before I had clicked submit on the form. In the second situation, it didn't accept my password because there were too many characters (the site did not list their password requirements so there's no way to know on some sites when this might happen). In both cases, I had to reset my password with the Forgot Password option because 1password saved the new password & I had no access to the old password.
Is this intended? If not, is there a fix? If it is intended, can I put in a feature request for it to prompt _after _the password change/password entry, if the password you submit is different than the one in 1password? I've noticed that it doesn't seem to be specific to password changes. If I enter a password other than what is saved in 1P, it doesn't prompt me to save the used credentials after I submit them (regardless of whether I'm entering them into a log in form or a change password form).
Everything else about 1P, I love. This is my only complaint. Thanks! P.S.: I'm using the browser extension in Firefox, but I've tried in Chrome also, with the same results.
1Password Version: 8.9.10
Extension Version: 2.5.1
OS Version: Windows 11
Browser:_ Firefox & Chrome
This behavior was mentioned in the past (for at least a year, if not longer), it's a topic that comes up every once in a while, and 1Password is aware of users having trouble with the current behavior. However, it's not sure if it's intended behavior due to reasons unexplained (and the issue you're running into has to be endured) or if it's a thing 1Password is actually going to change (and it just takes its time).
For my part, I consider the current behavior one of the very few but very annoying flaws in 1Password that's probably not going away, and that other password managers with browser integration don't have. It would probably be less annoying if there was a technical reason mentioned, but I don't remember a reason was posted beyond "it's the design".
For the time being, you can use the password history to copy a replaced password and paste it back as current password if the update on the website fails. The requirement to manually do this on failed updates is what I mean with "annoying". It's also a security flaw, because it involves the clipboard. However, you don't need to initiate the "lost password" recovery of the website - look into the password history of your login item for all the previous passwords.
Thanks. I didn't know there was a password history. I will look it up.
Had to help a friend recover his old password today. He initiated a password change saved it in 1Pssword because 1Password asked him to. Only then did the website in question reject the new password. I had to remote in and show him how to find out the old password was.
I'm sorry to hear your friend had difficulty when changing a password, I'd be happy to take a look at the website in question and file an issue if the suggested password isn't meeting the requirements if you wouldn't mind sending it over?
Like the OP, I too have switched from LP and find it annoying that 1Password does not automatically ask to save a password when I change it. I hope this is something that will be added.
The reality is, there are still plenty of sites that haven’t updated their password requirements. Smaller companies, companies that don’t store critical information, companies that are slow to adopt new processes, etc. They limit password length to 12 characters or under, or they only allow using certain special characters, if any at all. They are usually the same sites that don’t list the password requirement upfront so a user has no way of predicting if a chosen password will work or not until they try to submit the change.
Even for sites that have updated their password requirements, they might have lower requirements that what a user uses as a standard. For instance, many reputable sites limit password length to 20 characters, some limit length to 16 characters. It’s not an uncommon thing so I, too, hope this can be fixed in the software.
The website in question was https://www.peoplestrust.com/en/ where the suggested password did not meet the requirements.
Hey @FutureOfPass I do understand why you would want the extension to save your login after it has been submitted and accepted by a website. While that is not what we've chosen to do at this time, based on the reasons mentioned here, I will share your feedback with our developers.
In the meantime, if you run across a suggestion from 1Password does not meet a website's password requirements, please let us know about it. We'll be happy to review the website and report the issue to our developers for a fix.
Hey @Fedup I took a look at https://www.peoplestrust.com/en but I'm unable to get to the new password field where 1Password would be making a suggestion. I would need some data from the page where that new password field exists in order to report the issue on our end. Are you or your friend able to get to that field and then share the following with us?
Attach the downloaded .json file to an email message addressed to [email protected] With your email please include:
You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here. Thanks!