20character random password marked as Terrible

finwe

A password in an item created with use of the CLI interface, which is random, contains upper-lower-case-numbers, and is still marked as Terrible in the UI and as Weak in Watchtower.

Yes, it was not generated by 1Password generator as hinted here https://1password.community/discussion/142701/weak-password, the password is created from /dev/urandom on the originating machine, as a part of existing workflow. Even in this instance, I don't think a 20character random string should be assessed as Terrible.

---

1Password Version: 1Password for Windows 8.10.40 (81040031)
Extension Version: n/a
OS Version: Win 11
Browser: n/a

GreyM1P

Hi there @finwe

As I mentioned in that thread, there's a weighting applied to the strength of a password based on whether or not it was generated in 1Password. If it came from elsewhere, 1Password doesn't know how truly random that password is.

In short, no matter where you generate a password (outside of 1Password), if you paste or type a password into the Password field, it won't be considered strong, and this is by design. If you're sure that it is strong, you can dismiss the Watchtower banner on that item.

With that in mind, did you use the 1Password CLI (op) to generate the password or use some output from /dev/urandom?

— Grey

finwe

Yes, it was not generated by 1Password generator (so not even the op password generator)
the password is created from /dev/urandom on the originating machine

Weirdly enough, a new item with "external" urandom generated password is rated as fantastic, as well as most of other items generated on the server with op so there probably is a problem with particular items, perhaps where the password strength was not reset?

finwe

Seeing the item history, there is only one version of the item since the creation and even in it the strength is Terrible

GreyM1P

@finwe

It's hard to say for sure, but you can check the score of the item manually:

1. Turn on debugging tools (Settings > Advanced)
2. Click ⋮ three-dot menu > Copy item JSON.
3. Paste into a text editor.
4. Look for the following attributes in the JSON:

• pgrng - password generated by the 1Password strong password generator (likely won't be shown if False)
• ps - password score – 100 would max out the strength meter in the generator

Those attributes might help you learn more about the item.

finwe

Yes, pgrng is not shown and ps is 1. Can I somehow manually force recalculating the score preferably without changing the password back and forth?

These are all a few years old items, but should this happen for a new item, I'll report.

GreyM1P

@finwe

You could try Duplicating the item to see if that helps, but if not, then you'll need to generate a new password to have it recalculated. Keep an eye on things and let me know if you encounter anything similar again.

finwe

Unfortunately, duplicating the item did not help. Will look out! Thanks.

GreyM1P

@finwe – Thanks for the update. Let us know if you need any further help.