Previously used passwords
Curiously, there doesn't seem to be a way to disable the 'previously used passwords' function or to edit the entries. I've noticed that the history is sometimes incorrect, e.g. showing duplicate passwords, presumably because of merged entries. Anyone found any ways to do this?
Comments
-
Hi @sevendotzero,
Thanks for the question. There is currently no way to remove duplicate passwords from the 'Previously Used' section ... but our developers are working on something to help clean-up situations like this in the future.
Just to be sure this isn't a bug that we need to look more closely at, I'm wondering if you can help me out by answering a few questions:
- How many duplicate previously used passwords are you seeing? (Is it specific to a few entries or do you see them everywhere?)
- Each previously used password should have a time-stamp on it. Are the time-stamps on the duplicate entries the same?
While we sort this all out though, you can completely clear the history of an item by duplicating it. Just right-click on an entry and select 'Duplicate'. This will, however, remove all of the previously used passwords ... so for now it's probably best just to leave it as it is. :)
0 -
I am curious why disabling the password history is important to you?
0 -
I would request this also for a couple of reasons:
- I don't require a password history
- If you mistype the password in the entry and then correct it, the previous erroneous entry is stored under "Previously Used Passwords"
Deleting the entry and recreating it is the only present way to correct it.
0 -
Thanks for adding your feedback here, @hurrikenux!
At this point, we prefer to err on the side of caution, and store more information than you might need ... rather than not enough. You're right, the best way to clean things up now is to duplicate the entry and delete the original. Duplicate entries will not have the password history. :)
0 -
I find it a terrible practice to store previously used passwords -- I would like you to provide a way to delete them or refund my money for this application. This is an awful security practice -- no one would ever do this.
0 -
I don't understand why storing previously used passwords in 1P4 is "an awful security practice". Why is it any more so than storing currently used passwords in 1P4 in the first place (which, incidentally, I think is very good security practice)?
Stephen
0 -
@nqaz, @Megan provided a workaround for anyone wanting to remove the previous password history for an item in post #5 above. While it might not be exactly the thing you're wanting the 1Password application to do for you in a more general sense, it works very well if for some reason you've accidentally used the nuclear codes as your password at one point and have since had second thoughts on that.
While having this historical data does sometimes surprise someone when they stumble upon it, the number of times that it has saved someone's day is huge — I cannot count the number of times a web site password change wasn't actually recorded by the web service and the history is the only source of the still active password. And it is all securely tucked away just like the rest of the item's information.
0 -
The password change history is very useful for multiple reasons, including:
• re-enterring the old password if a password update fails (1Password has already generated a new password yet I need to re-enter the old password)
• figuring out the site's password recipe requirements since 1Password 4 doesn't retain that information as 1Password 3 did
• avoiding duplicates in manually-created passwords
So having it is critical. If it could be edited to clean it up that would be a bonus.
0 -
Hi @ssh,
Thanks for including your thoughts here. I agree, having password history around can be invaluable! I'll admit to having screwed up on one password change site at least once, and boy was I glad that the previous password was tucked away inside the entry.
Regarding websites with password recipes, 1Password 4's custom fields are a great place to store information like this. Simply type the requirements into a field (or a note) to have them ready the next time you have to change the password. :)
In the event that you do want to 'clean up' the old previously used passwords, the solution is to duplicate the entry and remove or archive the original. The duplicate entry will not have the password history.
0 -
I'm searching through all my entrees to find ones that use the same password in order to change them to unique passwords. I can search by password using the "expand to all fields" option but once I change the password, the entry still comes up in the results because the search is including the previous password field(s). I agree that it's great to have password history available but if there was a way to exclude previous passwords from the search that would be the best of both worlds. In the mean time, I'm having to duplicate and delete entries to flush out old password history (which is not ideal) so that it doesn't make this task more confusing. Improved search filtering please :)
0 -
+1 for Elliott's comment. I was trying to use the search all fields to look for logins that were using a previous password so I could change them all. After I change it, those still show up in the search results, since the history is keeping the old passwords. Unless you have another way of just searching current passwords.
0 -
Hi @elliottbryant and @SpectreGadget,
Updating your passwords so that you are not re-using the same one across multiple sites is a great idea! And it just so happens that we have a handy feature to help make this simple for you.
Check out our Security Audit feature:
Just mouse over the Security Audit heading in the sidebar and select 'Show' if the category is hidden. The Duplicate Passwords option will show you all sites that are currently using the same password - happy updating! :)
0
