Generating New Passwords
I am a rookie. I have had a very productive day loading ~49 total items - 24 being Logins. All of these items were loaded with their original passwords. These passwords are old, weak and duplicates. Now, I would like to implement new, strong, and unique passwords. I looked for a description of a process but have not been successful. I am apprehensive about this step because I fear if I do something wrong I could lock myself out of a lot of sites.
Is there a preferred process to minimize risk and increase the possibility of only doing this once?
Comments
-
I have been thinking more about my concern regarding new password generation. For example, I was just creating a new login for a website I have been visiting for a few years. When I go to enter the password in the password field, I am given the option to create a new, unique, long and unrememberable (my new word) password. Generally, at any website, if I want to change passwords I must login and go to the profile page, enter my current password then enter my new password twice. If I am creating a login script in 1Password with a new password how does it become 'valid' relative to the profile page?
Similarly, when I went to login to another website that I had not yet entered into 1Password, while I was entering my username and password a popup window (IP4mini?) opened asking offering the opportunity to both create a new password and to enter the information into 1Password. A great service, but I don't understand, again, how the new password is incorporated into the website's profile page.
I hope these examples better clarify my concerns.
u2jimbo0 -
I am not an expert, but since no one else has answered you, I will do my best. First, in case you haven't seen it, here is the 1Password Basics page: learn.agilebits.com/1Password4/Mac/en/the-basics.html
As far as a new password becoming "valid" on a website's profile page, it does so only if you first enter it on the profile page. (Storing it in 1Password is independent of that.)
Hope this helps--
David
0 -
Hi @u2jimbo,
I think you've gotten some good advice from @DavidB to check out the Basics page. However, in case you need things explained a bit differently, here is my (personal) version of the basics. There are two main things that 1Password can help you with:
- Saving your login information for all those sites that require you to sign in every time you visit, and
- Helping to generate strong passwords when you want to update your current login information or log in to a new site.
(There are plenty of other cool features, but these are probably the ones you're most anxious to get started with!)
To save your current login information in 1Password:
- Make sure that the 1Password browser extension is installed on your browser
- Visit a site and log in as normal
- 1Password will ask to save the username and password for that site (this happens most of the time, not quite always) - when you are asked to name the site, it helps to make sure the name is unique and memorable so you can find it in your list later!
Once a login is saved, all you need to do to login to that site again is: click the extension icon (looks like a key) and unlock if needed. Once unlocked you can click the item for the site, it will open the site and log you in automatically. (Please note, we're working hard so that this is as automatic as possible, but some websites don't play as nice with 1Password as others.)
You can also use 1Password to generate strong passwords for you:
- Go to the "change password" page of the website (this location depends on the way the website is set up, but it's often under the account settings section).
- When you are presented with the fields to change your password, you can click the 1Password extension, and choose the password generator (the icon that looks like a combination lock) to create a custom random strong password.
- Click the Fill button.
- After filling it on the webpage, 1Password should then prompt you to update your saved login for this site.
- If 1Password does not prompt you to update your Login, that strong password you just generated has been saved to your clipboard by default when you clicked 'Fill', so all you have to do is open your Login in 1Password and paste the new password in the appropriate field!
- Please note, that new password is also saved under your Passwords tab automatically.
I know it might sound complicated to begin with, but once you get used to the workflow, 1Password can make your browsing experience infinitely simpler - and more secure!
0 -
David and Megan:
Thanks for your responses. I am beginning to feel more secure about the process. I finally understood that I had to go to each website and formally change my password and use 1Password to create the new one,. I guess my anxiety came down to feeling 'at risk' of losing all those very complex, generated passwords if the system crashed. In the past, I had logged all passwords to a very detailed excel spreadsheet that was locked on my computer and printed out for reference and backup.With 1Password, I guess I am trusting the application to never lose my passwords (cause it would be impossible to remember them all). Since there is no capability to print them (like I did with Excel) my backup security is diminished since it is limited to being on the computer. This is my primary concern.
All of the other features of the program are great! I already understand the time saving and organizational benefits of using 1Password. However, I also get the feeling from all of the posts I have read since acquiring 1Password that, as a brand new application it is suffering from significant birthing pains. People writing in who have experience with previous versions seem to long for the stability of the 'good old days'. As a new user, I have stepped onto the scene at a vulnerable time of the programs release and, as a result, my fears and confusion are compounded.
I will try to remain patient, and continue to learn and gain confidence.
Jim0 -
The knowledge base is an increasingly good resource as it expands. As for:
Since there is no capability to print them (like I did with Excel) my backup security is diminished since it is limited to being on the computer.
...you do backup your computer, don't you? ;)
Stephen
0 -
U2jimbo wrote:
I also get the feeling from all of the posts I have read since acquiring 1Password that, as a brand new application it is suffering from significant birthing pains. People writing in who have experience with previous versions seem to long for the stability of the 'good old days'. As a new user, I have stepped onto the scene at a vulnerable time of the programs release and, as a result, my fears and confusion are compounded.
With 1Password, I guess I am trusting the application to never lose my passwords (cause it would be impossible to remember them all). Since there is no capability to print them (like I did with Excel) my backup security is diminished since it is limited to being on the computer. This is my primary concern.
I have been using 1Password since the first version and have complete trust in it; these are really savvy developers. Most of the problems with the latest version have to do with installation, general usability, the functionality of new features and the absence of some old features, but I don't think there is any question about the integrity of the application or its ability to maintain password and other data. Otherwise you would see many, many posts from experienced users saying they were fleeing to another program.
As for not feeling secure without a printout, I understand your feeling, although with a proper, redundant backup strategy, you should have nothing to fear, since you will always be able to retrieve your files.
David
0 -
@u2jimbo I agree with @DavidB, I have complete trust in 1Password. I wouldn't worry about the app losing your data. The only way I can think of for you to lose access is if you forget your master password - in that case you are out of luck.
If you are really worried, it is possible to print off your data by going to File > Export > All Items... and exporting your data to a .1pif file. That exported file can then be opened with TextEdit.app (right click on the file, Open With > Other... and select TextEdit). You can then print off that file. While it is not ideal and might be a bit of a pain to read, all your data is included. If you do this, be sure to delete the .1pif file after it's printed because it is not encrypted (and use the secure empty trash option in the menu bar Finder > Secure Empty Trash).
0 -
David and Stephen:
Thanks for your responses. Yes, I do backup my computer. And I do understand that once I revert to the backup I would be able to see all the passwords and use the 1Password application, again.
I think my concern(s) stem from having depended upon paper records which, by their nature, were not available for public scrutiny unless physically stolen out of my house (very low perceived risk) compared to the very high perceived risk associated with the online availability of these documents today + the ongoing cracking of "secure" websites (I was just notified that all my records were stolen from Adobe Software) + my being unfamiliar with 1Password + 1Password4's birthing pains all combining to accentuate my paranoia.
Everyone on the Agilebits Forum have been very supportive of my concerns (across a number of topics). You are all helping me get comfortable implementing the software and adopting new ways of thinking. Thanks for your support.
Jim0 -
Hi @u2jimbo,
I'm so glad to hear that you are slowly gaining confidence in your use of 1Password. I don't blame you at all for being hesitant. Your password data is so important, and I do want to thank you for choosing to trust us to help you keep it safe.
Please continue to ask any questions you might have - we're here to help you throughout this process :)
0
