Feature request: machine description of password rules
Many sites have arbitrary rules around password composition and length; sometimes they surface them, but more often they're implicit and only show up with you violate them. Special contempt is reserved for e.g. Paypal which allows you to set a password that is silently truncated. Yay!
My proposal would be a simple description language of the rules for valid passwords; these rules could be shared and passively improved by users. The end game for me would be a 1Pwd functionality that would go ahead and change all my passwords to maximally secure random ones either on a schedule or with a big red button.
Comments
-
Special contempt is reserved for e.g. Paypal which allows you to set a password that is silently truncated. Yay!
PayPal isn't the only site like that, unfortunately. I have a financial/insurance site that does so too, and complaining to them about it raised essentially no interest on their end.
I don't know how your suggestion would work automatically, though. You'd have to make 1Password login automatically, find the each site's own particular place and method for changing passwords, and then go to work. I've just changed lots of passwords in response to Heartbleed, and there are few similarities among sites in how they do password changes. (Maybe I misunderstand your suggestion.)
0