“Single-click" password change

guillaumekh
guillaumekh
Community Member

Hi,

Just finished reading about Dashlane's new beta feature : "single-click" change all a user's passwords.

As a fresh switcher from Dashlane to 1Password, i would really love to know Agile Bits has something similar in the pipe. Can you share your thoughts ? :)

Regards

Comments

  • RichardPayne
    RichardPayne
    Community Member

    That article, and the PasswordChanger feature itself, is misleading. It says "change all your passwords with a single click" when what it actually means is "change all the your passwords, on sites we support, in a single click". If all you do is use the major web vendors then this might be fine but it's not something that translates well to changing "all" your passwords.

    Don't get me wrong, it would be a nice feature to have but it's not the panacea of password management that it makes out.

    What I'd like to see if some form of standardised web service definition that all sites can implement.

  • [Deleted User]
    [Deleted User]
    Community Member

    @agilebits, please don’t bother wasting your resources for gimmicks like this. Mass-changing/syncing passwords on remote hosts (that are not under my control) is something I would never commit to a scripted process.

  • jemenake
    jemenake
    Community Member

    This is something I'd like to see, actually. Although, I think it's a fool's errand to try to automate this with custom scripts for each site (like DashLane and LastPass have done). Like Richard, I've been hoping for some standard API to do this. If any company can get this to happen, it would be Agilebits, as 1Password is the 800-lb gorilla in this market. I think that, if Agile partnered with some big web player (like Dropbox, Facebook, eBay, etc) to roll this out, other sites would follow, and we'd see it start showing up in open-source projects like phpBB and wordpress.

    Of course, some people might be a little queasy about an automated password-changing process which only requires your old password (but, really, there's not much loss of security by allowing someone who already has your password to change it to something else. If you have 2-factor auth turned on, they still can't get in). So, maybe the solution it to have a special API key that the site issues to 1Password. It wouldn't get issued to 1Password until the user had deliberately authorized it (kinda like how people authorize other websites to access their Facebook stuff over OAuth). Then, in order to change the password, 1Password would need to supply their special API key for that site and the existing password.

    Man, I hope they do this. Have you seen the DashLane video demo? You can select all of your sites at once and just make a single click and it regenerates all of them. That would be pretty damn cool.

  • Thanks for the feedback folks. We've been interested in doing something like this for quite a while. We'll continue to look into it, but as you've discovered currently there is no standard way to change passwords.

This discussion has been closed.