Can't Easily Edit the Password in iOS

qazwart

In iOS version 5.3, I have a hard time editing the password. When I edit the password in a record, the password is obscured with bullet points. I can reveal the password below, but I can't edit the revealed password directly. Instead, I can attempt to edit the obscured password while seeing the effect on the revealed password. This is different in Mac OS X where I can edit the password directly rather than editing an obscured field. In 4.x (and maybe earlier 5.x versions) I could also edit the password field directly.

Editing the password field is important. Sometimes a generated password contains a character not allowed in a site's password. There are also times when I need to manually type in a password, and I like to hyphenate my password to make it easier to manually type in. Which brings us to a feature request: In Mac OS X, when you generate a password, you can select a separator (like hyphens). I would like the same feature in the iOS version.

Thanks.

Megan

Hi @qazwart ,

I'm sorry to hear that editing the password field is a bit confusing. Unfortunately, this is done for your security.

In iOS 8, the predictive text feature is getting really smart ... and its also getting better at learning. This sounds like a really good thing (especially people like me who continually mistype simple words when using my 5s' keyboard) except it poses a potential risk when we're talking about passwords. There is potential here for the predictive text to learn passwords as they are being typed. Clearly, this is not something that we (as a security company) want.

This is why the actual password field will always remain obscured when you go to edit an item, and the actual content of your password will appear below the field. Our team is working to see if we can make this a little bit more user-friendly, and we're also writing a document to better explain why this is necessary. I hope my explanation helps you in the meantime.

like to hyphenate my password to make it easier to manually type in. Which brings us to a feature request: In Mac OS X, when you generate a password, you can select a separator (like hyphens). I would like the same feature in the iOS version.

I'll pass this suggestion along!

ref: DOCS-428

qazwart

Normally, I let 1Password take care of inputing my credentials. I like the new widget which saves me from going from 1Password to Safari a few times. However, there are a few times where I have to manually enter in my password. For example, a few webpages won't let you paste in text into their password field for security reasons. Sometimes, I am on another computer (like at my brother's house), and I don't have 1Password installed. These are the times when I have to manually enter in a password, and using hyphens to break up the password makes that task easier.

Are you saying that if 1Password didn't obscure the password field, the predictive text feature would learn the password? Normally, I'm just typing in the password once, or I modify it. Does the predictive text feature learn the password in one go? Maybe if I used the same password for multiple websites, I can imagine the predictive text feature picking up my password. However, the reason I use 1Password is to avoid that.

What about having the option of selecting a Separator as part of the recipe, like the OS X version does? I can chose a hyphen as a separator, and that would take care of the situation. I wouldn't have to modify the password that was generated. That would be fine with me.

By the way, why are the recipes for iOS and OS X different?

The iOS version has:

• Length
• Digits
• Symbols
• Avoid Ambiguity
• Allow Repeats

The OS X version has:

• Length
• Pronounceable
• Separators (Hyphens, Digits, Symbols, None)
• Use Mixed Case

It'd be nice if each version had the recipe features the other version has.

ag_kevin

Hi @qazwart ,

To confirm, yes predictive text may save your password if it is typed into a non-secure text field. Predictive looks at all text typed into text boxes unless they are secure (i.e. the ones that show bullets instead of the text). This is controlled by iOS, and there are no controls to say "don't watch text typed here."

I will raise a request with the development team to look at making the password recipes the same.

ref: OPI-2591

qazwart

Thanks. At least I now understand why you changed the editing of passwords in 1Password to be much more difficult than in previous versions. I take it that the predictive text feature will learn your password even after one time.

If you add the Separators into the iOS recipe as you have in the OS X recipe, I wouldn't have to modify the passwords when they're generated. Actually, I might still have to because some sites have weird password rules that make almost any generated 1Password password invalid. For example, one site requires you to have at least one of these symbols: #, %, &, and -, but other symbols like { or } are invalid. At least those, I can generate a password without symbols and append a valid symbol or two at the end of the generated password.

Ben

Thanks for the feedback @qazwart. Hopefully Apple will improve the predictive text feature in the future such that we can exclude 1Password data from it, but in the mean time we'll continue to work around the issue, and will make things as user friendly as we can.