Reverting Generated Passwords back to Pre-created Passwords
When a password needs to be changed on one website, there's no going back to previously used passwords. Is this also true for 1P's Generated Passwords? As such, if I decide to put back a password that was previously created by me, would that be a problem?
I have not used Generated Passwords in any of my 1P sites. Just recently did a test and let 1P generate a strong password on one site only that I no longer use. (Wanted to see what happens.) It works, but I'm still leery of using generated passwords because they are extremely difficult to remember with all those scrambled symbols, letters and numbers. Right now, all of my own created passwords are in good shape. Will use 1P generated passwords only if there's a lurking danger of being hacked on one or several sites. I trust that Watchtower will warn me of this.
1Password Version: 5.3
Extension Version: 530029
OS Version: OS X 10.10.4
Sync Type: iCloud
Referrer: ug:mac/attach-a-file, ug:mac/item-list, kb:strong-master-password, ug:mac/changing-a-saved-password, kb:change-website-password
Comments
-
You can always change a site's password to whatever you want (including one you've used before): you don't have to use a 1P generated password. Personally, I do prefer to use generated passwords because the more difficult they are to remember the more secure they are likely to be. :)
Stephen
0 -
You can always change a site's password to whatever you want (including one you've used before)
One caveat is that some sites will actually store a password history, so that they can subsequently disallow previously used passwords. I've seen fewer cases of this over time, but it still happens. Very insecure, since it means they have your actual password stored in the first place. :dizzy:
Personally, I do prefer to use generated passwords because the more difficult they are to remember the more secure they are likely to be.
I'll also add that I love using generated passwords because it offloads this task from my brain entirely. We're notoriously bad at remembering random things, and even worse when it comes to trying to create something random (spoiler: we can't), so it's nice to let technology fill this role. :)
0 -
"One caveat is that some sites will actually store a password history, so that they can subsequently disallow previously used passwords. I've seen fewer cases of this over time, but it still happens. Very insecure, since it means they have your actual password stored in the first place."
This is what I meant. But, aaah, hadn't thought of this: 'insecure...since it means they have your actual password stored in the first place.'
Possible they are unable to get it unless hackers dive in?0 -
This is what I meant. But, aaah, hadn't thought of this: 'insecure...since it means they have your actual password stored in the first place.'
Possible they are unable to get it unless hackers dive in?@marlene: If a website never has your password in the first place, they can't give it away (to law enforcement) or have it taken from them (by hackers), so I wish that all sites salted and hashed passwords and stored that instead. But as time goes on and more and more are falling prey to attacks they seem to be learning, slowly but surely. :)
0
