Suggestion - Counters at Watchtower, Heartbleed and Weak / Duplicate passwords

When I start 1Password I see the views

  • Weak Passwords
  • Duplicate Passwords
  • Heartbleed
  • Watchtower

Behind none of these entries there is a counter, so I supposed that everything is OK.
But when I click on one of those entries (like "Watchtower" or "Weak Passwords") then behind the entry there is a counter shown.

I think it is risky that the user does not see the counters from the beginning.
Especially for Watchtower there should be a check at startup (when loading the password file) and then the counter should be updated.
Here the user can see "Oops, there are pages where a password change is urgent".

So please update those counters after loading the file and after I have changed an entry.
It is more secure this way!


1Password Version: 4.6.0.604
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @OLLI_S,

    This will not be implemented in 1Password 4, the main reason is performance. It's the same reason the item counts on the sidebar aren't updated until you click on category item first. In order for the item count to accurate, the entire database must be decrypted and parsed each time you do something and this can cause severe performance degradation based on how large your vault is.

    We do check in real time when you select an item and we will present a red banner there, we just don't update the item counts. If you see no (), that means it hasn't been updated and you need to click on it.

    This will likely work in 1Password 6 instead.

  • OLLI_S
    OLLI_S
    Community Member
    edited August 2016

    I had to reset my Windows 10 in my virtual machine to get a clean system without 1Password installed (took me 30 minutes).
    I did this to see the default view settings in 1Password (just for this posting).
    Then I installed 1Password 4.6.0.604 for Windows.

    In the default settings none of the 4 entries (Weak Passwords, Duplicate Password, Heartbleed and Watchtower) in the sidebar is visible.
    Especially for Watchtower this is critical, because many users will not know about Watchtower this way, because they use a software in the default settings and normally don't change anything.
    Believe me, I work for Software-Ergonomics, Usability and UX.

    So my first suggestion is that you show them in the default settings.

    Second you should add an Checkbox in Settings -> Security.
    Name it "Check database for vulnerabilities (Watchtower) at startup" and add the comment "Note: this may take several minutes depending on the size of your vault".
    This option is turned off by default, so users like me can enable it if they want to.

    Alternatively you should add an Checkbox in Settings -> Security.
    Name it "Remind me to check for vulnerabilities (Watchtower) every" and followed by a listbox with some time periods like "Weekly", "Monthly".
    So users get a reminder to check their URLs.

    You also may show a message like "Database not checked for vulnerabilities (Watchtower) for 2 months now" in the status bar.
    This also might be an good option.

    You have such a fantastic security concept that helps to keep my passwords safe.
    But users might not use it, because it is not promoted much.

  • Hi @OLLI_S,

    Thanks for your suggestions. These are already on our list to do for 1Password 6 for Windows, this is how 1Password 6 for Mac does it already and we have this:

    1Password 6 for Windows will get the same view, same default settings and so on.

  • OLLI_S
    OLLI_S
    Community Member

    @MikeT
    I am using the stable version of 1Password for Windows, I did not install the current beta.
    I don't have a Mac, I am a Windows guy.
    So I send my suggestions that I have notes not knowing the other systems.

    What do you think about adding the reminder suggestion or the warning in the status bar that I suggested above?

  • MikeT
    edited August 2016

    Hi @OLLI_S,

    We'll see what we can do but most of the focus is on 1Password 6 Beta for Windows. Unless it is critical, we will only add major changes + new features to 1Password 6 first.

  • OLLI_S
    OLLI_S
    Community Member

    It would be fantastic if you implement it.
    And for me it is OK when you would implement it in 1PW 6.
    New features in new versions.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Great! Thanks for the feedback! :chuffed: :+1:

This discussion has been closed.