display which character 'number' each digit is of a password and key word
I know on a mac the Password can be displayed in this format. But I have two different bank account where I have a password, a pin number and a secret word. The Password gets me in the front door then I have to enter various digits from my pin number and then a combination of numbers from my secret word ( Unfortunately I used 1 Password to generate a complex secret word) Currently I have to use 1Password for the first section then a bespoke made page from apple notes which I manually Created a table showing the numbering of the secret word.
I would like some way of having all this detail on my bank details page in 1Password I have added both jpegs and pdfs to the page but as you know they don't display without loading them in the support app.
Bearing in mind the complexity of some banks and other websites, it might be useful to have various display tools for accessing accounts like these. So that you can customise a page specifically for accessing a difficult site. With all the changes banks keep adding to their security something more flexible than a straight login might prove more useful.
1Password Version: 6.6.3
Extension Version: 4.6.3
OS Version: OSX 10.12.3
Sync Type: Dropbox
Comments
-
With a long secret word I store it in the Notes section of the entry, and break it into groups of five. That was, the thirteenth (say) character is easily identified.
0 -
I create a custom field under the password and enter "12345678901234567890" in it to make it easier to navigate to the offsets (if you also make it of type password it uses a monospaced font so that the numbers line up.
It's a long standing request to have something better - unfortunately AgileBits take an unhelpful moral high ground on this. The banks are wrong to insist on these types of passwords as they aren't very secure. They want us all to complain to them (and indeed I have many times) - but they won't and so we are left in the middle trying to cope... it's very frustrating.
In my ideal world I could type into 1P ; 3.5.9 and it would show me this letters from my password for me. Maybe one day...
Tim
0 -
@Graemezee: Thanks for your feedback on this! There are certainly a lot of variations on this theme. With regard to the PDF/JPG you're saving, is that something that might work better in a text format if it were possible to use monospaced fonts, for example?
With a long secret word I store it in the Notes section of the entry, and break it into groups of five. That was, the thirteenth (say) character is easily identified.
@danco: Indeed, that's what I've been doing, but...
I create a custom field under the password and enter "12345678901234567890" in it to make it easier to navigate to the offsets (if you also make it of type password it uses a monospaced font so that the numbers line up.
@365nice: With ingenious hacks like that, I'm not sure it's such a pressing matter. That's seriously brilliant! :eh:
It's a long standing request to have something better - unfortunately AgileBits take an unhelpful moral high ground on this. The banks are wrong to insist on these types of passwords as they aren't very secure. They want us all to complain to them (and indeed I have many times) - but they won't and so we are left in the middle trying to cope... it's very frustrating.
Definitely frustrating. Fortunately there aren't so many of these cases at least. But morality doesn't enter into it. This is a security issue. After all, if they're able to match individual characters of your password, they're either storing it in plaintext on their servers (awful) or hashing individual characters and storing each of those on their server (nearly as awful). And yeah, whether it's our financial information or our customers', we object to that. Objecting to us won't help that unfortunately, as we'd like those who are responsible for some of our most sensitive information to take security seriously as much as you would. Think of it another way: If 1Password were storing your password insecurely, it's our job to address that, not someone else's.
In my ideal world I could type into 1P ; 3.5.9 and it would show me this letters from my password for me. Maybe one day...
That's a cool idea too. Perhaps. :)
0 -
Glad you liked the monospaced font hack.
While I do agree with you guys that its terrible that banks do this (I have about 10 of such passwords) - we still have to live with this situation. When this was first raised several years ago, AgileBits did say that they WOULDN'T consider a solution because we need to convince industry not to have these kinds of passwords. I did my bit by complaining to my bank and credit card - but of course that had zero impact and I gained a few more of these kinds of passwords in the meantime. I also haven't seen AgileBits make any industry effort to get this sorted, and equally 1P makes no attempt to help even though its the keeper of my passwords.
You can call it what you want, but I'm the sad customer that has to try and stay on top of it. And I curse everyone when I'm asked for characters 3,7 and 9 of my 16 character password.
0 -
I get where you are coming from @365nice, I really do. To be fair, however, this seems to be restricted only to banks from certain countries for some reason. Now, I am not saying that because of this, that's not an issue, it is, but so far, I have personally only encountered this in the UK, for example.
When I had to use such a website, I would make use of the large type mode in the password field, which comes with its own line of offsets below the password. It would be nice to have a way to automate this, I agree, but large type made it convenient enough for me, but again, I understand the frustration.
0 -
@365nice: We've currently got the Large Type feature with numbers in 1Password for Mac and the new Windows desktop app, but unfortunately since 1Password for iOS got Large Type first, it doesn't have the numbers (which we came up with later):
There are a few thoughts I'd like to leave you with for now:
- No matter what, we can't stop websites from doing this, but we can try to find ways to make things easier on you. Like your hack, the new Large Type is helpful, but ultimately not a complete solution, so we'll keep looking too. The complexity of dealing with this in web pages is enormous for the minuscule value gained, but for now Large Type is a good middle ground.
- Cross-platform consistency is a high priority for us (so that you'll get the same feature with the same functionality on all of your devices), but it's going to take time, though we're slowly making progress. Large Type still helps make it easier to find individual characters, but given that we have the technology, 1Password should really display the character numbers for you everywhere — including iOS and Android, and we've got issues filed for adding it to both in a future version.
I'm sorry that isn't of more help to you now, but we're working on it. :blush:
ref: OPI-3180, OPA-873
0 -
Thanks for updating. Numbered passwords would be awesome on ios (where I tend to look up these kinds of passwords). I had missed this on OSX, so where possible I will grab a laptop.
tim
0 -
It would be really nice to bring the numbers to the other platforms as well.
Rick
0