Longer password generation

mikerobbo34
mikerobbo34
Community Member

Team

Are there plans in the product roadmap to introduce longer password generation? i.e. more than 64 characters; 128 or 255 characters.

I need to test using a third party password generator (up to 128 character passwords), but since I’m asking, can one copy and paste passwords that are longer than 64 characters into 1Password for saving?

Is there any scope for adding a field of option to capture a login account’s password policy for future reference? I ask because most accounts do not specify the organisation’s password policy at first glance; you often have to fumble around to work it out, most specifically the maximum password length.

Thanks

Michael

Comments

  • jpgoldberg
    jpgoldberg
    1Password Alumni

    Hi @mikerobbo34!

    Addressing your second question first,

    Is there any scope for adding a field of option to capture a login account’s password policy for future reference?

    That would be fantastic, but it turns out to be harder than it may first appear. There have been some interesting crowdsourcing schemes proposed that that are very enticing. (Similarly for "change password" pages and mechanisms.) The difficulty is that it would be in an attackers interest to submit incorrect data via the crowd sourcing scheme; so there would still be a labor intensive process of verifying the information.

    As for your first question,

    Are there plans to introduce longer password generation?

    We have no plans to extend the UI to generate passwords longer than we do. Please keep in mind that a mixed case letters-only generated password of length 23 is already stronger than most of the cryptographic keys used in systems. There is absolutely no security gain in getting a password that is stronger. The limits of what our password generator will do are constrained by the user interface. Generating larger passwords would mean having to make the Helper window much wider or other changes to where the generate displays things. But the existing limits are far larger than any password needs to be.

    can one copy and paste passwords that are longer than 64 characters into 1Password for saving?

    Yes. There is no hard limit on this. (Ultimately memory limits will come into play.) But really, you are not gaining any security with passwords of that length. And note that some places you may use such password will silently truncate the passwords you give them.

    But have fun with such passwords if that is what you want. You can store and manage them in 1Password. But if you want to use our password generator to create them, you might have to generate several passwords and glue them together yourself.

This discussion has been closed.