Watchtower incorrectly flags passwords as weak, when it's really the old one that is weak

Options
perl_coder
perl_coder
Community Member

In Watchtower -> Weak Passwords, several passwords are reported as weak, even though they are long with alphanumeric+symbols.

In each case there is an old password in Password History that really is weak. So it appears 1pw is checking the historical password, and incorrectly flagging the current one as weak.


1Password Version: 7.0.4
Extension Version: X - 1.7.3
OS Version: 10.13.4
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni
    Options

    @perl_coder: Thanks for getting in touch! I'm not able to reproduce that so far here. Would it be possible for you to generate a new password and change it for this login, to see if you're still experiencing the same issue? One thing that can sometimes cause confusion is that if 1Password doesn't save the password itself, it doesn't know how it was created and will view it as weaker than it would otherwise, since the likelihood of a user-entered password also being user-generated is fairly high. And, if possible, and you're still seeing the same behaviour when 1Password saves a generated password, perhaps you'd be willing to share a "sanitized" copy of that item with us so we can try to figure out the cause. Let me know!

  • perl_coder
    perl_coder
    Community Member
    Options

    @brenty: thanks for the response. Yes, you are correct - it is not related to an old weak password. I created a new login with a weak password, and changed to a good one and it is correctly called "Fantastic". So it's not related to an old weak password.

    However, I still have a couple of logins that are indicated as "weak" when they are not. If I edit them and make a change, which I undo before saving, the password is still flagged as weak. If I edit it to make a small change, save it, it is now labeled "Fantastic". Then if I change it back to the original (good) password, and save it, it is now correctly shown as "Fantastic". So somehow an old score is kept around. I'm not able to replicate that.

  • JadC
    JadC
    1Password Alumni
    edited June 2018
    Options

    Hi @perl_coder, this may be because of the new password strength calculation implemented in 1Password 7. If you are able to reproduce the issue going forward, please feel free to let us know :smile:.

This discussion has been closed.