Ignoring Weak Passwords

jefflen

I would like to also +1 for this feature because of some websites just won't let me to choose a strong password (maximum 6 numbers or characters). I still want to remain the password in the field to benefit from auto fill. It would be very useful to ignore them by adding some tag on them or some other mechanism. Thanks!

Ben

Hey @jefflen

Thanks for the feedback. In the meantime I'd encourage you to consider reaching out to the operators of these websites to discuss the merits of allowing stronger passwords. We'll continue to look at how we might approach this from our side.

Ben

romad

I have no problem waiting for the "check in the mail" ;) Actually, Agile is just channelling Orson Welles & Paul Masson: "They will ship no feature before its time."

ag_ana

@romad:

I am not sure I understand your comment. Can you please clarify?

romad

Ah, to be young again! Back in ancient times (about 40 years ago) the famous actor/director/writer/producer ("War of the Worlds" radio broadcast, "Citizen Kane", et al) Orson Welles was in Paul Masson Vineyards ads intoning "Paul Masson will sell no wine before its time!"

ag_ana

Understood :)

JonGiamp

I needed same thing recently. Any update? :)

Lars

Welcome to the forum, @JonGiamp! Nothing to share at this time.

ardasugur

I started using 1pass recently and saving (and changing) all passwords to this. But when I encounter this problem on one of my countries (Turkey) govern websites (income taxation) they have spesific rules for password. Only 6 digits. Well I can't make them change it. (They'll just ignore.) And I don't want a weak password prompt from 1pass constantly.
So please, make a tag or something else for obsessive people like us :)

ag_ana

Thank you for the feedback and for the specific example @ardasugur :+1:

ardasugur

I've made a workaround for now. Made a seperate vault (named Damned) and all weak prompted password went there. And I marked it as don't show it at all vaults. For now I don't see weak pass prompt at all vaults.
I'm sharing this for other friends maybe want to try.

ag_ana

Thank you for the suggestion @ardasugur! We appreciate your help here :)

twi42

Hi, this is also a security risk, as the notification is very visible and someone can quickly glance it from one's display when working in a crowded space.

ag_ana

Thank you for sharing your perspective on this @twi42 :+1: Perhaps the suggestion by ardasugar above might be useful in your scenario.

valsaven

+1 This can be useful for test contours when you are using something like user/123321 for local site development :)

ag_ana

:+1: :)

alexclst

+1

I’d actually like tag-based ways of ignoring any of the Watchtower warnings. I’m a web consultant and also tend to be family tech support, so have many logins in 1Password that are for accounts that I’m not responsible for changing, but that I also don’t want polluting the Watchtower categories alongside accounts that are in my control. I can’t easily use another vault because these are already in a vault shared with my partner, and anyway, want the logins appearing when quickly searching, hence in All Vaults. I like that this has been done with 2FA and http, but would like this expanded to the other categories.

ag_ana

@alexclst:

Thank you for your feedback on this!

I like that this has been done with 2FA and http, but would like this expanded to the other categories.

I know we are thinking of a way to do this without using additional tags: it's a solution that we don't particularly love, so I doubt it will have the form of even more tags.

firewaller

Just adding my +1 for this feature as well. There are some PIN style passwords that can't be very secure and dilute the feature. Adding a tag like "Weak Password" to ignore it would be really nice.

ings

I know you're working on this, but another +1.

I have accounts that insist on using pins not passwords. (Two Toronto examples: GreenP and City of Toronto Recreation Programs). I also have a couple of accounts that (believe it or not!) provide no way of changing your password. Having them appear in the weak passwords list is unhelpful noise.

ings

P.S. It would also be nice if you could suppress spurious "unsecured websites" warnings, for similar reasons.

ag_ana

@ings:

P.S. It would also be nice if you could suppress spurious "unsecured websites" warnings, for similar reasons.

You can already do this with the http tag ;)

ings

@ag_ana Great tip, thank you! 😀

My next question was is there a list of built in tags like 2fa and http somewhere, but I see that was recently answered:

https://1password.community/discussion/116772/is-there-a-list-of-tags-for-1password

ag_ana

That's correct @ings :) We are thinking about ways to improve this without relying on tags, so you should look at this as a temporary measure :)

carrer

Suppressing Watchtower warnings for various things seems to be a recurring wish. I'm in the same boat. Watchtower warnings have become so irrelevant that now I just ignore them altogether.

I'm at the point where I would happily disable Watchtower completely if it were possible. If no other solution is feasible, then perhaps such a master switch to turn off all warnings? I would happily take that over the current situation where Watchtower is warning me about dozens of items that have no security issues and nothing that can be done to satisfy Watchtower's demands.

Watchtower is a good idea, but right now the rigidity of its implementation has reduced it to a useless and irritating gimmick.

ag_ana

Thank you for the feedback on this too @carrer :+1:

matthew2

Any progress on this?

ag_ana

Nothing to share about this yet @matthew2, sorry!

dgkimpton

Would definitely love a way to hide this warning as some sites simply don't allow changing of the password and, whilst they should be ashamed of themselves, it really clutters up my UI. Something like the "2fa" tag would be ideal, that way I can find them easily or review them sometimes.

ag_tommy

Thank you for sharing @dgkimpton Hopefully, this is something we can find a solution for in the future.