1Password X - Password Generator definition when changing a site password

Hi,

I do not know whether this has been asked before (the search function did not give me any results) but I just noticed, that the settings I have in the password generator tab in the extension do not translate over to the automatic process when I try to change a password on a certain site.

Let me explain what I mean: I wanted to change my password on a forum. I entered my old password through the X extension pop-up. As soon as I clicked on the new password field X gave me the suggestion of using a newly generated password. As this password seemed rather short I checked my settings in the extension itself and it said 30 characters and symbols and numbers but the suggested generated password in the pop-up still is not very long.

Why is that and is that by mistake? Or is there an option to change the recipe of the proposed new password in the pop-up?


1Password Version: Not Provided
Extension Version: 1.9.0
OS Version: Windows 7
Sync Type: Sub

Comments

  • Hey @JohnnyFJohnsson! Generated passwords can be customized in the popup but the inline menu will still suggest a password using the default settings. We initially chose this route so that a strong password would always be suggested, however, we might look into adding an option in the settings so that you can choose custom password generator settings instead.

  • JohnnyFJohnsson
    JohnnyFJohnsson
    Community Member

    Hi @DaltonD and thanks for your quick reply. I understand the reasoning behind it to not chose a weaker password than suggested but in my case, I would sometimes even want to use a stronger (longer) password.

  • gmaister22
    gmaister22
    Community Member

    @DaltonD the problem is that most websites, accept a specific amount of characters, i've been so many times in a situation, that i use the suggested password, then 1Password X will save it and then the website would redirect me back and tell me that the password is too big or it doesnt have special characters (some of them require it)

  • AGAlumB
    AGAlumB
    1Password Alumni

    the problem is that most websites, accept a specific amount of characters,

    @gmaister22: That hasn't been my experience, and I test a bunch of sites each week in addition to my own normal use. But certainly some websites do have odd password restrictions.

    i've been so many times in a situation, that i use the suggested password, then 1Password X will save it and then the website would redirect me back and tell me that the password is too big or it doesnt have special characters (some of them require it)

    As they say, there's an app for that: 1Password X has a full-featured password generator you can use.

    I understand the reasoning behind it to not chose a weaker password than suggested but in my case, I would sometimes even want to use a stronger (longer) password.

    @JohnnyFJohnsson: Likewise, this should help:

    Cheers! :)

  • jeffreydwalter
    jeffreydwalter
    Community Member

    I have also run into this problem. It might be useful to have 1Password look at the attributes defined on a password input and at least warn the user that their generated password is going to be too long.

    On that note, have you guys given any thought to using NLP (natural language processing) to parse password rules on password forms to try and intuit password generation settings?

    Last suggestion; It would be great to have the password generator store the settings which were used for the last password. i.e., I setup a password with length of 16, numbers 5, special characters 5. Then when I need to generate a new password for that account, it would remember and generate a new password with the same characteristics.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @jeffreydwalter: Those are great suggestions, but unfortunately they don't help in most cases. Many websites only return any actionable information on password requirements after submitting, and others not at all. It's not really a better user experience if we add something like that and users cannot actually count on it working. And similarly, it seems like it may not be the best use of development and testing resources too. Saving password requirements is also questionable, since the first time 1Password generates a password for a site is most often the last time. And they can also change over time. However, we do have some ideas that may help in the future. We haven't given up. :)

This discussion has been closed.