iPad/iOS App feedback

kop48

I'm doing my annual 'help your parents fix their digital life' trip. I had to go through and help my Mum update a bunch of data in her accounts, and therefore 1Password. I have some feedback about the behaviour of the iOS app that made my life much more difficult than it should've been.
1. Cannot edit password in-field - lots of websites have stupid complexity rules, and this makes updating the generated password to meet them very difficult when I have to guess what characters I'm about to change in the masked password field.
2. When editing password manually, it copies the generated password instead of the edited one - per the above point, if you do update a generated password to meet complexity rules, then hit done, the password that's copied is the generated one, not the updates to it.
3. When changing password, the extension defaults to replacing the current password instead of the 'new password' fields - this happens if you use the iOS 12 'Passwords' functionality to create a new login for one that wasn't already registered.
4. I create new sections for security questions, then create password fields within it to create random answers to security questions. Unfortunately, when creating new field while editing the previous one, the caret stays in previous field instead of moving to the new field's title.
5. There's no way to modify a field's type once it's created. For my Mum's case, I'd like to use the random password generator to create pronounceable passwords, then change the field type to text so that she can read them easily. I can do this on the Desktop apps, but not the iOS one.
6. Tapping on arrow when in split view 30% takes multiple hits to actually open the details of the item. I couldn't repro this 100%, so take this one with a grain of salt.

Happy to answer any questions.

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

AGAlumB

@kop48: Thanks for taking the time to help your family, and give us this feedback!

1. Cannot edit password in-field - lots of websites have stupid complexity rules, and this makes updating the generated password to meet them very difficult when I have to guess what characters I'm about to change in the masked password field.

That's Secure Input. It just isn't possible to change the properties of a password field, which is good for security, since it prevents other apps from capturing what you enter. So when editing we use a separate display field. I agree it's not ideal. Perhaps there will be a better way available in the future.

2. When editing password manually, it copies the generated password instead of the edited one - per the above point, if you do update a generated password to meet complexity rules, then hit done, the password that's copied is the generated one, not the updates to it.

I'm pretty sure that's just a bug. It's a bit complicated due to what I mentioned above, but we'll see if we can get that fixed up.

3. When changing password, the extension defaults to replacing the current password instead of the 'new password' fields - this happens if you use the iOS 12 'Passwords' functionality to create a new login for one that wasn't already registered.

Unfortunately that's not 1Password, and therefore not something we control. The new iOS 12 Password Autofill feature is fantastic about filling, but it as far as I can tell it does not have any special handling for password change forms. You'd need to copy and paste in that case. You may have better luck using the 1Password extension in the Share [ ↑ ] menu.

4. I create new sections for security questions, then create password fields within it to create random answers to security questions. Unfortunately, when creating new field while editing the previous one, the caret stays in previous field instead of moving to the new field's title.

I'm not sure everyone would agree that the cursor should move to a new field if you haven't yet interacted with it, and this is standard iOS behaviour, but I do see your point. In this case it may be better if it "follows" the newly created field. We'll look into it.

5. There's no way to modify a field's type once it's created. For my Mum's case, I'd like to use the random password generator to create pronounceable passwords, then change the field type to text so that she can read them easily. I can do this on the Desktop apps, but not the iOS one.

Hmm. For some reason I really thought it was possible, but you're right. I guess it doesn't come up much since it's pretty easy to create a new field, but I agree it would be nice to be able to change them. Thank you for bringing this up!

6. Tapping on arrow when in split view 30% takes multiple hits to actually open the details of the item. I couldn't repro this 100%, so take this one with a grain of salt.

Hmm. I'll see if I can reproduce it. I feel like maybe that's happened to be before, but I thought maybe it was just my fat fingers. Thanks for the heads up! :)

kop48

That's Secure Input. It just isn't possible to change the properties of a password field, which is good for security, since it prevents other apps from capturing what you enter. So when editing we use a separate display field. I agree it's not ideal. Perhaps there will be a better way available in the future.

How do folks edit passwords to meet complexity rules without doing this? I can't imagine that this is an isolated use case?

Hmm. For some reason I really thought it was possible, but you're right. I guess it doesn't come up much since it's pretty easy to create a new field, but I agree it would be nice to be able to change them. Thank you for bringing this up!

I'd like to clarify that I use this not for passwords, but answers to security questions. :)

AGAlumB

How do folks edit passwords to meet complexity rules without doing this? I can't imagine that this is an isolated use case?

@kop48: Well, first, that's not typical. Certainly almost anyone has encountered a site like that, but it isn't most sites (the restriction I hit most often is, sadly, length), and most people aren't setting up new accounts or changing passwords for them regularly. So it doesn't come up much compared to filling -- both for users and for us supporting 1Password. As far as actually getting a usable password when encountering a case like that though, I couldn't tell you what most people do; we don't get telemetry on anything, certainly not people's passwords. But personally and based on what I've heard from other 1Password users, just regenerating seems popular, and, frankly, is best for security. Editing a generated password makes it less random, and 1Password will reflect user interference in its strength calculation as well, showing it as weaker. It's pretty easy to hit that "regenerate password" button to get a password without, as an example, $, and it you'll get the strongest password as a result due to the entropy of something truly random. :sunglasses:

I'd like to clarify that I use this not for passwords, but answers to security questions. :)

Ahhh. Okay. I was really curious, but felt like it wasn't my business. I appreciate the insight! :chuffed:

kop48

Well, first, that's not typical. Certainly almost anyone has encountered a site like that, but it isn't most sites (the restriction I hit most often is, sadly, length), and most people aren't setting up new accounts or changing passwords for them regularly. So it doesn't come up much compared to filling -- both for users and for us supporting 1Password.

You clearly don't interact much with Australian and non Tier-1 websites :pirate: :p

AGAlumB

I test every one a customer mentions to me, so you'd be surprised...and perhaps horrified by the interactions I've seen. :lol: