Disable "duplicate password" feature for some logins or a tag

muuvmuuv
muuvmuuv
Community Member
edited November 2018 in Mac

I have two logins which have the same password, which is okay because I have an Active Directory account. I just store the logins separated for a better overview like one for my email account and the others for a WordPress backend.

So, I would like to have an option to disable the "Duplicated password" feature for those or for a tag because the red bar is really annoying when working with the extension very often. Or make the red bar collapsed (smaller) on the browser extension.

Thanks!
PS: pretty discussion board you have here!


1Password Version: 1Password 7 Version 7.2.2 (70202007) Mac App Store
Extension Version: 08.11.2018
OS Version: macOS 10.14.1
Sync Type: EU Server

«134

Comments

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @muuvmuuv! You're not the only one who'd like a way to hide or defeat the Reused Passwords warning on a per-item basis. It's something that we're considering, but I've nothing to announce yet -- and it may or may not happen, since allowing users to defeat a security feature isn't something we undertake lightly.

    If the two logins have different URLs AND different login usernames/email addresses, then I don't have a workaround for you. However, if all of the fillable credentials are identical and only the URL is different, you can add multiple URLs to a single Login item in 1Password.

    Glad you like the forum layout! We use Vanilla, with some custom add-ons by our own programming team. I'll tell them you approve; it'll make their day. :)

  • muuvmuuv
    muuvmuuv
    Community Member

    Glad to hear that! I'm aware that I can add multiple URLs but I like to have different accounts for different needs separated :). Looking forward to see some change there. I don't mean to completely remove the feature, just to make it less present when working with quick password fills. Have a look at my attachment, I can not quickly access the password or 2FA, I need to scroll and that makes the UX less smooth.

  • Lars
    Lars
    1Password Alumni

    @muuvmuuv - thanks for the feedback. We are in the process of making some changes to the mini's UI, so please stay tuned and keep an eye on release notes. Meanwhile, thanks for your patience.

  • ekulis
    ekulis
    Community Member

    Hi,
    How about a password grouping feature where they aren't counted as duplicates.
    For instance, I work on 4 different Macs almost daily. They are in 2 groups. I've got a desktop and a laptop set for each of home and work.
    I use the same password for each set of desktop and laptop. So I'd like to not see the dup password message telling me the my desktop and laptop have the same password.
    Another feature might be to allow a banner sizing where I could set the banner size to maybe a small red icon for "ok" dupes.
    I agree that URLs should have different password for each. But other things like servers and DBs where 1Password can't populate the password having dup passwords is ok.
    -ed

  • Lars
    Lars
    1Password Alumni

    @ekulis - thanks for weighing in. We've got some refinements to this feature in the works, based in part off user feedback. Stay tuned for future updates and thanks for the suggestions. :)

  • marzzz
    marzzz
    Community Member

    I also have duplicate passwords, and I wish to turn off the banner- there are certain instances where I use the same password in several different places when dealing with one specific company and its software, as well as a more basic password that is easy to remember on "less important" sites. I appreciate the warning, but there are times I really want to have duplicate passwords, thanks.

  • Lars
    Lars
    1Password Alumni

    @marzzz - thanks for weighing in on the subject. :)

  • commiepinko
    commiepinko
    Community Member

    I appreciate applications which allow me to disable warnings. I often have good reason to do things developers consider ill-advised and (with all due respect and courtesy) really do despise being nannied. Help isn't help when one can't shut it up - it's aggression.

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @commiepinko! I've changed your username slightly in accordance with this forum's Terms of Service because we try to keep things family-friendly in this forum. Thanks for weighing in on this subject. :)

  • devnall
    devnall
    Community Member

    Another bump for this feature request.
    I appreciate that the default is to warn for dupes and think that doing so is completely appropriate but I have a couple of scenarios where I have a good (or at least considered and intentional) reason for using a duplicate password. Getting a big visual warning that can't be disabled and isn't applicable to my situation gives me alert fatigue and makes me less likely to pay attention to 1Password warnings that are actually useful to me.
    Much like you've done with the 2FA/HTTPS warnings, being able to add a "duplicate" tag to specific entries to suppress that warning would be helpful.

  • We do have some thoughts around how to address this difficulty. I can't say for certain if or when changes will be available but we have done some brainstorming and have written some code that we're testing out.

    Ben

  • hoosiernick
    hoosiernick
    Community Member

    I'll weigh in on this as well. Our company uses Single-Sign-On for several applications, all based off of Azure Active Directory. Where we use SSO, we require 2-Factor Authentication, so even though I may have the same user name and password for these sites, I have a unique 2FA code for each. This (to me) keeps them secure, but it also is why I don't want to use one single entry in 1Password with multiple URLs - I'd have to either use a different authenticator app, or scroll a LOT when trying to find the right 2FA code to use. Plus the auto-clipboard feature would be worthless as I wouldn't have just one default 2FA key.

    Being able to either "link" the related accounts so that 1Password doesn't view them as reused passwords, or the ability to selectively disable the reused password warning would be greatly appreciated.

  • Gnuschel
    Gnuschel
    Community Member

    I am really curious when an improvement will come, because I find this Dedup message really annoying - every time I see it, I wonder if I should "downgrade" again.
    In principle a warning is good, but in today's world with 2FA and SSO many have the same problem: This Dedup message is much too prominent and I like to do without the Darkmode, just so that I don't get this Dedup message anymore, until a solution is found.
    Here's my idea on how to do this to get warned, but the Dedup message doesn't really show up

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @Gnuschel and @hoosiernick! Thanks for weighing in on this topic. :)

  • bench
    bench
    Community Member

    Between this issue and the immovable "Watchtower" item in the sidebar that now steals valuable real estate from "Categories" by being on top of them it feels as though 1Password 7 for Mac has become increasingly hostile to power users. Especially ones who have usage patterns that don't agree with AgileBits' ideas about password management. I've long ago switched back to 1Password 6 - it not only has a more friendly user interface for my needs but feels faster to boot.

    I hope you guys fix this stuff in the future, but for now 1Password7 is not for me :(

  • ag_ana
    ag_ana
    1Password Alumni

    Sorry to hear this @bench. But we do appreciate you taking the time to post this feedback, and we hope that 1Password 7 will be the right choice for you soon.

    And welcome to the forum :)

  • KevinSayHi
    KevinSayHi
    Community Member
    edited April 2019

    Similar use case to ekulis above: I have several SSH keys sharing the same passphrase, but they need to have separate entries since the sharing may end for one or more items at some point. Would love to to be able to reclaim some screen real estate in the UI when a duplicate is "acknowledged". Please count my vote in.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks for your feedback! It's helpful to know the specifics of your use case. :)

  • cfibanez
    cfibanez
    Community Member

    +1 to this. Just upgraded to 1Password 7 after buying a new iMac with Mojave. It is very annoying to have those orange banners. They take space and are just purely patronising. Please include a feature to remove all that. Thanks.

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for sharing your thoughts @cfibanez!

  • jenlampton
    jenlampton
    Community Member
    edited July 2019

    I would also like to add another vote to a disable feature for the duplicate password nag. I am a web developer and have 4 copies of every site I work on: local, dev, test, live. Of course I have 4 duplicate passwords -- these are the same website with the same database.

    you can add multiple URLs to a single Login item in 1Password.

    That sounds nice, but I was using 1Password long before this feature was added. I have years of separate "Login items" stored in 1Password already.

    Is there a utility that will update my existing login items to match this new required format? I'm definitely not going to manually modify hundreds of records just to make a nag message go away... it would take hours :(

  • AGAlumB
    AGAlumB
    1Password Alumni

    I would also like to add another vote to a disable feature for the duplicate password nag. I am a web developer and have 4 copies of every site I work on: local, dev, test, live. Of course I have 4 duplicate passwords -- these are the same website with the same database.

    @jenlampton: Thanks for your feedback -- especially the specific use case. :)

    you can add multiple URLs to a single Login item in 1Password.

    That sounds nice, but I was using 1Password long before this feature was added. I have years of separate "Login items" stored in 1Password already. Is there a utility that will update my existing login items to match this new required format? I'm definitely not going to manually modify hundreds of records just to make a nag message go away... it would take hours :(

    There is no automated way to merge multiple items. You'd need to do that yourself, just as you created all of those yourself in the first place. To be clear, there isn't anything to "convert" at all. It isn't a requirement; the feature is just there for those who want to use it.

    Personally, I like using multiple URLs for organizational and usability reasons -- quite separate from anything involving Watchtower. For example, when I search for something in my vault, if I've got a ton of incredibly similar items, that makes it really hard for me to find the one I want. So I consolidate things into a single item when it makes sense to.

  • jenlampton
    jenlampton
    Community Member
    edited July 2019

    There is no automated way to merge multiple items. You'd need to do that yourself, just as you created all of those yourself in the first place.

    I didn't create them myself. All I had to do was log in to each website, and hit the handy "Save" button provided by 1Password. Now, because of the way those saved (as separate items, instead of as different URLs for the same un/password combo) I'm getting an error telling me a password is shared.

    the feature is just there for those who want to use it.

    Or, apparently, as a work-around for this new non-dismissible nag message that provides zero value for any of the 100+ sites I'm seeing it on.

    Personally, I like using multiple URLs for organizational and usability reasons

    Yeah, I might too, but I'm not going to spend hours setting it up for the hundreds of existing sites in my 1Password. Maybe I will for new ones, now that I know it's possible. But that won't help with this nag bug :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    I don't want to get into a whole thing here, but yes, you would have had to create them yourself by saving them. 1Password simply doesn't save Logins without your say-so. It would offer to save login credentials on a website where you didn't not already have a Login saved with those same login credentials. Anyway, while we can't stop you from creating multiple Logins for different sites with the same credentials, as mentioned previously, we're exploring ways that might help you work around it. Cheers! :)

  • Sebastian Rasch
    Sebastian Rasch
    Community Member

    Even mail account items nag me. Of course my Gmail has the same password as my Google login. There's just no way to change that.
    The same for my Skype account, Outlook mail and Microsoft Live login. Of course they all need to have the same password.

  • Lars
    Lars
    1Password Alumni

    @Sebastian Rasch - yes, we're aware of the issue. As brenty mentioned, both the accounts.google.com URL and the gmail.com or googlemail.com URL can be added to the same record. That may be a solution for you. In the meantime, we're exploring ways that will allow users to choose to suppress such unavoidable warnings, in a way that doesn't render the feature moot or allow less-experienced users to simply turn it off, perhaps inadvertently. Thanks for weighing in.

  • Sebastian Rasch
    Sebastian Rasch
    Community Member

    No I'm talking about email account items. They don't even have an URL and I use them to store the server information and so on for third party mail apps like Apple Mail. But they can't be used to login on the website so I have an login item as well – obviously with the same password.

  • doyouthinkhesawrus
    doyouthinkhesawrus
    Community Member

    I have credentials that I use in a work vault & a personal vault. In fact I used the "copy to vault" feature to duplicate an item; immediately I get the "Reused Passwords" warning. It would be awesome to retain provenance on items to defeat these warnings. Similar to linking items, but "copied from" or some such.

  • Thanks for the feedback, folks. We are searching for a way to improve this without defeating the purpose.

    Ben

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Sebastian Rasch: You can use Login items for that purpose. Since you are almost certainly going to want to use 1Password to fill your account credentials on the website, that's the only way that will work. And then you can add the server info, etc. to that same Login item (either under Notes or in custom fields -- your call) to have only a single item with those credentials, which avoids Watchtower telling you you're reusing the password, and, I think, is much nicer organizationally. Just a thought.

This discussion has been closed.