Vulnerability Alert.
I am clearly missing the point here. I have set up a login to my bank. The first page requires a “surname” and a “membership number”. The second page requires input from a unique number that is sent to your iPhone, so that second page, I accept, will have to be done manually, each time.
The log in works. It completes the two entry items in the first page mentioned above and takes me to page two. Fine, all seems to be working.
However I am then given the message that my “password” is vulnerable and I should change it. I see dots and do not know what my “password” is. I am aware that did not give one at any point. I simply filled in a “surname” and a “membership number”.
So I go into EDIT, and see that my username is now my Membership Number. Fine. That’s odd but doesn’t seem to be important.
I then click on PASSSWORD and a new complex password is produced which I accept. I SAVE and get out.
The login no longer works!
Am I supposed to copy that complex password and go to my bank web site and go through the process of changing my password? Surely not.
Help.
Comments
-
No, you should have ignored that warning. The problem is that 1PW had (because it has to assign fields) treated your membership number as being a password. And then it throws up a warning because if it were genuinely a password then it would be a very weak one. Hopefully at some point it will be possible to manually tell 1PW not to warn on a site-by-site basis.
0 -
I'm sorry to hear that you're having trouble with your bank Login. As @danco says, it sounds like due to the bank's unique set-up, 1Password saved the Login in an unconventional way.
If you would send us the URL of your bank (either here or by direct message if your prefer), we'd be happy to figure out how to make this Login work properly for you.
As far as the vulnerability alert goes, we are working on training 1Password to ignore membership numbers, PINs and SSNs and the like for the purposes of the Security Audit.
0
