Feature request for Password Generator
If this isn't the right place for feature requests, let me know, and I'll post this there.
It would be nice if we had control over the amount of symbols in the password generator, like we had in 1Password 4. I like to have long passwords with symbols, but sometimes you run across a site that will only allow a small subset of symbols in your password. If you can set the amount of symbols to be lower, it's easier to get all the stars to align when generating a password so that there aren't any forbidden symbols in it.
1Password Version: 7.0.529
Extension Version: 4.7.0.90
OS Version: Windows 10
Sync Type: Not Provided
Comments
-
If this isn't the right place for feature requests, let me know, and I'll post this there.
@speedy1812: Nope! You've come to the right place! :)
It would be nice if we had control over the amount of symbols in the password generator, like we had in 1Password 4.
We don't have any plans to have an option for a specific number of digits or symbols, as you get a LOT more entropy when each character has the possibility to be any of them, rather than excluding after a certain number.
I like to have long passwords with symbols, but sometimes you run across a site that will only allow a small subset of symbols in your password. If you can set the amount of symbols to be lower, it's easier to get all the stars to align when generating a password so that there aren't any forbidden symbols in it.
That's a really good point. We are looking into ways to allow specific characters to be excluded. Unlike "X number of Y", which no websites I've seen require (they always say "at least one number and symbol" in my experience), you're right that some do disallow specific ones, so it's something that we're exploring. Thanks for your feedback on this!
0 -
I'm going to add my support for this idea here and mention that it is a very old suggestion. I made this suggestion on the forum years ago. It seems to me you could add a drop down list of the most common special symbol character sets with the last one being "custom." If you choose "custom," it would give you an empty box to put the characters in. Most sites that (stupidly) restrict the symbol character set list the symbols allowed. So, a simple copy and paste would solve all of these (very common) issues.
0 -
I'm not sure that a dropdown list is the way to go, and a big concern we have is that we don't want people excluding symbols and then never using those going forward even where they can. Suffice to say, usability is a big concern — especially since you're having to deal with these crappy website password restrictions in the first place. We'll see what we can come up with. :)
0 -
We don't have any plans to have an option for a specific number of digits or symbols, as you get a LOT more entropy when each character has the possibility to be any of them, rather than excluding after a certain number.
That is a good point, although your average user is likely to just turn off "allow symbols" altogether if they can't get the symbols thing to work, and that's not good for entropy, either. ;)
0 -
@speedy1812 - you see the balancing act that's sometimes necessary to bring the best security to the greatest number of people, then! 😊
0 -
That is a good point, although your average user is likely to just turn off "allow symbols" altogether if they can't get the symbols thing to work, and that's not good for entropy, either. ;)
@speedy1812: Yep. And that's exactly why our new password generator in 1Password X doesn't save the settings. Even if someone disables digits or symbols to comply with a specific site's restrictions it will go back to the sane default for the next. Otherwise you're right: someone disabling these may simply keep them disabled permanently. The good news is that even with only capital and lowercase letters, 20 fully random characters is sufficient to push guessability out into infeasibility. Using symbols and digits, where possible, is just future-proofing icing on the password cake. Mmm cake...
0 -
And that's exactly why our new password generator in 1Password X doesn't save the settings.
@brenty I think that's a good idea. And if you were to implement that in v7, you could give us more options to dumb down our passwords on an as-needed basis, without having to worry that a user would dial back the amount of symbols, and then forget to dial it back up again. :)
0 -
@speedy1812: I think this could be the start of a beautiful friendship. Looking forward to the new password generator making its way across the lineup. :chuffed:
0 -
"...a big concern we have is that we don't want people excluding symbols and then never using those going forward even where they can."
As mentioned later in this thread, the fill-able drop down idea I mention could be reset every time you open the pw generator. So you can only use the custom symbols for a particular website on a one by one basis.
0 -
I agree with @speedy1812 but for a different reason. I've had enough cases where I need to generate a numbers only pincode. I don't duplicate pincodes across services, and I've used the password generator feature to make unique pincodes.
I set the length of the needed password to 6, then set the amount of digits to 6, thereby ensuring the random generated password contains only numbers.
This use case is broken in 1PW7.
0 -
As mentioned later in this thread, the fill-able drop down idea I mention could be reset every time you open the pw generator. So you can only use the custom symbols for a particular website on a one by one basis.
@kazooless: More symbols are better than none, so I think a dropdown may be too limiting. You're right that it could reset though. Cheers! :)
0 -
I agree with speedy1812 but for a different reason. I've had enough cases where I need to generate a numbers only pincode. I don't duplicate pincodes across services, and I've used the password generator feature to make unique pincodes. I set the length of the needed password to 6, then set the amount of digits to 6, thereby ensuring the random generated password contains only numbers. This use case is broken in 1PW7.
@Superfandominatrix: Indeed, while this isn't something that is possible in the new Windows app yet, it's something we're working on. You can see what we've already done with the new password generator in 1Password X:
So, a taste of things to come. ;)
0 -
@brenty that looks perfect~ thank you
0 -
:) :+1:
0 -
@brenty I must not be communicating well enough. It’s not the drop down idea that is primary in what I’m trying to get across. If you recall, when I first mentioned it above, I concluded with the idea the last item in that drop down could be a custom field. Whether it is in a drop down menu or otherwise, my suggestion is:
a field that allows you to input the symbols allowed for this specific password.
This would give you full customization ability for the times you need that.
It would also make it very easy with those sites that are at least polite enough to tell you what symbols are allowed as then a simple copy and paste would work.
And it should be programmed to reset every time so it isn’t accidentally used next time.
Inevitably, any other solution is going to run into scenarios where you have to edit the generated password to include only the allowed symbols. This is a royal pain in the butt as I’m sure every single one of us knows. Since there will always be situations in which you have to manually change a generated password, thereby making it less random, why not give the user the ability to supply the symbol character set for when it is needed? (Whether it is an option on a drop down menu or not)
I hope this is more clear (and helpful).
0 -
a field that allows you to input the symbols allowed for this specific password.
@kazooless: Gotcha. Thanks for boiling it down for me. I agree that could be useful if we present it in a clear way. :)
This would give you full customization ability for the times you need that. It would also make it very easy with those sites that are at least polite enough to tell you what symbols are allowed as then a simple copy and paste would work. And it should be programmed to reset every time so it isn’t accidentally used next time. Inevitably, any other solution is going to run into scenarios where you have to edit the generated password to include only the allowed symbols. This is a royal pain in the butt as I’m sure every single one of us knows. Since there will always be situations in which you have to manually change a generated password, thereby making it less random, why not give the user the ability to supply the symbol character set for when it is needed? (Whether it is an option on a drop down menu or not) I hope this is more clear (and helpful).
Agreed 100%. Thank you for bearing with me here. :)
ref: b5x-335
0 -
:) :)
0 -
1Password X also has some Machine-Learning-trained dataset to help with figuring out what password can be generated on the site, meaning it can dynamically change its settings to remove symbols that wouldn't work on the site. This'll help with reducing the need to customize settings often.
It's going to get better in time, we just wish we could clone our developers, so everything could get done quickly. :smile:
0
