Why no number and symbol is better?

@joan38: Are you maybe adding those characters (or whole passwords) yourself? 1Password intentionally rates user-provided passwords as weaker since we don't know where thy came from, whereas 1Password knows exactly how much entropy a password it has generated itself has, since it knows the character set and algorithm used, etc.

@joan38: Ah, thank you for the clarification. I'm not sure how well I can explain this, but the reason is that you've set them to "1": only one character in the whole password can be a digit/symbol in that case, rather than any character in the password potentially being one of any of the symbols/digits.

As a point of comparison, our new password generator which we're rolling out in all of our apps one by one has only a checkbox for digits or symbols. So, with "symbols" enabled, literally any of the characters in a 13 character password could be a symbol, instead of just one of them. You can get a better idea of what I mean by trying it here:

https://1password.com/password-generator/

Does that help? :)

Hi @joan38,

I've never been a fan of exactly x digits/symbols approach myself, I understand sometimes needing to ensure a digit is present because a site insists on it but I like my passwords as uniformly random as possible, selected from the entire available character set.