Setting Preferences for Special Characters

I've run into this problem numerous times now. I've employed a work around where I open 1password on a separate tab, generate a password, add/remove special characters as necessary, paste into the needed account to test if it's accepted, then come back to 1password and save a login. I did this 72 times yesterday as I went to update my compromised accounts with stronger passwords. Suffice it to say, the added time to accommodate the inability to remove certain special characters from password generation circulation was pretty upsetting. It maybe the websites fault for implementing antiquated security requirements but 1password is advertising itself as a solution for our password issues. This falls squarely within that mission statement.

Ran into this again being an issue when setting up AWS passwords.

Looks like your open source competitor had some issues implementing it but does offer it as a feature: https://github.com/keepassxreboot/keepassxc/pull/1841

+1 for this.

Question: I've always used the "Avoid ambiguous characters" checkbox, seen here https://apps.apple.com/be/story/picky-password-criteria-no-pr0b1em/id1477374257, but don't see that any more. (macOS v11.0.1, 1Password7 v7.7 ) I've looked through all the settings and cannot figure out how to get it back. Suggestions?

:( (thanks for the info; i hope it returns)

+1
I'm near my 1-year renewal and this is a factor in my decision to stay with 1password or switch. I'd love the ability to generate my own special character list. In my own experience it seems like @ and * come up nearly every time under random generation, yet + or = never come up.

1000 upvotes to the OP. A field in the generator where you can key in the acceptable(or unacceptable) characters for generation would save much consternation. Leave it blank for everything to be fair game (default).

I don't mean to sound condescending but it seems that after almost two years this capability should have been developed. It also sounds like someone is trying to get outside entities (industry) to change and not the application to a set business practices. The purpose of an application is to serve the users and I understand software design should also support best practices. I know that both ISO 27001 and NIST Guidelines provide such specifications but I haven't been able to determine if either of these contain a recommended set of characters. It's one thing to design to a standard which is preferred the only outcome is to not support those external entities that do not support the standard. The other item is if 1Password supports international language sets which I think would make this more difficult of a problem to solve.

With that said, I can only assume that 1Password software stores the acceptable characters that can be used to generate a password. I don't know the software design 1Password has developed and deployed but this is key because you don't want to start from ground zero and redesign from the ground up but to design an update. I would think that the application has one or more files, libraries, or some other containers that defines the acceptable characters that can be used in generating a password. The application then only needs to allow the user to set the values that can be used to generate a password.

The bottom line is that the application sole purpose is to support the user. A simple use case, as a user, if I want to take the default characters set which consists of (alphabetic characters (upper and lower case (52)), numbers (10), and special characters (32)) giving a total of 94 characters to use to create a password and limited that set to only 26 (clearly not a good practice) that is my options and responsibility as a user. As always an application should allow to revert back to a default set of characters.

Anyway this is my point and 2 cents worth. I need to be able to set the allowable characters, preferability at the password generation level (allowing me to alter the characters sets each time I generate a password) and not at the application core level.

Came here to suggest this feature and pretty disappointed that there's been years of requests and no action on this. I'd say the majority of sites I use now have specific (but common) restrictions on special characters. Sometimes I just give up on 1Password password generation entirely because it's too frustrating to manually "hack" when there are these parameters. Please stop ignoring this incredibly common roadblock to easy password generation.

Thanks, Ben. I appreciate this effort, but it doesn't quite address the issue we're all describing. This repository will likely not include the kinds of sites using outdated password requirements. Why not add a "Basic Password" type (with a warning, of course), that is less than 20 characters and has only 1 uppercase letter, 1 lowercase letter, 1 number, 1 basic symbol? Or better than that, sliders for each type of character (letter, number, symbol)? I know it'll never be perfect, but surely something can be done.

Also, this Smart Password type in the screen grab doesn't exist in my version of one password, which is 7.8.2. I can only guess this is a 1Password X feature (and thus not available in Safari)?

Yay! Finally the “dumb” password generator has been replaced by the “Smart” Password Generator. I can’t wait till the “Very Smart” Password Generator gets developed, using machine learning and AI to supplement the gains in the “Smart” Password Generator. I would imagine the “Very Smart” Generator being the fallback for sites not using a tag attribution will shine. I could see it that little bot parsing through the rendered display of code searching the page area immediately closest the password field looking to read what the site’s pass rules are. Sometimes password rules aren’t given or displayed on initial password creation and the bot would poll out and attempt a 1st pass hoping to either succeed or at least if fail repeat it’s area scan and find on the second pass the password rules of the site and generate accordingly. If it wasn’t lucky to pull the site password rules, it could make a few more attempts of varied Password combinations and just continue to cycle until one finally was accepted. That kind of bot maybe it wouldn’t be a “Very Smart” Password Generator; but it would be a “Tenacious” Password Generator. Just saying though… every once in a while I do enjoy more so employing the hard worker then the smart worker cause in the end the harder worker will be just faster and complete the job while the smart worker is still thinking things over trying to figure out what to do next.

Hehe daydreaming future 1Password Manager version XX+ is gonna be wicked cool.

Thank you for your product, I love that my passwords are secure"r". Secure to the point that I don't even know them. When I have to fight with the generator I sometimes end up with the wrong password saved into my vault, and the next day I am back on the toilet paper hula hoop. While this may be my own stupidity... that is what we users are, we are as stupid as our apps let us be. Frustration leads to the F'it moment where the skeleton "P@55w0rd" gets used. I don't do this but I know it happens, so this is a problem worth solving.
We are slaves to the sites we use, and because so many people choose $h!t passwords, sites lower the age. Making our lives even worse.

Presumably the current generator is not site aware or in anyway tied to my current entries, combined with the length of time this thread has been moderately active it is clear we (users) are still wanting something "better" from the user experience. I don't want to pretend to understand the underlying challenges, but it does seem odd that I cannot set a mask per login entry. When prompted for a new password 1password graciously offers the standard (at the browser field entry), perhaps I could optionally open my add-in, find my account, and initiate a new password there. The generator in the add-in can then use the mask per entry.
More assumptions. Fingers crossed, you can't see any of my data. But maybe I can opt into sending my domain/mask to your partnership with apple, and crowdsource. Even better there is a feedback loop that notes that other users are reporting a higher entropy mask can be used.

I hope this is all Captain obvious stuff, I am really just bumping this prayer for word peace and a better password generator.

Thanks again.

I thought a mask was the mechanism to store a regular expression (im not a programmer). Your Smart password only works for certain sites but there is a mechanism for storing the format the password must hit, that mechanism is some form of a mask.

I fear my example is about to expose me for the stupid user I am, but if I've be unclear perhaps I can muddy the waters further.

Using ChesterD's comment above, imagine I can use that form per password saved, but where you have a checkbox on Symbols include a dropdown next to it. If I hit the dropdown I can check or uncheck rows of symbols (say 10 rows of 5 characters) and even more granularly select and unselect the individual symbols (as buttons in the row).
Whatever I select, 1password stores the mask

The mask could be something like the first 2 character = length, the next is the alpha flag, the next is the digits flag, the next is the symbols flag 1 yes symbols, 0 no symbols, 2 only the characters that follow
18112#^&() = 18 characters alpha, num, only symbols #^&() there should be an asterixis in there

Whenever I use a password from the vault, the associated mask gets added to the password generator (replacing the previous mask).
The next time I use the generator it still generates the default, but optionally allows my to use the current mask to set the generator options.

If I set a mask for one of my passwords, I can optionally submit it to this public repository (noted previously) in the form crappysite.com:18112#^&*() Or however it is storing those masks... In fact whatever format they are storing that, is likely the format 1password should be.