Stop check for reused passwords / weak passwords for some entries

gsachs
gsachs
Community Member

In my email account I can (and I did) create aliases. An alias is a different emal name for the same account and has the same password.
It makes no sense that I always see a red alert box on such accounts.
The same is true for some websites. Some companies decide to have a password in conjunction with a separate security ID. Both are weak, the combination is strong. There are two fields to enter, I cannot combine them. 1Passwort greets me with a red alertbox which makes no sense at all here.
The basic functionality of such checks is ok, but it should be possible to turn them off on selected items.


1Password Version: 7.9.828
Extension Version: Not Provided
OS Version: Windows10

Comments

  • PeterG_1P
    edited December 2021

    Hi @gsachs, thanks for highlighting this for us here. These are interesting cases indeed, and I can see the validity of your point!

    There have been a number of folks who previously suggested that we include a feature to exclude certain entries from Watchtower. For example, in some cases a company may require you to use a short PIN, and that's out of the user's control. Fair enough. Even a number of banks I can think of - really recently! - set surprisingly low limits on the number and type of characters they would allow a customer to use to create a password. And what you've shared here is another great example where traditional password strength assessments may not totally apply.

    That said, it's actually pretty complex to figure out how best to deal with this - should we assume that a user understands, having been notified once, that a given password is insecure? Should we continue to present them with that information because it is likely to be insecure, and they need to know about that vulnerability, even if it's not possible to change it? Would a temporary "exclude" feature be better? What about some other middle ground? We're working through options on this, as resolving this issue something we're very interested in doing well.

    Thanks again for letting us know how this has presented for you - we appreciate the feedback!

    ref: dev/projects/customer-feature-requests/#130

  • Hey @SecretSquirrel:

    Thanks for all your feedback on this! I've added your voice as well to the issue Peter mentioned above. :smile:

    Jack

This discussion has been closed.