Guide user through changing all passwords
There are a lot of questions here about automatic changing of many passwords. This is not about that. Instead, it seems 1Password could help many former LastPass users like me to change all their passwords in this way:
1. There is an option "Guide me in reviewing or changing all my passwords"
2. Once that is selected, every entry in one's 1Password is presented. This might be in a table format with options to Review (default), Mark to be changed, Skip, or Delete. There is a Next button, and if it's not clicked, the user is reminded by email after a few days.
3. After Next, every item marked for Review or Change is presented one-by-one. If any are not acted upon, the user is reminded in a few days to resume.
Without support like this, which only 1Password can provide, I will never get through all my entries imported from LastPass. And it doesn't have any security or privacy gotchas that I can imagine. And it should be fairly straightforward to implement and for CSRs to support.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
YES!
I love @chillrobot steps but want step 2 to be a bit smarter.
I too switched from LastPass and now need to slog through changing 700+ passwords!
I want to know: What is truly my biggest risk and must be done ASAP? Then what comes after? What have I already updated?
Watchtower makes me think the big red "compromised sites" is what I should focus on... but this isn't true! Who cares if MySpace is using that ancient password I don't use anymore!
Isn't the below closer to the risk ranking for me?
- My email accounts using compromised, re-used*, or weak passwords (#1 because due to email as the account recovery method)
- Financial sites using compromised, re-used, or weak passwords (banks, Social Security, IRS, Credit cards etc where a hacker can transfer money)
- Shopping sites (starting with Amazon and other popular targets?)
- Remaining sites using compromised passwords
- Remaining sites using re-used passwords
- Sites unchanged as imported from LastPass
- Sites using weak passwords
*re-used passwords should be considered if parts of them are what is re-used. eg. "mydogspot" == "mydogspot1" == "mydogspot!" == "myd0gsp0t" etc
0 -
Thanks, and I heartily agree with your future enhancements.
0 -
Hello @chillrobot and @JamieRI,
Thank you both for the thoughtful suggestions and feedback. We value the input of our community members, especially when it comes to enhancing the usability and features of 1Password.
@chillrobot, your proposed guided review system is an excellent way to simplify the process for users, especially those who are transitioning from other password managers like LastPass. It would provide a structured and manageable way to assess and update passwords.
@JamieRI, you make a valid point regarding risk ranking. Prioritizing which passwords to change based on potential risks makes sense and would certainly streamline the process, particularly for users with a large number of saved items.
While I cannot guarantee immediate implementation, I assure you that your feedback will be shared with our product and development teams. We're always looking for ways to improve, and insights from our community are instrumental in shaping 1Password's future.
0 -
Thank you for listening!
0 -
You're welcome @JamieRI, thank you for your feedback!
0
