This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Suggestion Password History
AltmanSoftware
Junior Member ✭
Perhaps I am confused about how to use password items to save history, but I have never been able to use this to any advantage. If I understand 1P correctly, I should be able to use Password items to keep old passwords (history) for logins (and other accounts). Here are the problems I have encountered:
Organization of History:
1. I want to group password history with the login/account; it is possible to create folders to do this, but that is extra management on my part. In a sense, a login/account item *is* already a folder: it holds information about the login/account. It would be better if there were a "History" button in each login/account that would show password (and probably username) history.
2. Normally, I only want to see the current password. Except when I specifically decide to look at history, I am only interested in the current information. It would be better if there were a "History" button in each login/account; by so doing, I would not be able to accidentally select the wrong login.
3. History information should be sorted in reverse chronological order; this sorting should be independent of other sorting of 1PW items. Amazingly enough, having a "history" button on each login/account would accomplish this as well.
Edit/Control:
4. I want to be able to edit items in the history list without changing the effective date. I really, REALLY, do not care when I edited the item; I care about when I stopped using the password. I have often tried to add or edit old passwords in 1P at a later date: the end result of which is that I can no longer use the date to sort them. (Try adding three password history item in a folder, one after another; come back three weeks later and try to figure out which one was which.) Case in point, when I record computer / domain login in 1P; I do so purely for the historical record -- and I usually do so when I first have to change the password (since I am often busy with a new client waiting for me when I had set up the first one).
5. I want to be able to create new history items in the list; I must be able to specify the date (or accept current date as a default). Did I mention needing to add old password after the fact? See point #4, above.
Miscellaneous:
6. Password history must work for logins and accounts. I believe it was Roustem who explained this (apologies if I recall incorrectly), but password items are created when you generate a new password for a login. Unless "account" items have the same type of behavior, they become second-class citizens -- not good. In fact, this brings up another significant problem: I want to track password history even when I am not using the 1P password generator. Case in point, when creating a computer / domain login, I cannot use 1P's password generator and I often do not have access to 1P (at all) until after I have logged in the the computer, which cannot be done before creating the password.
7. History import / export: Without the history feature, there is nothing to import or export. Bottom line - this is not a critical feature. And before my statement starts a thread-war, what I mean by "critical" is any feature without which the system is useless; I do think it is important, I just don't think it is "critical".
I believe that is a sufficient description of how 1P's password history might be implemented to better serve the users; and to be clear, I am very impressed with 1P and the AWS team; the fact that I have taken the time to write this up in such detail is a reflection of that and not in any way a criticism. Great work, great program, please add history.
Thanks.
Organization of History:
1. I want to group password history with the login/account; it is possible to create folders to do this, but that is extra management on my part. In a sense, a login/account item *is* already a folder: it holds information about the login/account. It would be better if there were a "History" button in each login/account that would show password (and probably username) history.
2. Normally, I only want to see the current password. Except when I specifically decide to look at history, I am only interested in the current information. It would be better if there were a "History" button in each login/account; by so doing, I would not be able to accidentally select the wrong login.
3. History information should be sorted in reverse chronological order; this sorting should be independent of other sorting of 1PW items. Amazingly enough, having a "history" button on each login/account would accomplish this as well.
Edit/Control:
4. I want to be able to edit items in the history list without changing the effective date. I really, REALLY, do not care when I edited the item; I care about when I stopped using the password. I have often tried to add or edit old passwords in 1P at a later date: the end result of which is that I can no longer use the date to sort them. (Try adding three password history item in a folder, one after another; come back three weeks later and try to figure out which one was which.) Case in point, when I record computer / domain login in 1P; I do so purely for the historical record -- and I usually do so when I first have to change the password (since I am often busy with a new client waiting for me when I had set up the first one).
5. I want to be able to create new history items in the list; I must be able to specify the date (or accept current date as a default). Did I mention needing to add old password after the fact? See point #4, above.
Miscellaneous:
6. Password history must work for logins and accounts. I believe it was Roustem who explained this (apologies if I recall incorrectly), but password items are created when you generate a new password for a login. Unless "account" items have the same type of behavior, they become second-class citizens -- not good. In fact, this brings up another significant problem: I want to track password history even when I am not using the 1P password generator. Case in point, when creating a computer / domain login, I cannot use 1P's password generator and I often do not have access to 1P (at all) until after I have logged in the the computer, which cannot be done before creating the password.
7. History import / export: Without the history feature, there is nothing to import or export. Bottom line - this is not a critical feature. And before my statement starts a thread-war, what I mean by "critical" is any feature without which the system is useless; I do think it is important, I just don't think it is "critical".
I believe that is a sufficient description of how 1P's password history might be implemented to better serve the users; and to be clear, I am very impressed with 1P and the AWS team; the fact that I have taken the time to write this up in such detail is a reflection of that and not in any way a criticism. Great work, great program, please add history.
Thanks.
Flag
0
Comments
-
Thank you for taking the time to lay out your suggestions.
The 1Password password history is for Logins items, where you initially created the item and then later on used the browser integrations to actually direct 1Password to replace the currently saved password. We describe this set of steps on this web page: [url]http://help.agile.ws/1Password3/change_password.html[/url].
When those steps are followed, 1Password will automatically take the previous password value and include it in a History section for that particular Logins item. The History is not editable so that you cannot ever possibly be left without the one copy of a password the way it once was. You are also unable to add to (or remove an item from) the history.Flag 0
