This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Feature Request: Need more password generation options to support brain damaged sites
This actually applies to all versions of 1Password.
Because of really horrible security practices (I see this often with banks, insurance companies, etc.), I find that I cannot use the 1Password password generator tool to generate the strongest possible passwords. The problem is that many such sites have nonsensical password requirements, such as specific illegal symbols (like disallowing all brackets and currency symbols $[](){}). When I run into such sites, I find they also tend to have horrible limit restrictions (4 to 8 characters, maximum of 12, etc) making it all the more important to use as many character classes as possible.
Turning off symbols entirely because a site restricts a few of them results in much weaker passwords, especially if there is a very short length limit. In the unnamed tool I am now using for password generation, it includes a few options that make it much more adaptable to get the best passwords possible given the brain-damaged restrictions. What's worse is that such limitations are a strong indicator that your password is being stored in the clear, making it even more important to have strong and unique passwords for those sites.
At this point, I've had to install another password tool just to use the password generator functions. There are two primary features that allow for stronger passwords:
* You can select groups of characters to include (alpha, numeric, basic symbols, parens/brackets, extended symbols, ...)
* More importantly, and I think this may be the only additional feature required, is an input for specifically excluded characters. Usually (not not always) the site lists the restricted characters, so it's possible to type "$[](){}" and still get the benefit of using the other symbols in the password.
I would love to uninstall this other utility, so please help us generate the best possible passwords for sites that force us into these worst-practices.
Thanks
--
maxx
Because of really horrible security practices (I see this often with banks, insurance companies, etc.), I find that I cannot use the 1Password password generator tool to generate the strongest possible passwords. The problem is that many such sites have nonsensical password requirements, such as specific illegal symbols (like disallowing all brackets and currency symbols $[](){}). When I run into such sites, I find they also tend to have horrible limit restrictions (4 to 8 characters, maximum of 12, etc) making it all the more important to use as many character classes as possible.
Turning off symbols entirely because a site restricts a few of them results in much weaker passwords, especially if there is a very short length limit. In the unnamed tool I am now using for password generation, it includes a few options that make it much more adaptable to get the best passwords possible given the brain-damaged restrictions. What's worse is that such limitations are a strong indicator that your password is being stored in the clear, making it even more important to have strong and unique passwords for those sites.
At this point, I've had to install another password tool just to use the password generator functions. There are two primary features that allow for stronger passwords:
* You can select groups of characters to include (alpha, numeric, basic symbols, parens/brackets, extended symbols, ...)
* More importantly, and I think this may be the only additional feature required, is an input for specifically excluded characters. Usually (not not always) the site lists the restricted characters, so it's possible to type "$[](){}" and still get the benefit of using the other symbols in the password.
I would love to uninstall this other utility, so please help us generate the best possible passwords for sites that force us into these worst-practices.
Thanks
--
maxx
Flag
0
Comments
-
Welcome to the forum, Maxx, and thanks for the feature request.
Don't forget that you can edit the strong password 1Password generates before you accept it.
You can also click on the various options a few times until you get a password that meets (or nearly meets) the site's requirements, then delete or replace any disallowed characters, if necessary.Flag 0