Please visit the new Mac-Forums Facebook page:
https://www.facebook.com/macforums1




Results 1 to 3 of 3
  1. #1
    1Password's Watchtower Bad Passwords List
    Ratsima's Avatar
    Member Since
    Mar 11, 2019
    Location
    Korat, Thailand
    Posts
    246
    Rep Power
    1
    1Password's Watchtower Bad Passwords List
    On another thread <App-Specific Passwords> I went way off topic discussing 1Password's Watchtower which lists Compromised Websites, Vulnerable Passwords, Reused Passwords, Weak Passwords, Unsecured Websites (http vs https) and failure to use Two-Factor Authentication. I have over a thousand entries on that list.

    I started working on it today. It is one of the most tedious, boring and complex tasks that I have ever set about. Granted, many of the websites listed are places I never go and will probably never go again (I hope). I can easily delete those from 1Password and the warning goes away.

    But, that leaves hundreds that need dealing with.

    Although I subscribe to 1Password, I also want to keep passwords in Apple's Keychain. So, the steps are:

    • Log on to the website
    • Locate the change password page
    • Get the 2FA code if one is sent and paste it into the web page
    • Click on the new password field
    • Accept Safari/Keychain suggested password
    • Tell Keychain to update the password
    • Hope that 1Password has picked up the password change
    • If not, find the new password in Keychain
    • Enter the Keychain password to expose the new website password
    • Copy the new website password and paste it into 1Password


    I worked on this for an hour and only managed to do FB, Flipboard, Plex, Twitter, Adobe, Google, Air Asia and four banks.

    Apparently this is a task that I'll have to pass on to my progeny. Have fun kids.

  2. #2
    1Password's Watchtower Bad Passwords List
    IWT's Avatar
    Member Since
    Jan 23, 2009
    Location
    Born in Scotland, Worked in Scotland then England, Now live in Wales
    Posts
    5,638
    Your Mac's Specs
    Late 2015 5K 27-inch Retina iMac, 4GHz i7, 32GB RAM, 1TB Flash Drive, macOS High Sierra 10.13.6
    Rep Power
    18
    A very useful post, Mike.

    I have found that doing it your way does not always mean that 1PW picks it up even if you have 1PW open.

    You can, of course, do it in the reverse. Get 1PW to suggest the PW, input that (which at the same time updates 1PW) and when you sign in, Safari's Keychain usually detects that this is a change from the PW it previously held and offers to add/replace the new PW.

    I say usually, not always, but more often, I've found, than doing it the way you suggested.

    Any way is a tiresome bore. Yuk...

    Ian
    Ian

  3. #3
    1Password's Watchtower Bad Passwords List
    Ratsima's Avatar
    Member Since
    Mar 11, 2019
    Location
    Korat, Thailand
    Posts
    246
    Rep Power
    1
    How do you stop Safari from suggesting new passwords? I know I can decline the suggested password and then get 1Password to suggest one, but that seems like an extra step.

    So far, Google has been the biggest PITA. I have many entries in Keychain and 1Password for various Google entities. I figured it made sense to have the same password for all of them since they all share the same username. But both Keychain and 1Password complain about this. (Password used in more than one item.) Then, after I changed the password for Google, each of my devices wanted me to log in, enter the new password and receive a 2FA code. Unfortunately, under iOS Google sends you to a page in the language of the country you're in with no option to change the language. My Thai was not up to the task, so, I had to turn on a US based VPN in order to get the page in good old English (USA). Then Keychain (which may not have synced yet) kept entering the old password. So, back to the computer, open the Keychain, copy the new password and then paste into the Google page on both the iPhone and iPad. Silly.

    It's pretty clear why people are not on top of security. It's an odious task. And, if you don't use a password manager who can think of memorable passwords that are any good? I used to think I had a decent method (here's one: Am#iBE4-5789 - ThinK Marvelettes) of creating hard-to-guess-easy-to-remember passwords. In fact 1Password used to like them. Of course, now they've all been compromised, used too often, are too easy to guess, etc.

    Anyway, maybe I'll do a few more next week.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. 1password
    By dtaylor15 in forum macOS - Apps and Games
    Replies: 4
    Last Post: 09-14-2011, 11:41 PM
  2. 1Password help!
    By TheFr33man in forum macOS - Apps and Games
    Replies: 3
    Last Post: 04-21-2010, 05:12 AM
  3. Replies: 0
    Last Post: 06-19-2009, 02:13 AM
  4. Printer List in Apps Differentiate to Preference List
    By RhysAndrews in forum macOS - Operating System
    Replies: 0
    Last Post: 05-26-2009, 08:31 PM
  5. Replies: 0
    Last Post: 04-24-2008, 04:40 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •