I manage all of my passwords with the 1Password program on my Mac. Works great, but sometimes I go to log in and 1Password warns I have a bad or insecure password choice. Okay, how do I improve it?
Passwords are a pain and the more sites you visit, the more of a hassle it is. After all, they should be complex, impossible to guess and unique to each site and if you can remember hundreds of ’em, you’re a smarter person than I am! And let’s be honest while we’re talking passwords, it’s a huge pain to have to guess again and again until you remember the one you’re using on a particular site. Enter password managers. There are a number of really good options out there, and like you, I’ve opted for 1Password as my app of choice.
But regardless of how you manage your passwords, you really should be ensuring that you have tough passwords, easily accomplished by making them longer (12 characters is significantly harder to crack than 8 characters, for example), including upper and lower case letters, a digit or two and even some punctuation. Many sites require all of these elements nowadays, which is yet another reason why a password manager is a win.
I was logging in to my Denver Museum of Nature & Science account when 1Password popped up this warning:
“This password is used in more than one of your items. Change your password to something unique”. Not only that, but adjacent to the (hidden) password it shows “Duplicate”.
Okay, okay, so I’ll change it. But how do you do that? The easiest is to go onto the Web site’s page where you can enter a new password once you’ve verified your identity. At that point, lean on 1Password to generate a better, more secure password than you would do yourself.
The first step is really subtle, but click on “Edit” on the correct entry in 1Password, then look for the light grey gear wheel adjacent to the (hidden) password. You can see it below:
Once you click on it, a new password is immediately generated and the regenerate password window pops up:
Don’t like the password it’s suggested? Tweak the parameters in the Regenerate Password window and click “Regenerate Password” until you get one that meets your criteria and you like. Definitely keep the “Avoid ambiguous characters” box checked too, so you never puzzle about 0 versus O or 1 versus l again.
I’ll try another one myself…
A museum password with a “$”? Suitably wry. I like it.
Click anywhere else on the window than that tiny pop-up and it’ll go back to having the password masked:
At this point, move the cursor over the masked password and a button appears with the word “copy“. Click and four options appear in a little pop-up menu:
At this point I “copy” the new password [it’s smart enough to copy the actual password, not the masked sequence of dots!] then click “Save” on the top. Done. Now jump back to the Web site where it’s prompting you to enter your new password and paste that new password into the boxes as appropriate.
Save your changed password and… mission accomplished. You just significantly improved your security on that site. Well done. This also neatly demonstrates the great benefit of a password manager; no writing anything down, even as you changed to a far more secure password.
Pro Tip: I’ve been writing about online security for many years. Please check out my scams and security help area for lots of useful tutorials to help keep you safe online. Thanks!