Face it, no one likes to get rejected, but when you use 1Password's strong password generator to generate a secure cryptic password and the site rejects it for some reason it can be a bit frustrating. Sometimes the password is just fine but that username you picked was already taken. Who knew R2D2Rulez would not be available on the Star Wars message boards? However, 1Password has some features that help you deal with the craziness that is the world wide web when it comes to registering at new sites and saving the login information in 1Password.
Here's a typical login page from a popular internet site:
With a page like this I could use the Fill with Identity feature to complete all the information on the form since 1Password will automatically use the strong password generator to populate the password fields when it fills the e-mail and usernames fields on the page. 1Password is smart that way. When it sees password fields on a form you are filling it guesses that you want to generate strong ones so it does it for you. However, for this example I am going to click on the 1Password icon and select the strong password generator option and just fill those fields.
I like my passwords to be as secure as possible so I am going to move the slider for the length of the password to 50. I'll also make sure it has 6 numbers and 6 symbols. That looks pretty secure to me so I click on the Fill button at the bottom right.
However, there is a problem because this particular web page only allows passwords to be 12 characters long. If the web site is coded properly then 1Password will identify the maximum length allowed for the page and offer to shorten it for you as shown below. If not, you may not find out until the form is rejected after you save it.
I suppose I will have to live with a 12 character long password so I click the Shorten Password and Fill button. 1Password automatically reduces the password length for me. I now complete the rest of the page and click on the submit button. The 1Password autosave window appears:
I click on Save button to create a new web form.
Doh!! I forgot to select a username so my form is rejected:
So I am back to square one:
I complete the form again and select a username this time. I also generate a new password since I was too lazy to go look up the last one in the Password History section of 1Password. Hint: ALL passwords filled by the strong password generator get saved in the Password History section of the main 1Password application. Therefore, you will never be in a situation where you don't know what the generated password is even if you did not save a web form for the site.
Since I already know that it can only be 12 characters, I generate one that length:
I submit the registration page and am again prompted by 1Password's Autosave window. However, since I already saved a form without a username (and a different password) the last time around, I am going to overwrite that one with the correct information. Notice the highlighted area below.
Instead of creating a new web form, I use the pull down menu and select the older form to replace:
Note: For the sake of anonymity I have replaced the actual name of the web site with - and + symbols.
Any existing forms for the domain I am currently at will be shown. In this case, I am replacing the one I saved earlier. (-------.com)
So now I have replaced the previously saved form with the latest information. If the site were to reject my username or other information again I could repeat this process as many times as necessary. So while dealing with rejection can be a pain, it doesn't have to be that frustrating. In fact, in this example I never opened the main 1Password application and handled everything in the browser.
If you have comments, we would love to hear them.
Nice tip Carl! I wasn't aware 1P could do that! I can now deal with rejection more easily. ;) Thanks!
Posted by: flec65 | March 04, 2008 at 05:41 AM
I'd been hitting some snags in this area and this straightened me right out. Thanks!
Posted by: Kirby | March 04, 2008 at 07:55 AM
"Hint: ALL passwords filled by the strong password generator get saved in the Password History.... Therefore, you will never be in a situation where you don't know what the generated password is even if you did not save a web form for the site."
I wish I'd known this a month ago, as I did just that and then didn't know then password.
Worth a tip on its own.
Actually, this post had a _lot_ of good tips. Didn't know about replacing a web for either. Up until now, I create a new one, then open 1Password and delete the old form....
Posted by: Stephen R | March 04, 2008 at 11:06 AM
I find the Password History section confusing - I've been creating my own passwords without using the generator, yet I have at least a dozen or so generated passwords in this section - and they are for sites that I access with the password that I created.
So how did they get there? Are they being used 'behind my back'? - Does 1PW ever fill in passwords other than those I select via the context menu?
I should mention that I've been using 1PW for at least a year - and started noticing these some time ago.
Posted by: Frank R | March 04, 2008 at 12:36 PM
The reality out there is that many registration pages are improperly coded in a much more inconvenient way than described in this blog post.
Instead of refusing a long password, they will create the account and leave you with no clue as to where it got truncated.
So if you chose something 50 characters long, you are in for a nice hassle to find your real password, deleting cookies and switching proxies every couple of attempts along the way;-)
Posted by: Constance | March 04, 2008 at 03:11 PM
Frank R,
Items get into the Password History under the following circumstances:
1. You use the Strong Password Generator and click on the Fill button.
2. You use the Fill with Identity on a page that has password fields. Even if you end up not using that password.
If you use the generator and simply click on the Copy (to clipboard) button it does not get added to the Password History section.
What specifically do you find confusing and I will try to address it.
The idea behind the Password History is that we want to make sure that if you generate a password for a site, 1Password keeps a log of it. That way if you forget to save a web form or autosave doesn't prompt you on that page for some reason, you can go back and retrieve the password to manually save a form.
Posted by: Carl S. | March 04, 2008 at 04:16 PM
Constance,
Any page that does a silent truncation or makes a change to the submitted password WITHOUT notifying you is an absolutely poorly designed page and I consider these designers to be poor net citizens. I would complain loudly anytime I ran across one of these.
Posted by: Carl S. | March 04, 2008 at 04:22 PM
Thanks for the tips, Carl. I've been using 1Password for about 6 months and was unaware that using my "fill with identity" would generate passwords automatically.
Posted by: MelG | March 04, 2008 at 05:03 PM
Thanks for this nice tip, didn't know that it is that easy.
Posted by: Patrick | March 05, 2008 at 03:22 AM