Forum Discussion
Better n'th character and m'th character handling. It's bad having to show pwd in big text.
Hi there @AWinfield
Ideally, we'd be in a situation where websites or apps don't ask you for partial passwords. There's no evidence of them being any more secure than a full password, and as you've noticed, they represent a bit of a usability hurdle, especially because they can't be autofilled. My previous bank used to request 3 separate characters from my password which resulted in me using a non-random password and counting through the characters in my head to sign in! It was one of the reasons I moved away from that bank. Unfortunately, it does usually seem to be banks and other financial institutions that have some... let's say "interesting" ideas about best security practices when it comes to signing in.
Yours is a tricky question to answer, because we don't want to endorse (or even be seen to endorse) anything but the best security practices, which as of writing, is a strong, random password and two-factor authentication where available. My personal worry is that by making it easier to use partial passwords, we're only really putting a band-aid on the problem, rather than addressing the bigger issue which is that, in 2022 and beyond, no website or app should ever be asking for partial passwords. I'd recommend sending the app or website your feedback about this, and specifically mention that using a partial password makes autofill impossible, leading to a troublesome user experience, or (even worse) using an insecure password because you'll have to remember it.
I'll pass this along to the product team for their consideration. I can't promise if or when we'll implement this, for the reasons shown above, but do keep an eye on the release notes when you update 1Password to see what's new. Thanks for your feedback. :)
— Grey
ref: IDEA-I-2084