Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
thedean
10 days agoContributor
Password complexity for this community
I was very disappointed when I logged into this new community for the first time. The password is overly complex. Your own best practices recommend password length over password complexity. See the two article below:
https://blog.1password.com/how-long-should-my-passwords-be/#how-important-is-password-complexity
https://blog.1password.com/nist-password-guidelines-update/
You would have been much better off just requiring a minimum length (of say 24 characters) and removing all the complexity. You should do better to reinforce the your stated best practices in your own systems.
Thanks to everyone who reached out with feedback regarding password complexity and criteria and sharing valuable feedback as we’ve launched our new platform!
The team has worked quickly to address some of these requests and we’re rolling out the following updates around account passwords later today:- The maximum password length will be updated to 125 characters.
Criteria for password will be simplified as follows:- A minimum length of 15 characters
- Usernames should not be part of your password
- These criteria will be displayed to users creating a new password
We’ve consulted with the 1Password security team to make sure these requirements align with industry best practices.
Keep sharing your valuable feedback. We really appreciate it!
- 1P_fran
Community Manager
Thanks to everyone who reached out with feedback regarding password complexity and criteria and sharing valuable feedback as we’ve launched our new platform!
The team has worked quickly to address some of these requests and we’re rolling out the following updates around account passwords later today:- The maximum password length will be updated to 125 characters.
Criteria for password will be simplified as follows:- A minimum length of 15 characters
- Usernames should not be part of your password
- These criteria will be displayed to users creating a new password
We’ve consulted with the 1Password security team to make sure these requirements align with industry best practices.
Keep sharing your valuable feedback. We really appreciate it!
- MCoochNew Contributor
Good and quick action from 1Password. I'm not sure what people were thinking with the original format.
- davebarnesNew Contributor
Why do I need a minimum length of 15 characters for a forum?
Do I really care if someone logs into my forum account?
No, I do not.- flybynight27Occasional Contributor
If only there was a way for you to manage long passwords like that…
So you didn't have to remember them…
So it didn't matter how long they were…
So they were unique and secure, no matter what the site…
🤔
- flybynight27Occasional Contributor
I was disappointed that my first attempt told me that my password was too long. The popup with the rules didn't specify a maximum password length, so I used 1Password's largest option of 100 characters. 🤔
- KG4ZOWOccasional Contributor
If only there was a way to have the computer remember the password for you, so you don't have to remember it yourself ...
Seriously though. I used 1Password's password generator to make up a new password for this forum. Five or more random words, with one or two of them capitalized, with random punctuation and digits between them. More than enough to satisfy the "rules" on the first try.
This is my normal routine ... if anything the problem I run into most often is sites that have a maximum password length which is too low. (I don't know how long this one was, probably in the low 50's?)
- davebarnesNew Contributor
I hate password rules. I want my password to be what I want.
- nciiisOccasional Contributor
What is this? 1Password Agile Bits should know better than to provide bad advice like this!
- amswitzerNew Contributor
[deleted]
- mustiNew Contributor
Yeah forcing your users on all these password requirements are really overwhelming.
- Former Member
Let's play a little game, shall we? :)
- eb1909New Contributor
It would be very helpful to specify the maximum length. Had to try several times to shorten it from the maximum 100 - finally ended up using 32 characters
- flybynight27Occasional Contributor
I think it took mine at 64 characters. That's typically my next step down if 100 doesn't work.
- ChromejobNew Contributor
Count your blessings. I signed up to a system today that required 12 or more characters, and what read like, "three each of upper case, lower case, numerals, and special characters." Three each?! Turned out it was "Engrish." One each was sufficient. But I still don't like sites that impose such complexity when it's a long string. Three of the four character types is sufficiently rigid, for 1998.