Skip to main content
thedean
February 4, 2025
Solved

Password complexity for this community

  • February 4, 2025
  • 11 replies
  • 913 views

I was very disappointed when I logged into this new community for the first time.  The password is overly complex.  Your own best practices recommend password length over password complexity.  See the two article below:  

https://blog.1password.com/how-long-should-my-passwords-be/#how-important-is-password-complexity

https://blog.1password.com/nist-password-guidelines-update/

You would have been much better off just requiring a minimum length (of say 24 characters) and removing all the complexity.  You should do better to reinforce the your stated best practices in your own systems.

Best answer by 1Password_Community

Thanks to everyone who reached out with feedback regarding password complexity and criteria and sharing valuable feedback as we’ve launched our new platform!

The team has worked quickly to address some of these requests and we’re rolling out the following updates around account passwords later today:

  • The maximum password length will be updated to 125 characters.


Criteria for password will be simplified as follows:

  • A minimum length of 15 characters
  • Usernames should not be part of your password
  • These criteria will be displayed to users creating a new password

We’ve consulted with the 1Password security team to make sure these requirements align with industry best practices.

Keep sharing your valuable feedback. We really appreciate it!

11 replies

amswitzer
February 4, 2025

[deleted]

davebarnes
February 4, 2025

I hate password rules. I want my password to be what I want.

February 4, 2025

I was disappointed that my first attempt told me that my password was too long. The popup with the rules didn't specify a maximum password length, so I used 1Password's largest option of 100 characters. 🤔

musti
February 4, 2025

Yeah forcing your users on all these password requirements are really overwhelming.

February 4, 2025

Let's play https://neal.fun/password-game/, shall we? :) 

February 4, 2025

It would be very helpful to specify the maximum length.  Had to try several times to shorten it from the maximum 100 - finally ended up using 32 characters

February 4, 2025

I think it took mine at 64 characters. That's typically my next step down if 100 doesn't work. 

KG4ZOW
February 4, 2025

If only there was a way to have the computer remember the password for you, so you don't have to remember it yourself ...

Seriously though. I used 1Password's password generator to make up a new password for this forum. Five or more random words, with one or two of them capitalized, with random punctuation and digits between them. More than enough to satisfy the "rules" on the first try.

This is my normal routine ... if anything the problem I run into most often is sites that have a maximum password length which is too low. (I don't know how long this one was, probably in the low 50's?)

Chromejob
February 5, 2025

Count your blessings. I signed up to a system today that required 12 or more characters, and what read like, "three each of upper case, lower case, numerals, and special characters." Three each?! Turned out it was "Engrish." One each was sufficient. But I still don't like sites that impose such complexity when it's a long string. Three of the four character types is sufficiently rigid, for 1998. 

February 5, 2025

What is this? 1Password Agile Bits should know better than to provide bad advice like this!

 

1Password Employee
February 5, 2025

Thanks to everyone who reached out with feedback regarding password complexity and criteria and sharing valuable feedback as we’ve launched our new platform!

The team has worked quickly to address some of these requests and we’re rolling out the following updates around account passwords later today:

  • The maximum password length will be updated to 125 characters.


Criteria for password will be simplified as follows:

  • A minimum length of 15 characters
  • Usernames should not be part of your password
  • These criteria will be displayed to users creating a new password

We’ve consulted with the 1Password security team to make sure these requirements align with industry best practices.

Keep sharing your valuable feedback. We really appreciate it!

davebarnes
February 5, 2025

Why do I need a minimum length of 15 characters for a forum?
Do I really care if someone logs into my forum account?
No, I do not.

February 5, 2025

If only there was a way for you to manage long passwords like that… 

So you didn't have to remember them… 

So it didn't matter how long they were… 

So they were unique and secure, no matter what the site… 

🤔