1Password Bug

I ran into this little nasty earlier today. First to set the scene:

  • Mac OSX 10.6.6
  • 1Password Version 3.5.3 (build 30812)

I got an email from Trapster.com informing me that my account may have been compromised. Since I started using 1Password I’ve been making unique 16-character passwords for each individual site, so if a hacker gets my password for one site, he may own that, but nothing else. So I opened up 1Password and my highlight was on another entry related to another item. I went to the search field, typed in “trap” and found the entry for Trapster. I edited it, clicked on the password generator and made a new 16 character password. I clicked the “copy” button in the Password Generator dialog box and 1Password decided to replace the password for the previous highlighted item with the generated password that I meant to go into Trapsters entry. I did this three times just to make sure I wasn’t losing my marbles.

The way around this is to not use the search feature at all. If you browse and highlight the Trapster entry and put in a new password that way, everything is fine.

I just thought I would blog about this to help anyone who might have run into this bug on their own, it isn’t your mind, it’s the program. I’ve forwarded the bug report to the people who write 1Password, we’ll see what response we get.

2 thoughts on “1Password Bug

  1. I never use the search part of 1Password so guess I'll be okay. As I am old and sometimes don't "get" the shortcuts I am probably better off this time. Thanks for the heads up. Will be interested to see what answer you get from 1Password.

  2. Hi,

    This is Jeffrey Goldberg from Agile Web Solutions, the makers of 1Password. We will be looking out for your email with the bug report. I'm not completely sure that I understand what happened, but we will test this and get back to you as soon as we can.

    Certainly having the password pasted into unexpected places is not good behavior. So we are eager to track down and squash this bug.

    Thanks for letting us know about it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.