Getting Qualified Passwords for Capital One

card, credit card, credit-1673581.jpg

Password requirements of the website(Capital One)

  • May only use the following characters: Aa-Zz 0-9 – _ . / \ @ $ * & ! #

  • No spaces

Each password manager gets ten stars at the beginning and has ten times to generate suitable passwords. They will lose one star for one unqualified password, two stars for two unqualified passwords, and so on. They might also lose extra stars due to its inconvenient setting.

Setting process of each password managers

Bitwarden: 1 star

It lost 9 stars (7 stars for 7 failures and 2 star for its unfriendly setting).

  • Annoying to drag the thumb of the seekbar (lost 1 star here)

    It was annoying to drag the thumb of the seekbar to the 12 exactly.

  • Need to check passwords carefully (lost 1 star here)

    Some special characters in the password generator are not allowed to use in this website. We needed to check special characters in passwords carefully to know whether they are suitable for the website.

There were only three qualified passwords.

Enpass: 7 stars

It lost 3 stars ( 3 stars for its unfriendly setting).

  • Annoying to drag the thumb of the seekbar (lost 1 star here)

    It was annoying to drag the thumb of the seekbar to the 12 exactly.

  • Inconvenient to enter the specific special symbols(lost 1 star here)

    To meet the website requirements, we included invalid symbols listed by the website(see the screenshot below) and got 10 suitable passwords. But it was inconvenient for us to type the specific symbols by themselves.

  • Inconvenient to save an account quickly with nine steps (lose 1 star here).

LastPass: 3 stars

It lost 7 star (4 stars for 4 failures and 3 star for its unfriendly setting).

  • Annoying to drag the thumb of the seeker bar(lost 1 star here)

    Users first needed to change the password length to 12.

  • Check passwords carefully (lost 1 star here)

    Because we can only see three special characters on the password generator page, we needed to check special characters in passwords carefully to know whether they are suitable for the website.

  • Inconvenient to save an account quickly with ten steps (lose 1 star here).

There were only 6 qualified passwords.

KeePassium: 7 stars

  • It lost 3 stars (for its unfriendly setting).

    • Need to change the mode from “Basic” to “Expert”(lost 1 star here)

      Otherwise users couldn’t change the passwords options.

    • Annoying to drag the thumb of the seeker bar(lost 1 star here)

      Users first needed to change the password length to 12.

    • Time-consuming to type the specific characters(lost 1 star here)

    KeePassium allowed users to include specific characters by entering the characters. It took more time to type the specific characters. Because users needed to click the box “required” and then type some valid special characters (see screenshot below). Therefore it lost 1 star for these unfriendly settings.

    We got ten qualified passwords here.

KeePass DX: 7 stars

It lost 3 stars (for its unfriendly setting).

  • Typing the excluded characters into the box of ignore characters (lost 1 star here)

  • Choosing “at least one character from each” (lost 1 star here)

    Users needed to choose the option of “at least one character from each”; otherwise, it might fail to create qualified passwords even having selected the appropriate options.

  • Making the passwords readable(lost 1 star here)

    Users could not read the passwords if they forgot to tape an eye icon near the password. The passwords were shown in dots by default.

It got ten qualified passwords.

KeePass XC: 7 stars

The same situation (in KeePass DX) can be seen in KeePass XC, therefore it also lost 3 stars for its unfriendly settings and got 10 qualified passwords.

Zero password manager: 10 stars

Zero password manager allowed users to easily choose specific characters by clicking the character. We cleared all the default special characters to have suitable passwords and then chose one or two valid characters. By doing this, we got qualified passwords every time.