This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

Feature Request: Master Password prompt when revealing passwords

The way I see things, when using the browser extension I should very rarely need to reveal / copy my password because I can simply autofill that information by pressing "cmd + \". That way, there is no chance of my password being copied in plain text. So if that is the case, why must it be so easy to reveal / copy my password if I leave my computer for even the briefest period of time?



I have seen several similar threads and every time the response has been "make sure you lock 1Password when you are not at the computer". While this is obviously one solution, my question is why can't we do better than that? In LastPass, if I wish to reveal or copy my password I must re-enter my master password. If I need to copy several passwords within the next few minutes I can choose to leave my passwords unlocked for a selectable time period. Surely this is a much more secure solution?



At some point in time I will undoubtedly forget to lock my 1Password and I do not wish every password I have ever created to be made available to prying eyes. Yes, I have the timeout feature enabled, but if it is set to a time period of just a few minutes then that's quite a major inconvenience to re-enter my master password after every few minutes of inactivity. Plus, that's still plenty of time for someone to discover my passwords.



Please make this option available. I would like to switch from LastPass to 1Password however I'm not sure I can justify risking my passwords so easily.

Comments

  • khad
    khad Social Choreographer
    Welcome to the forums, Stephen! Thanks for suggesting this.



    [quote]If I need to copy several passwords within the next few minutes I can choose to leave my passwords unlocked for a selectable time period.[/quote]

    Have you looked at the security preferences in 1Password? You can select an autolock time period which sounds like what you are looking for. After the time you set expires, you cannot use 1Password [b]at all[/b] (i.e., [i]more[/i] secure) without entering your master password.



    You are correct that we don't currently support multiple security levels (e.g., unlocked for filling, unlocked for viewing, etc.). I will pass this along to the developers to see how we can improve.



    Thanks again for the feedback!
  • I'm looking for the best compromise between security and ease of use, so I'm looking for a solution that requires the least amount of master-passwords entries while still keeping my passwords safe. Setting a short timeout (2 mins for example) means that if I read a paper at my desk, by the time I've finished I'll have to enter my master password again. This is tedious. However, if I leave my desk and forget to lock 1Password that gives someone 2 minutes to learn my passwords and then have free access to my accounts at a later time without my knowledge. Both situations are not ideal.



    The main concern is someone learning my passwords, not them being able to access my accounts for the brief periods that I'm away from my computer. Therefore, it should be very difficult to actually learn my passwords, and less difficult to just use my account when I'm absent.



    LastPass's solution allows me to remain logged into LastPass 24/7. I very rarely have to enter my master password, not even when I sleep/wake or return from the screensaver, and my actual passwords are still safe from prying eyes. Seems like the best solution to me.



    The last point to add is that less entries of my master password means less chances for someone to capture it. I know this is only of concern to the extra paranoid of those among us, but my master password is not one I want compromised.



    Thanks for passing the suggestion along.
  • khad
    khad Social Choreographer
    edited June 2011
    Thanks for following up on this, Stephen.



    I completely understand your use case. I think it is a bit different from the current use case 1Password is designed for (but that certainly doesn't mean it can't change).



    I don't want anyone logging into my accounts [i]or[/i] viewing my passwords, so I prefer the way 1Password currently does things. Since I use strong unique passwords like XNPUdYkd8F/9-R/a~6C8iGQr9";vYom9-weCQp{6cZ8`fV]33F for all of my login items, I am not too worried about someone shoulder surfing one of them. I am either at my computer (1Password should be completely unlocked) or away from it (1Password should be completely locked). I just close the lid to my laptop ("Lock when sleeping") when I am done with it or pull up OS X's login widow if I want the little guy to keep working while I step away. That's just me, though. There are a multitude of use cases.



    I'll let you know if I have any news from the developers on this front, but I know they are pretty busy working on Lion support and some other secret missions at the moment so I can't promise anything. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



    Cheers,
  • jpgoldberg
    jpgoldberg Agile Customer Care
    Hi Stephen,



    This is a very interesting discussion. At this point I don't have really anything to say about this beyond what Khad has mentioned and I we will certainly need to think through the security and usability implications more carefully.



    You are correct that we can't really replicate what you are looking for simply by adjusting the parameters in Preferences > Security.



    So that I can get a better sense of the need for this, can you let me about the environment you are concerned about? Are you using 1Password at home or at work? And how publicly available is your computer when you walk away from it for a few minutes.



    On thing to keep in mind is that the security of this "allow filling, but not viewing" may not be as solid as you may imagine. It does prevent quick and casual viewing of some of your passwords as you describe, but if the data are unlocked by a password management system, it means that the actual decryption key is sitting unencrypted (though obfuscated) in system memory. I have not studied the internals other systems, so what I say here is purely speculative, but I would be uncomfortable allowing the system to run with the data unlocked (even if restricted to form filling) 24/7. Again, it is possible that they have a solution to this problem which I haven't considered. But if we were to implement something like this in 1Password we would need to look into this question extremely carefully.



    Cheers,



    -j