This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

social features

<div class="IPBDescription">sharing passwords</div>Hi guys,



I just wanted to share my dev account for something with someone and I that made me think two things:



1. I don't really wanna tell anyone the username and password, but i would be comfortable if they had one time access somehow provided by a token website hosted somewhere that only worked once. I.e. I push a button on 1password and it creates the one time site site and it creates a hashed link that i send to said friend who goes there pushes a button and the one time site logs him into the account. Expires after one or two uses.



2. I hate sending user names and passwords over the internet full stop. can you create a better way? Be it a simple solution with say a generator for creating password matrix pictures for sending verbatim and then you tell the other person which row to use. Or some technical solution dreamt up by you guys - whatever way: a means for sending one of my stored passwords securly by mail that only the correct recipient can understand or use. Obviously you could also create a social feature for linking 1password installations of different users, but I rather have non-lockin solution, because most people I interact with do not have your nice program.



...and then i thought of you guys <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />



cheers,

Jonas

Comments

  • khad
    khad Social Choreographer
    edited July 2011
    Welcome to the forums, Jonas!



    Thanks for asking about these interesting ideas. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



    [quote]1. I don't really wanna tell anyone the username and password, but i would be comfortable if they had one time access somehow provided by a token website hosted somewhere that only worked once. I.e. I push a button on 1password and it creates the one time site site and it creates a hashed link that i send to said friend who goes there pushes a button and the one time site logs him into the account. Expires after one or two uses.[/quote]

    Technically, this would not be feasible unfortunately. Websites need your actual login credentials in order to log you in. At best, we could provide some mild obfuscation but no actual security. If someone can log in, they have your credentials in one way or another. The website itself would have to have special support for [url="http://en.wikipedia.org/wiki/One-time_password"]one time passwords[/url] (OTP) for this to work.



    [quote]2. I hate sending user names and passwords over the internet full stop. can you create a better way? Be it a simple solution with say a generator for creating password matrix pictures for sending verbatim and then you tell the other person which row to use. Or some technical solution dreamt up by you guys - whatever way: a means for sending one of my stored passwords securly by mail that only the correct recipient can understand or use. Obviously you could also create a social feature for linking 1password installations of different users, but I rather have non-lockin solution, because most people I interact with do not have your nice program.[/quote]

    Again, there would be no way to hide the login credentials from someone with whom you share the login item without support for OTP on the website for which you are sharing the login. I will add your vote for [url="http://forum.agile.ws/index.php?/topic/4008-feature-request-data-sharing/"]data sharing[/url], though! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



    Please let me know if there is anything else I can help with.



    Cheers,