Insecure keyboard shortcut to reveal password

uhinze

Hi!

In my view, the keyboard shortcut for revealing a password on Mac (the Option key) is insecure.

I found this out by accident with the following case:

• Generate a password on a site
• Later convert to login
• Edit login -> I want to add my email address as a user name
• Type email address, for the @ I need to use Option + L
• When I hit Option, it reveals my password -> meaning anyone could see it / take a screenshot of it etc., even though I just wanted to enter my email address

Best
Ulrich

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

ag_ana

Hi @uhinze!

Type email address, for the @ I need to use Option + L

Out of curiosity, what keyboard layout are you using?

uhinze

It’s a German keyboard. But Option needs to be used on the English one as well right?

ag_ana

@uhinze:

I tried with both American and UK keyboard layouts, and they both only need the Shift key from what I can see. I am not sure if there are other English layouts that require different combinations however.

uhinze

Ah you’re right! So it’s not for English layouts but for the German one and a couple of others. Just skimmed this article and it looks like there are a couple of layouts where you’d need the Option key: https://keyshorts.com/blogs/blog/37615873-how-to-identify-macbook-keyboard-localization

ag_ana

Thank you @uhinze :+1: I have sent your feedback to the developers, perhaps allowing the possibility to change this keyboard shortcut would be a nice way to do this. This way, users for whom it's not a problem would not have to do anything, but in other cases, such as German keyboard layouts, there could be an option to update this specific shortcut. Just an idea.

ref: dev/projects/customer-feature-requests#600