Suggestion to improve Travel Mode

I love the new Travel mode feature, but I have a suggestion on how to improve your implementation of Travel Mode.

Currently, "Not Safe for Travel" is marked at the vault level. When Travel Mode is turned on, all the vaults marked as "Not Safe for Travel" are removed from client devices. I have found this design to be less than ideal. Specifically, I use Related Items a lot. For example, my credit card item and the bank login item for that credit card are both cross related. Unfortunately, if I try to move those 2 items to a "Not Safe for Travel" vault (which I believe would be a fairly common scenario), I am given an error message because items with links cannot be moved across vaults. My only choice is to remove the links, move them to the "Not Safe for Travel" vault, and then re-link them.

I believe a superior design for the Travel Mode feature would be to allow users to mark items "Not Safe for Travel" at the item level rather than the vault level. This could be implemented very easily via a "Not Safe for Travel" (possibly reserved) tag. This design would allow users to keep all their items in a single vault if they choose to (my preference) or spread them across multiple vaults, and since tags are searchable across vaults, you could easily identify which items to remove from the local client when Travel Mode is turned on. This alternative design would give users more granularity and not require them to create a separate vault for "Not Safe for Travel" items.

In addition, the migration to this new design would be rather straight forward, as implementation of the new release could easily take all the vaults which are marked as "Not Safe for Travel" and add a "Not Safe for Travel" tag to each item in that vault. This way, users could still keep all "Not Safe for Travel" items in a separate vault, or intermix them with items in other vaults, or just keep everything in a single vault.

I hope this makes sense to you, and hope you would consider a re-design of the Travel Mode feature to provide more granularity and easier management of Travel Mode for your users.

Thanks,
Dean


1Password Version: 7.8.8
Extension Version: 2.1.7
OS Version: macOS 11.5.2

Comments

  • jack.plattenjack.platten

    Team Member

    Hi @thedean,

    Thanks for asking about this! I've asked our Security team to chime in here, as they'd be best equipped to speak on this.

    Jack

  • LarsLars Junior Member

    Team Member

    @thedean - thanks for the question/suggestion! It's a good idea from a conceptual standpoint, and I can see how and why that would make your use-case easier. Unfortunately, it's just not the way 1Password's server is configured, and changing it would be far from trivial, as it would involve not just an adjustment to Travel Mode, but a redesign of the entire architecture of the 1Password data structure.

    1password.com is vault-based at its core, for the most part. The idea for Travel Mode is that All Vaults view is always available to you, so you can split your items between one or more vaults you use that contain nothing but items that would be "travel safe," in your opinion, and one or more vaults you would NOT want to travel with. In such a scenario, there would be no moving items (and thereby losing "related" links in the process); the items would be located initially in either travel-safe or not-travel-safe vaults, and any links between items would not be at risk of being lost.

  • thedeanthedean
    edited October 14

    Lars:

    Thank you for the quick reply. Your comment that "there would be no moving items" because "the items would be located initially in either travel-safe or not-travel-safe vaults" would only apply to new customers who are setting up their vaults for the first time.

    Existing customers did not have the luxury of perfect foresight to organize their vaults in this way. And as best as I can tell, there are to this day, no getting started guides that recommend a best practice to organize vaults in this manner.

    At a very minimum, your documentation team should be advising clients when they set up their vaults that they should be considering segregating not-safe-for travel items, in case they might want to turn on Travel Mode in the future.

    Dean

  • LarsLars Junior Member

    Team Member

    @thedean - thanks, I'll pass along that suggestion to the documentation team! :chuffed:

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    I think you, @thedean, are correct that having travel mode exclusions based on tags (or similar) would provide more flexibility for users and avoid the very real problems you describe. But as Lars correctly said, "1password.com is vault-based at its core." Synching is built around vaults, as is encryption. Travel Mode actually leverages some of our underlying synching technology and provides a simple mechanism that leaves absolutely no trace on the device itself of whether one is using Travel Mode.

    We certainly couldn't do it using our tag technology (but that doesn't mean that it couldn't be done in a way that will look like tags to the user) as server side we know very little about which of your tags are which. And we don't want the client to have a discoverable state that it is in travel mode, so the client needs to think that it is just getting vaults and items in the usual way. Having the server tell clients that certain items in a vault are "deleted" without actually deleting them feels like the kind of thing that one bad synching operation could lead to real data loss.

    Sorry for being so negative about the prospects of all of this. Your question got me thinking about various ways to achieve what you are very reasonably after. And so I am brainstorming ideas but then shooting them down. I can't think of a way to do it without a complete overhaul of how syncing works. Perhaps somebody will come up with an idea that would allow your request to get on a realistic roadmap, but I at the moment it looks like there is no way to get there from here,

  • thedeanthedean
    edited October 15

    @jpgoldberg...

    Thank you for your thoughtful words... and for understanding of what I was attempting to accomplish to further empower your users with more flexibility. If it's technically not feasible, then so be it.

    The larger point I was trying to make to Lars is that I believe you have an obligation to your users to suggest to them best practices about how to get the most out of your software. I completely understand that prior to the development of Travel Mode, you could not anticipate (nor could your users) how Travel Mode would be implemented.

    However, now that Travel Mode is available and fully understood, I believe you have an obligation to educate your new users that they should be thinking about creating a separate vault for sensitive items at account creation. To my knowledge their is still no documentation available from 1Password which encourages users to do so. Such documentation could prevent new users from having to jump through the hoops I did to un-link, move and re-link items when they discover at a later time they want to use Travel Mode. A little bit of guidance from you up front could prevent a lot of unnecessary work and customer frustration down the road.

    Please don't get me wrong. I am not trying to be critical of 1Password. I have previously used Dashlane and LastPass, and I am now a 1Password user because I truly believe it is a superior product. I make suggestions like this (and another I recently posted about using Shamir's Secret Sharing to enable account recovery in individual accounts similar to the way you do it Family & Business accounts) because I believe it can be an even better product. And I will continue to push you to make it the best it can be because I benefit and the whole user base benefits when you do so.

    Thanks again for your thoughtful response.
    Dean

  • LarsLars Junior Member

    Team Member

    To my knowledge their is still no documentation available from 1Password which encourages users to do so.

    @thedean - there is indeed. It's the Travel Mode documentation, the "To mark vaults as safe for travel" section of which reads:

    If you don’t already have a vault you want to travel with, you can create a vault and move items to it.

    It's true, we don't place instructions about how to do this - or why you might want to do it - front and center in a way that all users must be aware of in order to continue setting up 1Password, but that is because not everyone will want to use this feature. For those people, such instructions would be simply an annoyance. For the present, anyway, the burden of making every new user read or at least dismiss a pop-up or similar regarding Travel Mode that requires their attention is greater than the burden of the comparatively few new users who do not initially consider Travel Mode as part of their setup, then create vaults with multiple related links between them, and finally return to Travel Mode only to wish they'd done it differently from the start.

    If we can figure out a way to simply streamline the actual process, along the lines of what you mentioned (and jpgoldberg was trying to come up with ideas for), we'd love to work those in.

  • thedeanthedean
    edited October 15

    @Lars and @jpgoldberg:

    I am not suggesting that you burden customers with reading things they are not interested in, but rather make documentation available to those who want it, about best practices when setting up their account.

    For example, you have an article entitled "Getting Started with 1Password" (https://support.1password.com/explore/get-started). It is fairly process driven around 3 simple points: 1) Sign up, 2) Get the app, and 3) Fill in your passwords. There could be a link in that document to another article that is not process driven, but more consultative around best practices. It could include things like 1) what to think about when setting up your vaults, 2) Subject areas you might want to set up tags for, 3) How to use Watchtower to identify and turn on 2FA, etc.

    Having this as a separate article linked from within the "Getting Started" article would make it discoverable for new users, but not obtrusive for those who are not interested. A good example of how this can be done can be found in this New York Times article: https://www.nytimes.com/wirecutter/guides/how-to-use-1password

    If the New York Times can do this, you can probably do even better.

    I hope this helps.

    Dean

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file