Sharing Secured Notes

1opinion
1opinion
Community Member

It would be great if we could share secured notes along with their attachments.

Comments

  • tjcarter
    tjcarter
    Community Member

    I've also been thinking I would like to see secured notes changed a little bit in iOS (and perhaps see those changes that make sense migrate to the desktop as well), but I hadn't really gotten too far into the thinking of what it might look like from a UI perspective.

    Sharing the contents of a note is certainly part of what I have in mind, so I'll think out loud a bit here (Arrrr, thread hijacked!) and see what other people think. :) I'd probably place sharing notes down about #3 on my list, though it may be the easiest thing to implement and #1 being the hardest if not already done.

    What I see as potential room for improvement:

    1. False collision in sync
    2. Attaching things to notes
    3. Sharing notes and attachments
    4. Note titles from text
    5. Fonts and accessibility
    6. Sorting/tagging/something

    False collision in sync

    There was a rather annoying problem in migrating from 1P 3 to 4 in that at some point I had both. Somehow all of my notes wound up with multiple useless collisions. Obviously these were better than potentially losing data, but if the data format does not lend itself to ensuring that doesn't happen in the future (and I'm not convinced that it can't still happen), that'd be the first thing I'd look at. Since I just stumbled across one final note exhibiting the problem, I'll share it here with a single search and replace:

    smtps://<email-address>:<password>@sub4.mail.dreamhost.com
    
    ===
    
    smtps://<email-address>:<password>@sub4.mail.dreamhost.com
    
    ===
    
    smtps://<email-address>:<password>@sub4.mail.dreamhost.com
    
    ===
    
    smtps://<email-address>:<password>@sub4.mail.dreamhost.com
    
    ===
    
    smtps://<email-address>:<password>@sub4.mail.dreamhost.com
    
    ===
    
    smtps://<email-address>:<password>@sub4.mail.dreamhost.com
    

    If you couldn't guess, the replace text was "<email-address>:<password>", and you don't get to know the source. :) But there were indeed 6 copies of this one note. And at one point, all of the others. This straggler was missed because I haven't looked at this particular note in ages. It was put there to easily populate iOS mail settings and taken verbatim from my UNIX mail config from ages ago protected only by UNIX permissions and the URI wasn't part of my main config file. Neither were terribly intelligent and both are done better nowadays, but this write-once note stands testament to the fact that I have been stupidly lazy and that 1P had this little hiccup during the migration for reasons I admittedly never dug into. Or it did until I deleted it. DELETED!

    ahem Sorry, off topic there. :) The point was back when I was working on pilot-link stuff, we encountered this kind of issue all the time where official HotSync software would consider two nearly identical records with minor or even inconsequential variance as totally different. Since by then we had all long-since outgrown 16 MHz m68k processors and had a tiny bit more processing power, we were discussing that our little pipe dream called Plumber (it fixes syncs!) would examine potentially different records to see if/how they were different and try to apply the slightest bit of sanity to avoid presenting the user with a conflict that doesn't actually exist. That's hard, depending on the nature of the conflict, but for "are these text areas identical" it's not TOO hard. ;)

    The question is… When there's an actual conflict, is there a better way to present this to the user for resolution? I haven't got a good answer for that yet. I'd be perfectly comfortable with a diff3-type output, but … that might be unexpected by the casual user and too much creeping featurism.

    Attaching things to notes

    Apple doesn't really give us a good way to do things like this on iOS, sadly. The Open in… feature is great and I really wish there was more of that on the Mac, but it's somewhat limited. Apps like Dropbox and Evernote will let you open literally anything in them in order to provide the closest approximation to the ability to add files to either on the desktop. I guess 1P could do the same, presenting you with the option to attach the file to a new or existing entry, but this brings somewhere the larger discussion of whether or not to litter the share/open-in boxes with a million apps that accept everything (but not always how you might expect!) It's a problem Mac users have known with services for a long time, and it doesn't really have an immediate and obvious solution.

    It's probably beyond Agile's ability to do anything else. That said, if someone from Agile (or any other developer who sees this) happens to have someone to bounce the idea off of at Apple, maybe there are really two kinds of apps that can open a file… Those made to work with that KIND of file, and those apps that happen to also support it. Pages is made for Pages, Word, and, well, whatever styled document formats it can import. But maybe it also supports plain text. Such "also support" apps would be on a separate level and would be a good place for those any-file apps which might include 1P supporting attachments in iOS.

    Until thin I guess Agile (and everybody else) will just have to do the best they can.

    Sharing notes and attachments

    The OP's stated desire, and by far the easiest to implement discussed thus far. The only question I see here is how much handholding 1P should do about the fact that shared info doesn't remain secure. I vote none! :) Or at least, I vote for the ability to turn off any handholding Agile might think a casual user might need.

  • tjcarter
    tjcarter
    Community Member

    Note titles from text

    I consider the current behavior to be somewhat of a bug one way or the other. If on my iPhone I create a secure note, I'm given a note editing screen with the cursor planted on the note contents. The note title is the hint text "Secure note". If I save the note without giving it a title, "Secure note" is the title it gets. I don't see this as desirable behavior.

    If I tap on the title before saving it, the hint text changes to "title". If I save the note without typing one, the note is saved without a title. The first line of the note's content is used as the title in this case, just like in Apple's own notes app. It also does this if you edit a saved note and delete its title—say, because that note was saved with the title of "Secure note". :)

    I see this as inconsistent behavior. Regardless of what the hint text says, a note not given a title should IMO not be saved with one. I suppose that'd be a very nit-picky bug, but that's what Agile pays me nice, round, fat salary ($0) to point out right? :D

    Fonts and accessibility

    I guess that it wasn't really possible before something like iOS 6(?) for non-Apple apps to figure out what the user's chosen text size was. If you use this feature, you probably know that it affects the font size of mail subject and text, sent and received messages, Notes (both title in the list view and content when viewing/editing), the fields of contacts, the day view of calendar, etc…

    Well, now that it's supposedly available to 3rd party apps, I've found a nice fat, round number of apps using it. Hint, it's the same as my salary from Agile. :( Maybe I'm just not using the right apps, or maybe this hasn't been a priority for app developers to integrate. Or perhaps they didn't want to break compatibility with older iOS versions by using it. Or maybe (most likely) they just never considered the possibility that someone would want that.

    Well, I want that. :) And a prime place to put it would be in secure notes. I'd kind of like it elsewhere in 1P where it makes sense such as fields in logins and other record types. On the iPhone it doesn't look like it'd be difficult at all with its vertical field/value layout. I recall the iPad has a horizontal layout, so that might need a little more testing, which I'm glad to do because I use a pretty large text size on the iPad. Being legally blind and all. But notes would be a good start and easy to test.

    I admit I haven't really tested 1P using VoiceOver… I haven't often got headphones handy the way a regular VoiceOver user does, and 1P data isn't exactly the thing I want to hear Nuance Samatha blathering out of a speaker. I can try it out with the demo data if you guys don't test it now and then.

    Sadly the Mac does not have a global text size setting like iOS. Why not, I dunno. Memo to self: accessibility@apple.com hasn't heard from me in literally months, time to change that…

    Sorting/tagging/something

    Apple sorts notes chronologically. 1P sorts them alphabetically by title. Some possibility of categories or folders or tags or … something? Not 100% sure how to make that work. Perhaps by the time we get into that stuff, we're getting outside the realm of 1P's intended purpose. Certainly 1Browser is becoming more and more comparable to MobileSafari, but that's got a lot more to do with the fact that 1P's first and most prominent feature is that it tracks your accounts on websites and Apple won't let you have a browser extension. Too much more complexity in terms of notes might be better done in a dedicated notes app. Plus, there's the real obvious question of whether or not adding this might encourage too many bad habits…

    I for one disable lock on exit because I find myself often switching back and forth rapidly between 1P and some other app. Particularly when setting up apps' account info saved from websites. Or when creating accounts in apps whose details I want preserved for obvious reasons. I also don't tend to pack up all my gear to run to the restroom during meetings and seminars. I haven't had to worry about what someone might do with my things in full view of a room full of people who see NOTHING since high school. I do sleep my devices, but if I were taking notes in 1P, that means a four digit PIN is all that separates someone from my vault contents unless I lock it too… (Hm, is there a keyboard shortcut for that in iOS? Probably not yet, unless someone ELSE has suggested that it would be useful…)


    That's what I'm thinking thus far. Good, bad, or out of my mind, you can decide for yourself. :)

    Additionally, I should note that it was possible somehow in the process of editing this post to get the forum to send me bogus HTML tags <email> and <password>. The message ultimately didn't post because I needed to break it in half for length, but it should've escaped them outright from the start. Your web dev peeps should have a look at that…

  • Hi guys,

    @1opinion:

    It would be great if we could share secured notes along with their attachments

    At the moment, what you can do is copy the content of the Secure Note before you share the attachment. After you get to the attachment to share it, you can just paste it in along with the attachment.

    We'll keep working on improving the share features to allow for the possibility of sharing notes with their attachments via email and/or AirDrop. iMessage probably won't allow this due to character limitations.

    The ability to share notes on its own is on our list to implement as soon as we can.

    @tjcharter:

    False collision in sync

    But there were indeed 6 copies of this one note.

    There are a few bugs that we're working on, one of which I believe started with the 4.5 update in your case. We're causing some conflicts to show up even though they're duplicates and should not be merged in.

    The additional conflicts should be fixed in 4.5.1 RC1 now and we'll be working on adding a cleanup tool in the 1Password for Mac app to automatically remove all duplicated conflicts.

    We do plan to make sure the conflicts are skipped if it is a duplicate to the existing data.

    is there a better way to present this to the user for resolution?

    We tried this in the past in 1Password 3 for Mac, it didn't work too well. We've gotten less confusion from customers in the current automatic conflict resolution then we did with the prompt to show the conflicts that needs to be manually resolved.

    One of the core issues is mainly that folks don't like to see sudden prompts out of nowhere whenever there is a sync conflict. Right now, there isn't a great experience that can be found yet. We're always figuring out a better way to handle this and for now, that's merging the data in automatically while ensuring we don't do duplicates. :)

    Attaching things to notes

    Sadly, for now though. Apple's really good about providing the needed features over time, they're just very secretive about their future plans.

    I'm not sure what you mean about the Mac app, you can just edit the item and drag any file in, which will then sync to your mobile devices, including secure notes with attachments. Whatever can be opened, 1Password will open it. I think we will expand on this in the future to let users do a Quick Look with other apps that can read it.

    Any app can register their list of file extensions it can read and any app that does Open in will show a list of eligible apps that can view those files. These are handled by iOS automatically.

    Sharing notes and attachments

    That may be true but we're already doing it for other items. We just have to fix up Secure Notes' layout to add the Share this Note button, along with Mark as Favorite, and Move to Folder.

    Note titles for text

    It's supposed to behave like it does in other items; as soon as you tap on the title, it'll auto-clear, and let you start typing. It is a bug in that it is called Secure Note by default and you have to manually clear it.

    We don't assume too much about the titles that user wants to use, if they didn't change it, then it should remain with the default Secure Notes name. It makes it easier to find it later and rename them when you see all of them with the same name "Secure Note". We've seen this work in other categories as well.

    Fonts and accessibility

    The new Dynamic Fonts API in iOS 7 is something we haven't taken advantage of yet, we were focused on revamping the app to fit the iOS 7 style and haven't look at the rest of the new features just yet.

    However based on our experience, it's never as simple as it sounds. While the APIs are available in iOS 7, it doesn't mean all apps can just simply drop them in and expect them to work out of the box. It takes time and a lot of resources to do them all properly without causing regressions in the current codebase. It would've been easier to do a brand new app to take advantage of those new APIs, than it would've take to modify the app's existing code. Of course, while it may be easier, it wouldn't be quicker, it'd take years to re-implement all of the features again.

    In 4.5, we added the AirDrop support. In 4.5.1, we started taking advantage of the background refresh APIs to download changes from Dropbox in the background when 1Password isn't in front of you. From now on, we should be able to start looking at the rest of the APIs, including the Dynamic Font APIs, which is something we already plan to support.

    As for the Mac, Dynamic Fonts API is practically brand new to the Apple's ecosystem. I'd suspect Apple might start providing this API in the upcoming 10.10 or the next one. But yes, please do email Apple to include this as soon as possible. It'd be easier to adopt the API in the same code for both iOS/OS X now.

    Sorting/tagging/something

    Secure Notes right now is very basic, it's just a list of notes. There is not even any formatting support. We don't really want to bloat the app up with all sorts of features just for the sake of having them. We want to focus on making the app the best as what it does, rather than being the single tool for everything.

    As you already noted, it'd be better to do a separate but secure text editor that can focus on being the best at that.

    That's what I'm thinking thus far. Good, bad, or out of my mind, you can decide for yourself.

    Thank you so much taking the time to write all of these down and sharing it with us, it's a long one but we really love it! :)

    Your web dev peeps should have a look at that…

    The forum is not our creation, we're using a hosted instance from Vanilla forums, who coded this. I'll pass on your notes to them.

This discussion has been closed.