Feature request: please add ability to hide or obfuscate notes and secure notes

lpn

I am putting things like security questions and answers in the Notes field of a Login entry (* see below). These are shown by default when opening the corresponding Login entry. Not only that, but 1P seems to (often, but not always) remember the last Login entry opened, so sometimes when opening 1P, it would display very sensitive information right away. This is an obvious security risk, should I say that the security answer is at least as sensitive as the password itself.

Please fix it by adding the option to hide (not display, e.g. collapse) or obfuscate the Notes field in a Login entry, preferably on a per-entry basis, or at least as a general setting.

The same request for the secure notes. The way they are, these can not and should not be called or assumed secure, as they are displayed by default. As simple as that.

(* I was previously told to either use custom password-like field that could be obfuscated or to store the security question and answer in a secure note. None of these is a reasonable solution. If I create another password-like field for the security answer, it would mean that it is of the same importance (workflow-wise) as the password, and it is not. Username and password are used every time when I login, security question/answer are used only when retrieving a password (hopefully never). Add to that the "ability" of 1P to sometimes fill the wrong fields, and this means that the security answer should not be in a password-like field. As for the secure notes, see above.)

Megan

Hi @lpn,

Our developers are currently looking into ways to improve Secure Notes to make them more powerful and user-friendly, and I'm happy to pass your thoughts along to our developers.

I do want to comment just briefly on your decision to not use the custom password fields. Of course it is completely your choice how you organize your data, and I'm certainly not trying to change your methods. But I did want to mention an added bonus of using the password field in a custom section: it allows one-click copying for those times that you do need to input the answer into a website.

Add to that the "ability" of 1P to sometimes fill the wrong fields,

I apologize that 1Password occasionally fails to fill correctly, if you'd like me to help you out with some sites that are giving you trouble, I'd be happy to do some troubleshooting. :) As this applies to the custom fields though, 1Password does not currently have the ability to auto-fill custom fields, so any details added manually to a custom section are for your references only and will not be filled in on websites.

I hope this helps, but we're here if you have any further questions! :)

lpn

@Megan : Thanks for your reply.

About the one-click copy of the custom fields: in the case of security questions and answers, these are rarely used, so this is not a time saving. I could see how the one-click copy would help for other fields that are used more often,.

As for the incorrect filling, this happens for example sometimes at macupdate.com where the username (email address) sometimes gets filled in the email field of the MacUpdate promo subscription box (the right-hand side of the screen). This doesn't happen all the time, and I can't reproduce it reliably.

I have never seen password filled in a non-password field, which could be a bigger problem if it happens.

Megan

Hi @lpn,

For your Macupdate Login, have you tried saving a new Login like so?

• Edit the login that you currently have for this website by appending an "Old" to the title - just so you can tell them apart.
• Visit the site and fill in the fields you want filled. Do NOT click the login button.
• Click the 1Password extension, and unlock it if necessary.
• Click the gear icon (or vault icon if multiple vaults are enabled) in the upper right corner.
• Select Save new login.
• Give the entry a unique and identifiable title.
• Click Save.
• Revisit the site and see if 1Password fills in the site correctly.

Re-saving a Login often allows 1Password to properly learn the fields to be filled. I've got a Login using https://www.macupdate.com/member/login that works as expected. :)

lpn

Hi @Megan,

This is not very suitable solution because the issue appears on other sites too (but I never kept track on which ones) and I don't feel like going over all logins that I have to create new ones. I just noticed similar, but more severe, problem reported in another thread:
http://discussions.agilebits.com/discussion/25044/autofill-on-getsatisfaction-com
and potentially solved by a beta version of the extension. Hopefully whenever new version of the 1P extension is released it will fix the issue.

Megan

Hi @lpn,

Our developers have made some great improvements to the extension for the next version, and we do hope that it will be available for release soon. If you want to help us test it out, or simply see if the sites that are giving you trouble behave any better with this new version, please go to our extension download page and select the 'Enable betas' option.

I do apologize that saving a new Login is a bit of a process. Please understand that these steps can be very useful for cases where a site has made changes that cause an existing Login to misbehave - in most cases the steps will result in a properly working Login. This is not to say that you should go through each of your Logins and manually update each and every one of them, but when you come across one that isn't working, these steps will likely fix it. :)