Printing report for selected items [Not supported]
1Password really lacks a simple way to generate a report for selected items and print this.
In some cases my customers ask for all their information and passwords I have saved for them, it would save me a lot of time if I could generate a nice report and print it for my customer.
I know about the CSV export but I cannot select items. Creating a nice looking report from a CSV would be quite difficult.
Comments
-
You can export all Login items or only the selected Login items to either of the delimited-text formats:
0 -
I have been hesitant to add printing to Windows, because printing is essentially plain-text export and as such it is horribly insecure. Unless you store it in a safe and swallow the key.
0 -
Isn't exporting to CSV as equally insecure? Maybe even more insecure because this file is actually saved to disk without any encryption. Though printing directly from 1Password also involves no encryption in the communication between client pc and printer, thus could be intercepted.
So maybe export to secure PDF would be an option but I guess implementation is very difficult. Either way there should be a lot of warnings when exporting or printing to a non encrypted form. I realize I almost never have to export to non encrypted form but would be great to have an option to give my customers the info they ask for.
Just brainstorming here. Maybe it's an idea to export the data to one executable including the data (read-only zipped executable or something like that) that contains only my selected data and my customers are able to open without installing 1Password or needing a license to do so.
0 -
Isn't exporting to CSV as equally insecure?
Correct, but most users will delete this when they are done with it. Hopefully in a secure manner. Printing however is often considered as a backup ("what happens to my passwords if my computer crashes?") and then it is not stored in a secure manner (for exampe: under the bed). This lowers your security.
0 -
there should be a lot of warnings when exporting or printing to a non encrypted form.
Great idea, @admxnl!
Here are some snippets from the Exporting data article in the 1Password 4 for Windows user's guide:
1Password Interchange Format
...
Caution: 1Password Interchange Format files are not encrypted. Your data in the .1pif file is stored in JSON, a plain-text format, so be sure to delete it securely on both machines, when you've completed the transfer. For your security, do not use an online JSON viewer to read a .1pif file, because your private data would be transmitted in plain text.
...and...
Delimited text
...
Printing your Logins
A delimited-text file is perfect for opening in a spreadsheet program (like Excel), formatting as you like, and printing.
Caution: At the risk of stating the obvious, delimited text files are not encrypted. Your data in the file is stored in plain-text format. Be sure to store text files—and any pages you print from those files—securely.
I was assuming there's no need to mention that the printed pages are also non-encrypted.
Thanks!
0 -
Isn't exporting to CSV as equally insecure?
svondutch: Correct, but most users will delete this when they are done with it. Hopefully in a secure manner.
I hope you won't think me rude, but this is insane thinking. No normal user knows how to delete a file in a secure manner. "Hopefully" is not a security policy, and you folks are in the security business.
There is a real need for printing to paper -- archive in safe deposit box; share with spouse who is non-technical. I'm not worried about someone breaking into my house and finding the password list -- they're looking for electronics and jewelry. With proper warnings and confirmations, the ability to print in a decent layout is a top requirement for me and many other users (I just found 15+ posts requesting that just since December 14).
The old print function that printed my 400 logins on 126 pages is not acceptable.
Thanks.
--Franklin
0 -
Hi @fdavis99,
I hope you won't think me rude, but this is insane thinking. No normal user knows how to delete a file in a secure manner. "Hopefully" is not a security policy, and you folks are in the security business.
It's not rude, we'd love to hear what you want to say.
The thing is when you print something, you're leaving a trace of the clear text data behind in the printer's cache, a copy of the print job stored in your computer drive and so on, there are multiple places it will be in. The export file is a single tangible file and you can delete it because you can see it and you know the risk.
There is a real need for printing to paper -- archive in safe deposit box;
We strongly recommend using the 1Password Emergency Kit PDF instead for archival purposes in the safe.
share with spouse who is non-technical.
As for sharing with spouse, do you mean the entire vault or sharing one item?
I'm not worried about someone breaking into my house and finding the password list -- they're looking for electronics and jewelry.
They don't need to. That's the problem with exporting and printing; once you leave a trace of the exported/print files on your hard drive, printer, and so on, all they have to do is break into your computer or even printer remotely and grab the file.
Our priority is to not leave any traces of your data outside of 1Password.
0 -
all they have to do is break into your computer or even printer remotely and grab the file
If they have broken into my computer, why go through all that trouble to locate a file in who knows what cache or undelete some file you don't know the existence about. But just capture my keyboard actions, thus 1Password database password. And then simply copy the 1Password database...
0 -
How can I print my passwords in 1password? Thanks Michael
0 -
Hi @admxnl,
But just capture my keyboard actions, thus 1Password database password. And then simply copy the 1Password database...
That's why we have Unlock on Secure Desktop, that makes it extremely difficult for any keyloggers to capture your keyboard events even someone is remotely connected to your system. You can find out more here: https://blog.agilebits.com/2014/08/21/watch-what-you-type-1passwords-defenses-against-keystroke-loggers/
You are correct, that once someone has a copy of your data file and your master password, the game is over.
If they have broken into my computer, why go through all that trouble to locate a file in who knows what cache or undelete some file you don't know the existence about.
Scanning for all text files is pretty fast to do and to copy over, they're small and quick by its nature of textual content. You can easily use an app to find any text files to look for email addresses, social security data, and so on. Encrypted files, which 1Password stores your data in, wouldn't reveal any data that would make this easy for attackers to figure out. These files are extremely difficult to break into and requires massive amount of resources and time to break into.
That's why export files are just as bad as print jobs but export files, you can use secure deletion apps like Eraser to remove these files. Running a program on your hard drive to undelete files would not be easy to hide from you and it wouldn't work well once these secure delete apps are used. However, stealing the hard drive itself would make it possible to recover more of the deleted files, especially if it is a solid state drive. It's not a sure thing but because of the way SSD works, secure deleting might not do a good job but enough against remote attacks, just not physical attacks.
It's the difference between putting a bank statement with your PIN code, social security numbers, and so on in the living room in clear view versus in a locked safe in your office. You use 1Password to protect your data at all times, including when your laptop is stolen, someone breaks into it, and so on.
If protecting your data is not the primary goal, then 1Password is not the best program to use. Our primary goal is to keep your data encrypted at all times while making it more convenient to use that encrypted data in certain programs. Secondary is to prevent behaviors that could lead to data being exposed unintentionally, which means not supporting features that makes this easy such as printing, making sure we don't fill on insecure pages by default and more.
We are always re-evaluating our decisions based on what our customers are telling us and we do understand that printing is useful in a very few edge cases but we at the moment do not think it is proper to add this feature to 1Password on Windows.
0 -
Hi @zebbynpengi,
I've merged your post in this thread. Printing in 1Password for Windows is not supported at the moment.
Is there a specific reason you want to do this?
0 -
In case anyone is still interested in printing out 1Password data, here's a sneak preview of something I'm working on.
0 -
Cool, thanks for sharing it with us. We of course still cannot support it but it is an option.
0 -
You speak-um strong words.
And your big chief of your OS X tribe and your Windows tribe had a vision of a mighty pow-wow to decide which things are charmed and which things are bad medicine.
0 -
I'm not sure what you're trying to say. We cannot recommend or support any tools that is not written or reviewed and hosted by us for trying to print 1Password data, especially something that requires an export first.
0 -
I was saying that the Windows camp here at AgileBits denigrates printing out of data, and there is no support for doing so in 1Password for Windows. Yet the Mac camp has implemented the feature, and this seems to imply it is acceptable, if not a necessary evil. (Users have a real need for this, and the strategy employed is best left to users).
I assume the tool is one AgileBits will review, as it will be part of the next update to the converters package. It's just another converter.
0 -
Hi @MrC,
Yet the Mac camp has implemented the feature, and this seems to imply it is acceptable,
This is due to the way it is implemented on the Mac platform that is safer. The exported data is sandboxed by OS X, the same reason the attachment preview is not available on Windows but it is on OS X.
If OS X didn't have the extra sandboxing, we wouldn't have the same support on OS X.
I'll ping @jpgoldberg for verification if this is correct.
I assume the tool is one AgileBits will review, as it will be part of the next update to the converters package. It's just another converter.
Until the security team reviews and decides that it is fine, than we'd be happy to point it to folks who would want to use it.
0