Vote here || Security/Privacy Request for Limiting Full Dropbox Access by 1Password apps.
Dear 1Password Team,
(Cc. Other users may vote in for this feature and suggest better)
Currently 1Password apps makes full access to user's Dropbox folders for making it convenient to locate 1Password files, and easy user setup.
Some users may find it as a major security violation for their other non-1Password data in Dropbox. Kindly suggest if you can take care of this is an upcoming feature for enhanced confidence of users for security & privacy concerns.
Cheers !
1Password Version: 4.5.0.574
Extension Version: Not Provided
OS Version: Windows
Sync Type: Dropbox
Comments
-
Hi @BobCarpenter,
Being conscious of your security is always a good thing, heck it's part of why we're all here in these forums. Saying that, I will be presenting a counter position to yours. Now this is the lounge section so please don't interpret this as a final statement or anything like that, this area is for discussion after all :smile:
There are two technical reasons why we require full Dropbox access in at least our iOS app and possibly our Android app too. I'm not as familiar with Android and the normal crew aren't around to ask as it's a Sunday. I know this is definitely the case with 1Password for iOS though. Now for the reasons.
- Legacy versions. Long before Dropbox introduced the apps folder and sandboxing we used to store a file in the root of your Dropbox folder. It was used so 1Password could determine where the .agilekeychains were being stored. Now the current versions of 1Password don't use this but if the file exists we keep it current in case somebody is running older versions elsewhere. As it's stored in the root of your Dropbox space that means full access to see if the file exists and write to it if required.
- Sharing of vaults between Dropbox accounts. This requires full access and can't be achieved via the more restrictive access.
These two reasons are better covered on our page, Why does 1Password need access to all my Dropbox files and folders?.
The first will eventually disappear as the hardware these old versions still run on completely dies, nudging those people to newer hardware, OSes and versions of 1Password.
The second is trickier. We could add more settings to enable the less restrictive access but personally I think we need to make sharing vaults easier, not more complicated.
Now all of this only applies to the mobile versions of 1Password. On the desktops, Windows and Mac, you install the Dropbox client and at that point every application on your computer has full read and write access to your Dropbox folder. Could we move to bypassing the Dropbox client and instead favour their mobile API? We could but this isn't how Dropbox intended access on the desktop and any other application you use would still require the client installed. The beauty of their system on the desktops is we simply need to write to the folder and leave their client to do the rest. The API exists for mobile devices more because it was realised very early on that keeping an entire copy of your Dropbox folder on a mobile device simply wasn't practical.
You may not agree with any of this, that is your prerogative and we look forward to hearing more on your views and the views of others.
I have one more point I'd like to raise. It's more a personal one, hence why I've left it to last. One reason I don't worry about 1Password isn't simply because I'm part of AgileBits, this was equally true when I was merely a customer of their fine product. I trust 1Password with all of my most sensitive data. My vault contains not just all of my passwords for websites but enough data for full access to my bank accounts and credit cards. There's nothing I would ever store in Dropbox that comes close to the trust I place in 1Password. That's why I find it so easy to understand those that don't want to use a cloud service for syncing. If I didn't trust 1Password completely, then I couldn't use it all given it's primary function. So even though it requires full access to Dropbox I don't think twice about it. Now if sandboxing was easy and didn't throw any spanners into current functionality then I'd say sure, why not. Given the desktop model though it would seem like a lot of effort for very little gain. As I say, you may very well disagree, you may present an argument that shows some of my beliefs are wrong and I may need to re-evaluate my position - that's the beauty of a good discussion :smile:
0