Why are stored credit cards appearing under security audit?

BugsysDad
BugsysDad
Community Member

Why are stored credit cards appearing under security audit? I have read several past posts regarding this problem - all of which have been closed now. These posts date back to 2014, where the response from agile bits team members was "we are working on this for a future update." It has been nearly 3 years now, so you know when this update will finally be among us? My stored credit card info does not contain PIN numbers, which I read could possible be why these items are flagged as outdated. Can you please let us "paid users" know when this will be fixed please? Thank you.


1Password Version: 1Password 6 Version 6.5.3 (653000)
Extension Version: 4.6.2.90
OS Version: 10.12.2
Sync Type: 1password.com
Referrer: forum-search:Why are stored credit cards appearing under security audit?

Comments

  • Drew_AG
    Drew_AG
    1Password Alumni

    Hi @BugsysDad,

    Thanks for writing in to ask about this - I'm sorry it's been bothering you!

    Why are stored credit cards appearing under security audit?

    Basically, the Security Audit feature looks for items with concealed fields, which includes passwords, PINs, and verification numbers. To prevent Credit Card items from showing up there, it will need to exclude certain types of concealed fields, or possibly entire item categories.

    I have read several past posts regarding this problem - all of which have been closed now.

    The forum software here closes threads automatically after a long period of inactivity. That has nothing to do with the status of a ticket (bug report, feature request, etc) in our internal tracker, though - the ticket for this is still very much open! :)

    It has been nearly 3 years now, so you know when this update will finally be among us?

    I'm afraid I don't know when this will be changed, or in what version. It's something we definitely want to improve, but there's no timeframe at this point. I know it can be really frustrating to see that so much time has passed without that happening, and I'm sorry I don't have a better answer. I'll be happy to add your comments to our internal tracker to let our developers know this is important to you.

    Aside from that, I hope you're enjoying 1Password. If you need anything else, please let us know. Cheers! :)

    ref: OPM-1004

  • tubedogg
    tubedogg
    Community Member
    edited March 2017

    I'll add my second to this request. That's actually why I came to the forums today, to find out if this was planned. Being semi-neurotic, seeing a badge (number) by Weak or Old that I can't make go away is really driving me bonkers. >_<

    I'll also add some comments on how this might work - yes, excluding entire categories of items could be helpful, though I'd like it to be configurable. Instead of or in addition to that, it could be a per-item setting that is toggled on by default. Also instead of or in addition to that, a new type of password field could be added, though I'm not sure that's quite as useful and it adds some additional complexity.

  • Thanks for the feedback @tubedogg. It would be really nice if for the obvious cases (like credit card pins) the user didn't have to do anything. Which would point more towards the idea of another kind of password field, or an attribute associated with a password field to indicate that it's not expected to pass this test.

    I'm hopeful that we can get this solved. Rest assured that it bothers us as well.

    Rick

This discussion has been closed.