Feature Requests & Wildcard Ideas

ToInfinityandBeyond
ToInfinityandBeyond
Community Member
edited April 2018 in Lounge

To Whom it May Concern:

Until recently, I was another individual who relied upon generic/included/free software to compile and manage my most important data. It was not until an online —reliable credit website— platform informed me of a data breach —including numerous passwords— that I decided to jump on the 1Password bandwagon.

That said, coming from a medical, pharmaceutical, and science educational & professional background, I came up with some ideas to implement —if possible. Nevertheless, I do not possess an expertise in app design; thus, with caution, I will do my best to express what I will like to see in the future.

  • More automation to further the iOS workflow under CRUD:

_On a recently posted review I wrote the following: _

 "If a script could be created so whenever you need to change an actual password — for example from a webpage — the app could recognize the pathway needed to change it, Thus, the app could possibly render the option of changing the actual password from the login page without having to navigate to the specific area per webpage. As a note, this could be implemented —first as an experiment— on major traffic/mainstream websites. Moreover, this could be created for a generic batch of websites or even better if it could be based on the user based web surfing habits as part of the beta process."
  • Expanding the actual service by enabling data encryption in the export of data and video support:

I understand this might be easier said than done. But, after tinkering with the app I came to realize that the app has a vast major possibility of expansion to other services. For example, aside from delivering powerful capabilities to manage passwords, 1Password can extend the service to delivering powerful capabilities of encrypting medical, pharmaceutical and scientific research data through P2P encryption of data files for communication/response purposes. Yes, I understand this might already be available through the intranet of an enterprise; which of course, depending on the rules of engagement of the business can be the only legally accepted route of transferring documents. However, from my professional and educational experience, this is not the reality of the aforementioned businesses. Moreover, as an example, in a twenty-four-hour active pharmaceutical ingredient (API) manufacturing plant, a considerable number of them deal with biological products. Thus, the decision when a problem arises needs to be delivered fast or otherwise thousands of dollars and medicine product can be at stake.

In many of this type of business —due to the nature of being twenty-four-hour working— the experts on the vast spectrum of an area of expertise are not always available on site. This is when I have seen that many of the individuals in charge have to rely on inconvenient and insecure forms of transferring critical and delicate data —data being medical records, patient X-rays, a complete urea cycle plant diagram, among others. The same situation happens with a medical patient, most likely in the overnight rounds when the expert of a rare specialty is not within the premises. Again, yes, hospitals have already a medium of reaching the specialist to send the data over, but, the methods —most of the time— are outdated, complex or insecure.

Without adding more confusion to my elaboration, I will like to see in the future the possibility of uploading a picture, diagram or video with the option of using the 1Password keyboard with the P2P capability to transfer/export data within the 1Password platform. As a selling point, 1Password highlights the use of the security provided by not only the secret key, but the need to poses the master key too to access the data —from the sender perspective as well as that of the recipient. Thus, even if the data is intercepted it should provide an ease of mind.

  • Support forum via Tapatalk or an app for the forum

  • For reference purposes:

  1. https://discussions.agilebits.com/discussion/comment/346592#Comment_346592
  2. https://support.1password.com/export/

Sincerely,

ToInfinity&Beyond


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

iOS

development

ideas

macOS

Comments

  • Hi @ToInfinityandBeyond,

    Thank you for that awesome post. I couldn't agree more, there's a wide range of industries that are in need of something like 1Password if not 1Password itself.

    You mentioned the idea of automating the changing of passwords... this is one idea that I'd love to see happen one day. Unfortunately with the state of the web as it is today, it's unlikely that something like that could be built where it actually works well and works for enough sites to make it worth while. Allow me to elaborate a little on why that is...

    I could probably build a small piece of software that knows how to sign in to Facebook, navigate to the Change Password page, fill in the fields with my old password and a newly generated password and submit it to Facebook. None of those pieces are particularly challenging. It'd require some work, but it's very doable. But Facebook changes their website rather frequently. The changes are necessarily apparent to the user, but there's constant underlying changes. Facebook isn't alone in that. We ourselves are constantly making small tweaks to 1Password.com. And so it becomes a cat and mouse game. Each change they do can break the piece of software that knows how to work that website. Now start multiplying that by however many websites you want to support and you've got yourself a ton of work to have a feature that might work sometimes. Might work sometimes, for a fraction of the websites on the internet. It's a tough sell, considering how much effort we would need to put into it.

    Don't get me wrong though, the idea itself is really good. And it's one that we've discussed here numerous times. We just haven't found a way of doing it where it could work for numerous websites and have it rarely ever break.

    Rick

  • ToInfinityandBeyond
    ToInfinityandBeyond
    Community Member

    Imagine the following scenarios:

    1. You're forced for some reason to login into your 1Password login while overseas and let's say you forgot to use the travel mode feature, if a feature through which a pre-recorded password of your like once entered into the system could block the account till other X verification steps are carried out by the main user —in this case the one that's traveling— could render a more secure ambient.

    2. Same as above but, in this case, let's say that once you enter a pre-recorded password of your like the system renders a dummy password vault without a noticeable difference from the real one. This is already implemented in other conceal data type platforms; however, I have yet to see it in a password management application. I do believe this will be of great use for those that move quickly around the globe, mainly for individuals who can't allocate the proper time to plan ahead their steps and enable the travel mode.

    Sincerely,

    ToInfinityandBeyond


    1Password Version: Not Provided
    Extension Version: Not Provided
    OS Version: Not Provided
    Sync Type: Not Provided

  • AGAlumB
    AGAlumB
    1Password Alumni

    @ToInfinityandBeyond: They're interesting ideas, but honestly those are very much "security through obscurity"...and if you're in a position where you're truly at risk, playing games like that with authorities will just make a likely already bad day much worse for you. For the vast majority of people, even those who travel frequently, there are going to be two much better options: getting legal help or cooperating with authorities. Those are not always an easy option of course, depending on the circumstances, but if that's the case you knew what you were getting yourself into and had the opportunity to plan accordingly. Travel Mode is a great convenience feature but it isn't insurance against getting into trouble with government agencies; it simply allows you to easily remove data from devices preemptively for cases where you don't want to (and perhaps are legally obligated to avoid) have information exposed during routine searches. It is definitely not a digital "get out of jail free" card.

  • ToInfinityandBeyond
    ToInfinityandBeyond
    Community Member

    Thanks, @rickfillion, I did not know that. It sure makes sense to me now.

    ...@brenty we might just have to agree to disagree on this one. As for your opinion, that will be a cognitive inference —for perceptual reasons— of why such features should be available.

    To me, it's simple —from a business standpoint of view— if for any reason there is a niche of individuals that may benefit from a certain X feature, as long as the features are supported then the demand should always be there to exist —taking into consideration that I am referring to legally abiding enterprises. The moment we stop considering services to be rendered, the enterprise ceases to exist. For example, an app called photov## offers the above to its users —with regards to the second statement scenario. In addition, the features display above are not that far as to the reasons a considerable number of individuals use a VPN service on a daily basis. Hence, the use of technological features cannot dictate nor categorize —in a partial format— the use or the purpose individuals use them for. However, it's true that access to technology is there to be exploited for good and bad reasons. Nevertheless, the aforementioned scenarios do not necessarily have to constitute that the individual is a grey or obscure entity.

    As for the security aspect, I do believe the above can be used where coercion or extortion is used against the individual. Sometimes a security firm that travels without too much of prior notice or start-ups that may start a bit unorganized may benefit from that "extra security." The tendency of the human essence is to forget and disengage from systematical approaches; thus, it's viable that one may forget to do such step before stepping out of the country.

    Sincerely,

    ToInfinity&Beyond

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks, @rickfillion, I did not know that. It sure makes sense to me now.

    @ToInfinityandBeyond: Glad that Rick was able to help. :)

    ...@brenty we might just have to agree to disagree on this one. As for your opinion, that will be a cognitive inference —for perceptual reasons— of why such features should be available.

    Fair enough. We just don't want to offer only the perception of security. And giving the authorities the perception that you're playing games with them is a great way to get in deep trouble. That's not something we want to be encouraging anyone to do.

    To me, it's simple —from a business standpoint of view— if for any reason there is a niche of individuals that may benefit from a certain X feature, as long as the features are supported then the demand should always be there to exist —taking into consideration that I am referring to legally abiding enterprises. The moment we stop considering services to be rendered, the enterprise ceases to exist. For example, an app called photov## offers the above to its users —with regards to the second statement scenario. In addition, the features display above are not that far as to the reasons a considerable number of individuals use a VPN service on a daily basis. Hence, the use of technological features cannot dictate nor categorize —in a partial format— the use or the purpose individuals use them for. However, it's true that access to technology is there to be exploited for good and bad reasons. Nevertheless, the aforementioned scenarios do not necessarily have to constitute that the individual is a grey or obscure entity.

    I understand where you're coming from, but we cannot reasonably accommodate every niche use case or request. We do take all of them seriously though and weigh them against each other. There's a lot we have to say no to in order to focus on things that do the most good for the greatest number of people. We'll continue to evaluate your requests, and if we can accommodate a significant number of users by implementing something in this vein in the future without merely giving people a rope to hang themselves it may be worth doing.

    As for the security aspect, I do believe the above can be used where coercion or extortion is used against the individual. Sometimes a security firm that travels without too much of prior notice or start-ups that may start a bit unorganized may benefit from that "extra security." The tendency of the human essence is to forget and disengage from systematical approaches; thus, it's viable that one may forget to do such step before stepping out of the country.

    You're not wrong, but if it's your job to protect certain information, 1Password already gives you the tools to do so securely and without risking your personal freedom or safety. I can't imagine that a person tasked with this kind of responsibility will have a job for long if they fail in that regard. :(

This discussion has been closed.