Suggestion Regarding Unsecured Websites

mskopel

Hi,

It would be good if there were a way to auto update all my login URLs to be https in 1Password.

Thanks.

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Lars

@mskopel - thanks for the suggestion! I'll definitely pass along your request. I assume you're referring to the "Unsecured Websites" feature of the new 1Password 7 for Mac? If so, you should be aware that those items listed in "Unsecured Websites" do not necessarily HAVE HTTPS login pages. Several of mine do not. What you're being notified of is not that there's an HTTPS sign-in page available for those sites, but just that the URL you have saved is plain unsecured HTTP instead of HTTPS. You would want to investigate on a case-by-case basis whether there is a secure HTTPS login page for each site (and what the URL is). If you find yourself with a handful of sites that have no HTTPS login pages, and you're finding it annoying that those sites appear in Watchtower, you can add the tag HTTP to each such Login item, and it will be removed from Watchtower. Note: this feature is not yet implemented in the initial 7.0 release, but will be coming very shortly in an update.

mskopel

Thanks Lars,

I am referring to "Unsecured Websites". My feeling is that it would be better to have 1Password default to HTTPS or allow the batch update of all URLs ( as I suggested) then fix the URLs that do not support HTTPS. This way I know what sites do not support it. From a security point of view, I think that is a better approach. Thanks for passing on my suggestion.

Michael

littlebobbytables

Hi @mskopel,

It's something we can certainly consider. Hopefully you don't have too many that need altered and thankfully it is a one-off task in the worst case scenario.

Mirtma

That's exactly what I was searching for. I have over 500 "Unsecured Websites" in 1Password, And most of them have already changed to https. And it's pain to click every login, then edit, then add "s". And before that try website link if it is https.

Lars

:) :+1:

jpinnix

+1 for this feature

I've been using 1Password for so long that I have a large vault. I have over 600 sites that have unsecured urls. As @mskopel said, I'd prefer to correct the small number of addresses which may not have HTTPS in exchange for the ability to have a one-click auto-update for all of those that are unsecured.

Lars

@jpinnix - we don't have anything like that currently, but you're not limited to manually adding "s" to the end of unsecured http:// URLs saved in 1Password -- at least, not for Login items. There should be a banner indicating that the site isn't secure, and you can click it to use the "S" flavor, if there is one. I'll also add your voice to those who've requested a "batch" updater. Thanks for weighing in!