Feature Request: Enable Travel mode within the App

It would be cool if I could enable the travel mode within the app (even when phone is offline). When I late notice to enable it, it would be cool to activate this on the phone.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • LarsLars Junior Member

    Team Member

    @telephoneman - Interesting idea! I'm not the final word on these things, but my understanding of this revolves around the fact that, if you can enable Travel Mode from your device, you can also disable it, which is something you definitely don't want border security being able to do. It would also need to be something that gave no indication that it had been enabled, because that also defeats the purpose, if border guards can see that you've enabled Travel Mode. I honestly don't know whether it would be technically possible to do what you're asking, but it would take some serious consideration to make sure that the added convenience feature wouldn't reduce the effectiveness of the entire thing.

  • At least to trigger to enable it. Not to disable.
    But If I travel to a foreign country i would need to disable it even when I enabled it in browser. . How? Well all I have is my phone. and i would need a browser authorized by the secret key. Otherwise I could not reenable it. Any ideas?

  • I think this is 2 things. For the second no solution i guess. Imagine I enabled it on a PC , all keys disappears. How to enable it now when I am on tour? I would need again the pc, okay I could also login on my.1Password.com on on the smartphone. But need the secret key for that. But this is something I don’t have in mind. If I had this information in clear text with me the guy at border could also catch that one. If I had my phones browser already authorized then but they copied the phone with that browser... hm?

  • brentybrenty

    Team Member

    At least to trigger to enable it. Not to disable. But If I travel to a foreign country i would need to disable it even when I enabled it in browser. . How? Well all I have is my phone. and i would need a browser authorized by the secret key. Otherwise I could not reenable it. Any ideas?

    @telephoneman: I think it's a really cool idea.

    BUT

    Being able to enable a setting in the app but not disable it there would be a recipe for disaster — especially since it involves deleting data (and encryption keys!) What about all the people who use 1Password primarily (or only) on that device, and trigger it without understanding the consequences? If that's the only place they had access to 1Password, they may not even be able to sign in on any other device to disable it, or even just access their account. Yikes. I like the idea, but that's just one of many potential consequences, nevermind any technical challenges.

    I think this is 2 things. For the second no solution i guess. Imagine I enabled it on a PC , all keys disappears. How to enable it now when I am on tour? I would need again the pc, okay I could also login on my.1Password.com on on the smartphone. But need the secret key for that. But this is something I don’t have in mind. If I had this information in clear text with me the guy at border could also catch that one. If I had my phones browser already authorized then but they copied the phone with that browser... hm?

    It's really up to you how you manage your account credentials. But I actually have leave Secret Key with a few key (har har) individuals whom I can easily call (Setup Code works great over video chat!) to help bootstrap me once I'm resettled (I always have my Master Password with me — in my brain). They also serve as a fallback for if I just get into trouble, like having my devices lost or stolen or destroyed. The possibilities are endless. :)

  • Hi Brenty, yes your thoughts are right. Maybe this feature request is more a philosophical question ... 😊

  • BenBen AWS Team

    Team Member

    We do appreciate the feedback. :) It is always interesting to hash out things of this nature.

    Ben

  • I thought a bit about this Travel Mode approach. You are right - to handle this Travel Mode you need a second device if you don't rely on your integrated browser. (When phone is lost and no "elsewhere backup" of they secret key, you are locked out).
    Thats OK. I've sorted sentive data and some data which is not a big issue to copy into "safe for travel and not safe for travel" vaults.

    in addition to travel mode it would be cool to tag single vaults as "online only" - the effect is similar to travel mode. The tagged vaults disappear from all your devices. But this offers me the option to use this to have kind of a online archive vault, remove the business vault from my devices while i'm on vacation... For all stuff where is no need to have them accessible in your mobile device.

  • brentybrenty

    Team Member

    I thought a bit about this Travel Mode approach. You are right - to handle this Travel Mode you need a second device if you don't rely on your integrated browser. (When phone is lost and no "elsewhere backup" of they secret key, you are locked out). Thats OK. I've sorted sentive data and some data which is not a big issue to copy into "safe for travel and not safe for travel" vaults.

    @telephoneman: Sounds like a plan! :):+1:

    in addition to travel mode it would be cool to tag single vaults as "online only" - the effect is similar to travel mode. The tagged vaults disappear from all your devices. But this offers me the option to use this to have kind of a online archive vault, remove the business vault from my devices while i'm on vacation... For all stuff where is no need to have them accessible in your mobile device.

    I believe that's been a relatively popular request from 1Password Business members. I'm not sure it's something that's appropriate for most users, and it could certainly cause a lot of confusion. Something to consider though. :)

  • @Brenty well I can imagine that this could cause confusion, but there is no need to click on it 😊 Have a good weekend

  • brentybrenty

    Team Member

    @telephoneman: I really enjoy the things you come up with and feel kinda bad saying "but" so much... but I guess years of helping folks get out of jams with technology has me thinking of all the things that can go wrong. I don't know if that's a good thing or a bad thing. :lol:

  • onelike147onelike147 Junior Member

    just switched to a 1P membership and I'm trying the travel mode – I created a test "travel safe" vault.
    I read the posts above, and one thing isn't entirely clear to me: if I switch off the main vault and only the travel safe remains active, then I land successfully without problems abroad.. and then I need to activate again the main vault... but my secret key is inside the main vault!

    I guess this is a very secure approach, but in real life how one is supposed to get around that?

  • @onelike147 Well that's a point you need to manage and I think everyone needs to find its own way to manage that. I also thought about that as well a lot.
    Possible options
    1. login into your 1password on your smartphones browser (so you don't need the secret key) under way
    2. have the secret key in a local vault of 1password or other password manager
    3. have your emergency kit in paper with you
    4. have the key on your partners/travel mates smartphone
    5. store the key in a local note (for example if you have an iPhone you can use the iCloud notes and store the key there)
    6. Hide it as a note in one of your contacts in adress book
    7. store it in meta data of a picture
    8. or other secret places
    ==>As long as you don't store digitally your password and the key its OK I think 😊

    I am very paranoid in having redundancy in the secret key storage ... Loosing access to that vault would be a biiiig problem. (so I used multiple of the mentioned options)

  • onelike147onelike147 Junior Member

    @telephoneman thanks for the inputs!
    I will have to think about it :)

  • @onelike147 there are thousands of other places/pillows underway where you can hide this details. Cooking recipes

    My requirement is - accessible without the need of 1Password, but password protected. So far have access to these from anywhere in the world. Google, Microsoft Accounts - Store them on mates phones or computers etc - all possible secret places. Avoid the label like : „this is the 1Password secret key“ just Store the string somewhere where only you know what it is for ... - also split half and have over multiple places. (depends on the level how „paranoid“ you are ;) )

  • onelike147onelike147 Junior Member

    @telephoneman oh yeah, the good old "hide it in plain sight" trick – or sort of :lol:

  • LarsLars Junior Member

    Team Member

    @onelike - that's a great list from @telephoneman, there -- and you could certainly do one or more of those things. I want to add that, UNlike your Master Password, your Secret Key is not intended to be something you memorize, nor is it "secret" in the sense of "not available anywhere." Any device on which you use 1Password will have the Secret Key stored in several places: it will be within any 1Password app on that device, and it will also be the persistent storage of any browser you've ever used to sign into your 1password.com account. So, if someone gets hold of your device, they will be able to get your Secret Key. It's not intended to keep you safe if YOUR data/device are accessed (your Master Password does that, just like always), it's intended to keep you safe if OUR servers are breached. In that latter case, even if your encrypted data was stolen by an attacker, they would now need not only to crack your Master Password, they'd also need your Secret Key, which is never transmitted to us in any form. So, while I wouldn't go making it your phone's lock screen or anything similarly unsafe, it's OK to keep it on your device in a way that doesn't require yet another password you have to remember, such as in one of the out-of-the-way places @telephoneman mentioned. Let us know if you come up with a novel way to do it! :)

  • onelike147onelike147 Junior Member

    thanks @Lars , very helpful informations

  • LarsLars Junior Member

    Team Member

    @onelike147 - you're quite welcome. :)

This discussion has been closed.