How do I print out my passwords, user names and websites from 1paaword 8
1Password Version: 1password 8.4.1
Extension Version: Not Provided
OS Version: windows 10
Referrer: forum-search:how to print out my data in 1passwords
Comments
-
I just want to second the idea of printing items from 1Password, especially secure notes where I have things like punch lists , meds list, serial # for important items, etc.
0 -
0
-
You definitely must put the printing function back. It's not clear why a perfectly working simple feature was removed. There are several reasons why one may want to print a single entry or a few or even the whole archive. Just because you put your stuff in the cloud doesn't mean that the whole rest of the world is up on that. I need to print a whole archive to put in a safe deposit box where my executor can get to it. Sometimes people need a way to get to stuff without having to log into cloud accounts or use Emergency Kits.
Sometimes I want to print one entry to take with me someplace or give to somebody who is logging into one of may accounts later on.
Sometimes I need to turn over a subset of entries that I use for one of my clients when terminating a service contract, to give them all their bank access, etc. logins. They may not have 1Password, or even use a Password vault. Paper is the universal exchange medium.
Many people still like to use paper for easy reference. I know you think it's not as safe as using the cloud, but you should leave that decision to the customer. Put a popup advisory warning in the dialog box when printing if that will make you feel better.
0 -
Hi @dfz1password, thank you for sharing your perspective. I have passed your request on to our development team, and I hope my reply below will be a helpful one.
First, we recognize that sharing data (or copying items of 1Password in some format) is something people may need to do. To that end, we've been working to make sharing more flexible in a number of ways. We recently launched PSST!, which makes electronically sharing items with anyone - especially if they don't have a 1Password account - much easier than in any previous version of 1Password.
More on that here.
Sometimes people need a way to get to stuff without having to log into cloud accounts or use Emergency Kits.
That's true. When we're assisting folks with questions about data access (example: "I need my spouse to be able to get into my account in the event that I'm critically injured"), we typically recommend making a copy of the Emergency Kit as a first option, because this approach provides an extra security benefit: it means that there's a way for your designated person to get access to your account, without leaving an unencrypted copy of your data on a disk (or on paper) in the meantime, where it might be obtained by an adversary. Your data stays locked in 1Password, secured by the security engineering we've taken pains to put in place. With an Emergency Kit, the designated person also isn't dependent on recovering a specific device - they can sign into 1Password.com from anywhere. So all other considerations being equal, we go to this first.
I need to print a whole archive to put in a safe deposit box where my executor can get to it.
There is a way to do this: you can export to a .CSV file, and print that as you would any normal text file. That is currently a part of 1Password 8.
Sometimes I need to turn over a subset of entries that I use for one of my clients when terminating a service contract, to give them all their bank access, etc. logins. They may not have 1Password, or even use a Password vault.
I can see your point here, and was happy to file a feature request for you. 👍
Many people still like to use paper for easy reference. I know you think it's not as safe as using the cloud, but you should leave that decision to the customer. Put a popup advisory warning in the dialog box when printing if that will make you feel better.
This is essentially what the current export functionality does, but again we consider unencrypted export a less-desireable option than others - although we do provide it.
To speak broadly for a moment, it's also not always as simple as "put up a warning dialogue." 1Password's user base ranges from folks who are using a computer for the first time to those who have many years working in information security, who possess incredible technical depth and skill. Others work in fields like journalism where a security slip-up can have serious repercussions.
When we put a decision in a user's path, we can't assume a level of security-related knowledge - and actually it's much safer for us not to assume that folks are well-versed in, say, principles of operational security. And we likewise can't assume that the decision about how to handle that data won't matter that much. It's part of our responsibility, and part of what people entrust us with, to provide options wherever we can that are secure by default. In cases where it is beneficial to provide an option that carries some risk, we do signpost it as you've suggested. I just want to articulate the obligation that we feel (and we do feel it, and we should feel it) to the end-user, and that we consider the security implications carefully.
With that said, we also want to help you do the things you need to do without 1Password getting in your way. I appreciate your feedback here, and we'll continue to improve the flexibility of how you can share your items as best we can.
0 -
First, we recognize that sharing data (or copying items of 1Password in some format) is something people may need to do. To that end, we've been working to make sharing more flexible in a number of ways. We recently launched PSST!, which makes electronically sharing items with anyone...
Yes, I’ve used that. Works nice.
That's true. When we're assisting folks with questions about data access (example: "I need my spouse to be able to get into my account in the event that I'm critically injured"), we typically recommend making a copy of the Emergency Kit as a first option, because this approach provides an extra security benefit: it means that there's a way for your designated person to get access to your account, without leaving an unencrypted copy of your data on a disk (or on paper) in the meantime, where it might be obtained by an adversary.
I think you are overemphasizing this “adversary” thing. Who is this “adversary” who is going to sneak or break into my house, look around in all my drawers and bookshelves, bypassing my computers, TVs, cash, etc. and run out the door with my hardcopy password vault contents? This just doesn’t happen outside movies or secret agents, which the vast majority of us are not. I can’t imagine that a printed copy of some or all vault entries well stored away in a home is any kind of security risk. Passwords and banking info is lost by phishing, not be people stealing paper out of houses and offices.
I need to print a whole archive to put in a safe deposit box where my executor can get to it.
There is a way to do this: you can export to a .CSV file, and print that as you would any normal text file. That is currently a part of 1Password 8.
Perhaps, but the formatting of a CSV file leaves a lot to be desired compared to the nice easy-to-read formatting of the vault contents as we used to be able to print. Not everything is passwords; many store lots of important other information in our vaults that would be a challenge to visually extract in a CSV formatted file.
_Many people still like to use paper for easy reference. I know you think it's not as safe as using the cloud, but you should leave that decision to the customer. _
This is essentially what the current export functionality does, but again we consider unencrypted export a less-desirable option than others - although we do provide it.
Again, your CSV export is a crummy format and less than useful.
So if you allow us to CSV export and print, turning our vaults into paper, which you argue (weakly) is a huge security risk, how is that different from just printing nicely formatted and readable vault entries as we could do in version 7 and earlier?
Again, you took away a pretty useful feature for security reasons that are questionable for anyone not in the CIA, because you think people shouldn’t print their vault entries, but you allow them to export and print their vault entries. Huh?
_With that said, we also want to help you do the things you need to do without 1Password getting in your way. _
Failed on that one. Not being able to get hardcopy in a readable form is getting in my way.
Thanks for the great response, Peter. I do appreciate your time and thoroughness. This is why we have Beta versions. :-) Hopefully the developers will come to their senses and realize that you don’t take a useful feature away without a corresponding strong benefit. I don’t think that benefit has been demonstrated here.
0 -
On the PSST! feature:
Yes, I’ve used that. Works nice.You state:
…we typically recommend making a copy of the Emergency Kit as a first option, because this approach provides an extra security benefit: it means that there's a way for your designated person to get access to your account, without leaving an unencrypted copy of your data on a disk (or on paper) in the meantime, where it might be obtained by an adversary…I think you are overemphasizing this “adversary” thing. Who is this “adversary” who is going to sneak or break into my house, look around in all my drawers and bookshelves, bypassing my computers, TVs, cash, etc. and run out the door with my hardcopy password vault contents? This just doesn’t happen outside of movies or with secret agents, which the vast majority of us are not. I can’t imagine that a printed copy of some or all vault entries safely stored away in a home is any kind of security risk. Passwords and banking info is lost by phishing, not be people stealing paper out of houses and offices.
You state:
There is a way to do this: you can export to a .CSV file, and print that as you would any normal text file. That is currently a part of 1Password 8.Perhaps, but the formatting of a CSV file leaves a lot to be desired compared to the nice easy-to-read formatting of the vault contents as we used to be able to print. Not everything is passwords; many store lots of important other information in our vaults that would be a challenge to visually extract in a CSV formatted file.
You state:
This is essentially what the current export functionality does, but again we consider unencrypted export a less-desirable option than others - although we do provide it.Again, your CSV export is a crummy format and less than useful except for importing elsewhere.
So if you allow us to use CSV export and print, turning our vaults into paper, which you argue (weakly) is a security risk, how is that different from just printing nicely formatted and readable vault entries as we could do in version 7 and earlier? Again, you took away a pretty useful feature for security reasons that are questionable for anyone not in the CIA, because you think people shouldn’t print their vault entries, but you then allow them to export and print their vault entries. Huh?
It seems that anyone who has chosen to purchase/subscribe to 1Password would already have the sense to take proper care with paper copies of their vault entries.
You state:
With that said, we also want to help you do the things you need to do without 1Password getting in your way.Failed on that one. Not being able to get hardcopy in a readable form is getting in my way.
Thanks for the great response, Peter. I do appreciate your time and thoroughness. This is why we have Beta versions. :-) Hopefully the developers will come to their senses and realize that you don’t take a useful feature away without a corresponding strong benefit. I don’t think that benefit has been demonstrated here.
0 -
Who is this “adversary” who is going to sneak or break into my house
Some points to consider...
They don't need to break into your house, but would only require appropriate access to the weakest point in your computer, network, and devices. Often users unintentionally yield access via various phishing schemes.
When you print, you are necessarily exporting the data in an unencrypted format. That data is saved to your hard drive, which then becomes available to a) malware that happens to be on your system, b) stored on backup devices / cloud storage during backup operations, c) stored in spool files that almost no users will find / know about, d) transmitted over your local network in an unencrypted format, e) often stored in printer's memory.
It would not be any exaggeration to state that the vast majority of computer users grossly underestimate the various risks associated with using these complex, networked machines, nor have much working knowledge regarding avoidance or mitigation. This is why advice is typically given in generic, simple-to-follow forms, such as "don't click on unexpected links sent to you in mail / messages", or "never use the same password on external sites", or "use the safer Emergency Kit instead of printing".
An additional benefit of the Emergency Kit method. The person who needs it will have access to your up-to-date information. The print-and-save a copy method means that data is outdated as soon as you change a password, and don't print out a new copy, or if you do print out a new copy every time 1Password data is changed, you increase your exposure risk to the things mentioned above (because you are doing it more routinely).
0 -
Good points all. The emergency kit is certainly the best way for others to get to your stuff. But sometimes, not much, but sometimes, I need a hard copy for some purpose. I think many who do choose to use 1Password should be savvy enough to not keep unencrypted copies on their computer. Sure there will be oversights, but I don't think that often.
The vast majority of us are not in real danger of bad guys breaking in and snooping around on our individual computers to find logins and banking info. That's not very lucrative and too time consuming. Better to use phishing and other proven methods to gather info en masse. Now if you are an important person in government or industry with trade secrets or larger quantities of confidential info, then you should be smart enough to take the proper precautions with your computers. Not everybody does; they are irresponsible and that should be pointed out. I think it may be a fools errand for software vendors to attempt to mitigate things for irresponsible people.
I'd have tno objection to making it "difficult" to print, with warnings and guidance on treating hard copies and unencrypted versions. But I do know how to take proper precautions and since the availability of unencrypted export is already there, why not provide it in a format that we can actually use when printed.
0 -
Thanks for your reply, @dfz1password. We do have a clear need to make 1Password as secure as possible by default (with limited security knowledge required by the user), but we'll also keep doing our best to provide the flexibility you need. Thanks for letting us know about your specific use case!
0
