Conceal any text field in a 1Password entry

dutchminator
dutchminator
Community Member
edited December 2022 in Lounge

My usecase
I want to store my 2FA recovery codes for services in 1Password in case my phone or yubikey breaks/gets lost/is replaced. I want these recovery codes to be hidden from sight unless revealed, much like my password or credit card's PIN and verification number are hidden.

Current functionality
At the moment only the "Password" or "One-time password" field type is concealed, and it is a single-line field with a "generate password" button that overwrites the current value without warning. When i copy-paste in the 8 or 10 recovery codes that are generated by services, the new-line character is ignored which potentially destroys the formatting of the recovery codes, making them hard to use.

Desired functionality
Ideal solution:
Allow us to mark a multi-line text field (much like the "Notes" field) as [conceal this field], so that my 2FA recovery codes cannot be accidentally seen by others unless they are explicitly revealed, just like how password fields currently work.

OR less flexible and complex, but solving my usecase:

Add a default concealed multi-line textfield called "2FA recovery codes" to password items, which is concealed until revealed.

Previous feature requests
Similar feature requests go back all the way to 2013, for example this one (https://1password.community/discussion/12433/feature-request-hidden-notes-within-login-entry) or more recently in 2019 this one (https://1password.community/discussion/107901/mask-fields). However, both discussions had been closed without a proper resolution in place.

Why should the 1P team care?
Almost every service implements and requires 2FA nowadays, and sneak-peeking 2FA recovery codes becomes a major security risk if someone is able to look over my shoulder, e.g. in any office or public location.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • sjefen6
    sjefen6
    Community Member
    edited January 2023

    Please add my voice to this request.

  • sjefen6
    sjefen6
    Community Member

    I am sorry, seems like I did not read the entire thread. I don't agree with preventing local attacks. Just lock your computers, locking your vaults. But I don't get why a simple concealed text field type is an issue that has been left standing for almost 10 years. This is a simple UI issue. Just duplicate the text field type and make it concealed with an action to reveal like the password type fields. I don't think this is hard. If 1Password don't want to fix it that's fair, they should just say it. But I don't like my recovery codes mooning people watching me copy my password to an app that does not auto-fill.

  • maddog2050
    maddog2050
    Community Member

    I would also like a multiline masked/protected field for this purpose also

  • Hello everyone! 👋

    I'm sorry for the delay in replying to this thread. I can see how being able to conceal note and text fields would be useful for certain applications and I've forwarded all of your requests and comments to the Product team.

    Thank you for the feedback! 🙂

    -Dave

    ref: PB-33777890
    ref: PB-33777861
    ref: PB-33777908
    ref: PB-33777918

This discussion has been closed.