[Feature Request] - Expire Gathered Passwords
Having the Chrome extension gather used password to later be converted to logins is very helpful. Could an expiry be added to these so that if they aren't later converted from a password to a login they are removed from the password vault. It would add additional security to what 1Password provides.
Comments
-
@bradpinkston - I'm not sure I understand this request: if a password (whether generated by 1Password's generator or entered manually by the user) exists in the 1Password vault, it's as secure as anything else in the vault (i.e. - very). Removing it after an arbitrary period of time wouldn't offer any additional security and might cause users to lose data they needed but perhaps forgot to convert to a Login item.
0 -
I understand your point @Lars, but it also creates clutter of unused items. If a password was gathered, but maybe manually entered into a login that was edited, then that gathered password shouldn't live in the vault indefinitely. I can of course go and manually delete all the password items in the vault that I haven't converted to logins. Maybe it doesn't provide additional security, but it does provide much easier usability.
0 -
@bradpinkston - I can certainly mention your suggestion to the development team, I'm just suggesting not to hold your breath on this one. We don't have a lot of call for it, and the risk of deleting users' important data by periodically clearing out generated passwords is not insignificant. 1Password is VERY conservative with your data; unless we're 100% certain (or so close as to make no difference) that we know what a user's intent was, we don't delete data for "housekeeping" or any other purpose.
0
