this idea is regarding feature Unsecured Websites. Currently, all passwords that are stored for http sites are marked as insecure. I presume this is for cases that somebody will listen on a network and steal those passwords.
This, however should not be a case when passwords are only sent to local computer, as no (real) network is involved. Wouldn't it make sense to treat it also as a secure destination? This is what all major browsers do.
The only vector I can think of is that the traffic could be listened to if computer is already compromised (malware is present). I do not know if 1P considers such computers as still secure/to be protected or as already compromised/out of scope.
The usecase here is that as a developer, I use 1P to store all my development accounts here when I create software on localhost. This unfortunately means i have something like 15 acounts marked as unsecure without a real option to do something about it.
What are you thoughts about this?
Best regards, B.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided