To protect your privacy: email us with billing or account questions instead of posting here.

bug/improvement: one-time password fields are not masked during editing

mdaniel
mdaniel
Community Member

Unlike fields that are marked "password," fields that are marked of type "One-time Password" have their contents in-the-clear at all times. The one-time password contents are a secret key used to generate the TOTP code, and thus while exceptionally unlikely, a shoulder-surfer or erroneous screenshare mistake could leak the credential, which doesn't happen with passwords unless one holds down the Alt key to request their visibility (or, course, clicking in the actual field)


1Password Version: Not Provided
Extension Version: 1.19.1
OS Version: Ubuntu 20.04
Sync Type: Not Provided

Comments

  • Ben
    Ben
    edited May 2020

    @mdaniel

    I'll be happy to pass the suggestion along to the team. Thanks for the feedback.

    Ben

    ref: dev/b5/b5#7906

  • tetardbleu
    tetardbleu
    Community Member

    Hi,
    Great idea, I would like to add myself to this feature request.

  • :+1:

    Ben

This discussion has been closed.