Why does 1P on Dropbox not respect the principle of least privilege?

EnerJi
EnerJi
Community Member

I was disappointed to see that the release candidate still requires access to my entire Dropbox account. What reason is there to not limit access just to my 1Password keychain?

http://en.wikipedia.org/wiki/Principle_of_least_privilege

Comments

  • RonHeiby
    RonHeiby
    Community Member

    I suspect that since you might have a 1Password vault anywhere on your Dropbox, more general access is required.

    Of course, I haven't figured out yet how to access a second vault on the Android version as I do on iOS and Mac. But, I figure either I'm overlooking something or it's a feature that will be finished soon for Android.

  • EnerJi
    EnerJi
    Community Member

    Accessing a second vault is a feature that apparently won't come until a subsequent version for Android, unfortunately. You make a good point about the need to access two vaults, however, why does 1P create a dedicated directory for all vaults, and limit its access to just that directory?

  • EnerJi
    EnerJi
    Community Member

    Thanks for the link @ RichardPayne. The short answer for anyone else: 1Password needs this access for historical reasons, and it might be fixed / improved in the future. No promises, as is standard Agile Bits practice.

  • @RonHeiby‌ Multiple vault support is something that hasn't yet been implemented on Android. It is one of the more popular feature requests from our beta testers though, so you are not alone in wanting it!

    @RichardPayne‌ Thank you for posting that link!

    @EnerJi‌ While we tend to shy away from making specific promises, we do promise to keep improving 1Password! ;)

  • jrgarrigues
    jrgarrigues
    Community Member

    +1 request for Multiple Vault support on Android.

  • I will continue to your requests on to our development team - thank you for the feedback!

This discussion has been closed.