Secure Notes - opening attached files leaves them in the temp folder

I have created a couple of secure notes and added an image file to them. If I right click the image and choose open, the file is saved in my temp folder %temp% and it's opened by my default picture viewer. When I close it, the picture remains in the temp folder. Would it not be possible for 1password to delete it or even better, have a build in viewer for basic file types that open the file in memory.

Comments

  • The temp files are cleaned up when you lock your vault.

  • When I close it, the picture remains in the temp folder. Would it not be possible for 1password to delete it

    We delete your temporary attachments when you lock your vault or terminate the application.

    or even better, have a build in viewer for basic file types that open the file in memory.

    Here's the problem with this concept. Assume we create a built-in viewer for BMP and JPG and GIF and PNG. Then someone comes along and asks us for PDF. Then another customer asks us for XLS. Before we know it, we're building a full-blown document viewer. This is not where we want 1Password to go.

  • Thanks for the info. I see your point in regards to the viewer, it's a slippery slope.

  • LauraRLauraR

    Team Member

    @prechnagel - On behalf of @stefan, you are very welcome!

  • Let me offer a counter-point argument: Files written to the temp directory and then deleted are potentially recoverable.

    I'm not really sure what to suggest though; I agree completely that adding document viewers internally isn't the way to go either, but from a strict security standpoint, saving an unencrypted version of the data is a little scary.

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @TheDave,

    but from a strict security standpoint, saving an unencrypted version of the data is a little scary.

    Definitely, this is always on our mind when dealing with your data in 1Password. Anything you can see, it's decrypted and at risk. We always try to minimize the amount of data we open as much as possible.

    There isn't a way around this beside using the full disk encryption or use a different encryption tool designed for files. For us, we have to decrypt the copy in order to let you open the file in other applications. Storing in memory is an identical problem and if you sleep the computer, the memory content may get stored on the disk, especially if you're using laptops.

    Even if you're using full disk encryption, you still have to be careful to make sure the computer isn't stolen right away as the encryption key could be retrieved to decrypt the drive (cold boot attacks).

This discussion has been closed.