IOS Teams Security Flaw

Just wanted to make sure that this flaw is known.

Created a team vault with passwords concealed for a user. Installed IOS 1password and started with add a team. Everything worked fine and passwords could not be revealed BUT if you go into settings -> security, and scroll to the bottom there is a setting called conceal password and the user could uncheck it and go back to the vaults and see all the passwords that they should not have access to.

On the Mac app that setting is grayed out and does not let the user reveal the password, so i believe it is a flaw and the IOS app should also have the setting grayed out.

Let me know if there is something i missed.

Thank you for the great apps too!

~Steve


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • JacobJacob

    Team Member

    Hi @GeoTrove! Thank you so much for posting about this. It took me a bit to reproduce it since I had to jump between members on my account, but your observation is correct, and it's definitely not something that should be happening. I just let our developers know about this issue. We should have it fixed soon. Thanks again for reporting it. :) That means a lot.

    ref: OPI-3404

This discussion has been closed.