remove key from "this browser"
There is no option on the 1PW browser to COMPLETELY sign out of 1PW browser including throwing all the data into oblivion.
This option would be helpful if using the software on a non-personal PC (e.g. at work).
the "sign out" option in 1pw browser only kicks the password but the key is still where it was. for people who dont know how to (or just cant, forn whatever reason) completely reset the browser (which I also dont like to do because all the other data will go down the drain either) this is not pretty safe.
1Password Version: browser
Extension Version: --
OS Version: win8.1
Sync Type: 1pw account
Comments
-
Hi @My1! You didn't need to create another thread for this, but that's okay. ;) All you need to do to prevent the Account Key from being stored is check the "This is a public or shared computer" box when you sign in. If it's already stored, you can remove the local browser data as you mentioned.
0 -
sorry if I am making too many threads, in other forums the mods and admins are pretty persistent that there shouldnt be too many questions in 1 thread.
well the public computer can be only ticked in ADVANCE, when you want to full-sign out after the fact, it will be a problem.
also the removal depends on where the data is stored. in cookies the key certainly isnt, because I checked them. and if it in the the localstorage, many browsers dont have a way to selectively remove stuff from there.
0 -
I don't mind. :) If you want to sign out after the fact, the other discussion about regenerating your Account Key or deauthorizing the device is the best approach.
0 -
well complete regeneration is a complete overkill when I am still in control of the machine and deauthing wont help when I have 3 times "firefox on win8.1" and dont know which to kill...
it isnt for remote but when I am still sitting in froont of it. the signout link is useless for that scenario, because it keeps the key and the other options, well...
0 -
It sounds like checking the "This is a public or shared computer" box is the best way to do this, then. It won't affect previous instances, but I would recommend it for the future.
0 -
but honestly a way to kick it out when sitting in front of it would be great, especially if someone forgot to tick this, I mean this is a security issue.
0 -
That's a possibility for the future, then. :+1: :)
0 -
Hi @My1,
I was thinking about this and it occurred to me that all you need to do is logout, then click
Change accountson the sign in page. From there you can enable theThis is a public or shared computerand log in as the same user you just logged out as. That will prevent the email and the Account Key from being saved locally, and will override the previously saved account that was saved.0 -
well it certainly is QUITE a roundabout way, especially because you have to enter all the stuff again, it may be a workaround but I really hope that this can be fixed in the future, because it is a security thing. I mean it may always become possible to "have to" share a computer later (e.g. that other pcs in family broke and the ex-personal computer becomes the family computer or whatever.
just an example anyway.
0 -
Hi @My1, thanks for the thoughtful feedback regarding this issue, for now remembering to select "This is a public or shared computer” upon initial login is likely the best option for the time, though we will take your concerns into consideration in future iterations of 1Password. 1Password Accounts are relatively new and can only get better from here. :)
0
