How do I conceal newly generated/typed passwords?

zethodderskov
zethodderskov
Community Member

Whenever I'm making a new password, then it's displayed in clear text, - and I can't see the feature to hide/conceal it, for some reason. Am I missing something? It's quite frustrating, when generating new password in public.

It's the same, if I'm typing it out or generating it.

Demo: https://d.pr/free/i/otmeTS


1Password Version: 7.0.7
Extension Version: I don't use any extension
OS Version: 10.12.6
Sync Type: Don't know...
Referrer: forum-search:hide new password

Comments

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @zethodderskov! Sure -- it's in 1Password Preferences > Security:

  • zethodderskov
    zethodderskov
    Community Member

    Thanks, Lars. But I'm afraid it didn't help. That was already set: https://d.pr/free/i/Cd8RoP
    - and as you can see, my passwords still aren't concealed when I type them, nor when I generate them.

  • Lars
    Lars
    1Password Alumni

    @zethodderskov - huh! That's certainly unusual. Do you have field-modification plugins or other rules set within your browser(s)? And have you restarted your Mac since noticing this initially? If not, please try a restart first, and let me know what happens.

  • zethodderskov
    zethodderskov
    Community Member

    I know tried restarting my machine.

    ... Didn't help. Same result.

    Then I tried quitting every background program (TextExpander, Dropbox, Google Drive Sync, Flux monitor coloring, Spectacle, Droplr, Shimo, Skype, HeyFocus and Adobe Cloud). I also hard-quitted all applications (Chrome, Safari, Firefox, Excel, PhpStorm, Sublime Text, Outlook, Sequel and Remote Desktop for Mac).

    And then I restarted 1Password.

    ... Didn't help. Same result: https://d.pr/free/i/2o2t3m
    As you can see in the end of the gif, - then the field reacts, when I disable concealed passwords (so it shows always). But I still can't conceal passwords, when I type/generate them. :-(

    Regardless... Thanks for the assistance, so far @Lars

  • Lars
    Lars
    1Password Alumni

    @zethodderskov - thanks for the clarification and the gif. I think I misunderstood you initially: you cannot and never will be able to conceal passwords while you're editing them. As soon as you leave edit mode, are they concealed? If so, then this is functioning as intended. If not, let us know. But if you can't actually see what you're typing because all keystrokes are concealed, how do you know what you've typed or if you've made any mistakes? Our recommendation for this would be, if you're in an environment where you fear surveillance, either by "prying eyes" or cameras recording what you're doing on-screen, that you not choose to create passwords (or in fact any sensitive data) under such conditions. Those conditions are indeed why 1Password has a "conceal" feature...but that doesn't - and will never - apply to items in edit mode. Hope that helps clarify! :)

  • zethodderskov
    zethodderskov
    Community Member

    Hmm... I'm struggling with this response, since I both want to show my gratitude to you @Lars , for answering my question. And my frustration with this 'feature'.

    But let me get the courtesy out of the system first: Thanks a lot for taking your time to answer all my questions. That's highly appreciated. Really!

    Regarding this 'feature', - then I must admit that this seems like an unintelligent choice to me, for this piece of software, that has the purpose of making my passwords more secure. It's correct, that it's hidden as soon as I 'leave edit mode', - but I don't want that password to show... Ever! That's why I'm using this software.
    So when you're writing: 'how do you know what you've typed or if you've made any mistakes?' - that doesn't make any sense. Why would I need to see an auto-generated password that is 30 characters long? There is no reason at all, to show that password. The only thing this 'feature' does, is to comprimise the safety of my passwords, for prying eyes - or surveillance camera's. So for 1password not to have a feature that fixes this obvious hole, is mind-boggling to me.

    The software is so good! It's functionality, it's design - everything. And then it stumbles and faceplants 3 feet before the finish-line with this 'feature'. Sigh!

    Where do I submit a feature request?

  • rlh
    rlh
    Community Member

    I can only answer for my personal use case...

    Why would I need to see an auto-generated password that is 30 characters long?

    Sometimes I'm creating a password for a site that I know doesn't allow some special characters (e.g., >,|,}) and/or for some strange reason requires the first character to be a letter. In those cases the revealed password is needed so I can keep hitting "Regenerate Password" until I see one that might work.

    The only thing this 'feature' does, is to comprimise the safety of my passwords, for prying eyes - or surveillance camera's.

    I share your security concern. Generally for me this means not using my laptop for all sorts of work if I'm on airplane, in a coffee shop, etc. There are no security cameras at home. :). That said, my situation is not your situation.

  • Lars
    Lars
    1Password Alumni

    @zethodderskov

    Where do I submit a feature request?

    You just did! We don't have a formal user-submission form, but we do take requests here.

    If a password is auto-generated, you might not need to see it. Or, as @rlh points out, you might very well. Not all passwords are auto-generated, however, and there's plenty of reason a user might want to see the password they're creating/submitting. One of the unofficial "sayings" around here is that security is a process, not a product. That means a few things - first of all, that there is no single product (nope, not even 1Password) that you can purchase which will make you completely safe online, 100% of the time. If there were such a thing, everyone would already own it and life would be peachy. But real-world security requires that people keep a watchful eye on their own setups and use a blend of strategies and tools to maximize their own privacy for their own (perceived) threat model.

    This is a photo of Edward Snowden during the first interviews he did when disclosing the NSA surveillance in 2013. He's actually got a towel covering his head, his screen and the keyboard, so that no one can read either what is on the screen when he enters his password OR pick it up from his hand movements on the keyboard itself. If I personally had a threat model like the one there's no doubt Snowden has, I might be this cautious too.

    Most of us don't, however. So what we try as developers to do is create an application with a foundation of solid security and privacy that remains easy and flexible enough to use that it doesn't deter people from using it to increase their security by introducing either needless complexity or too many rigid rules. It's why there's a "Security" section of Preferences on all of our native 1Password apps -- so that individual users can set their timeouts and instances of when 1Password requires entry of the Master Password to their own liking -- within limits. And it's also why we aren't likely to obfuscate passwords when in edit mode or during password creation. Again, instead of taking developer time to attempt coding a restrictive setup that would make it difficult for users to ever see or edit their password, our advice for such a thing would be not to create or display passwords when in the presence of prying eyes or security cameras. That's the bit where users play a part in the process of their own security.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @zethodderskov: Edit mode is for editing. In order to edit something, you need to be able to see it. If you neither want to edit it nor see it, don't click in that field and it won't be revealed — as illustrated in your screen capture.

  • zethodderskov
    zethodderskov
    Community Member

    Wow. I had never imagined I would get this much push-back on this.


    @rlh - I'm not trying to find situations where it's handy for my passwords to be shown on-screen. There are probably billions! I'm pointing out the obvious flaw in the software in the other billion situations, where I would like to create a password that someone could only steal, if they had hacked my clipboard. Since that's way, way, way less likely, than for someone to be able to see my screen (or record it).

    @Lars - Same thing as my answer to RLH. I'm not saying that it's never useful to be able to see passwords while creating them. I'm saying that this teeny-tiny-setting, would solve all problems regarding creating/saving passwords in rooms where you're not alone. It's not only buses or planes, - it's also open office spaces - or if you're visiting friends or whatever.

    But real-world security requires that people keep a watchful eye on their own setups and use a blend of strategies and tools to maximize their own privacy for their own (perceived) threat model.

    I'm trying to do this, - but 1password wont allow me to keep the watchful eye over my setup, that I would like.

    He's actually got a towel covering his head, his screen and the keyboard, so that no one can read either what is on the screen when he enters his password OR pick it up from his hand movements on the keyboard itself.

    So... You're suggesting that instead of 1password making this setting for me, that I (and every other sensible man) bring a towel around? You see... If 1password had had the feature I'm after, then maybe Snowden wouldn't need to do this, when he created passwords using your software. ;-)

    Most of us don't, however. So what we try as developers to do is create an application with a foundation of solid security and privacy that remains easy and flexible enough to use that it doesn't deter people from using it to increase their security by introducing either needless complexity or too many rigid rules.

    This doesn't matter!! It doesn't matter how solid the security and privacy is, if the password to the root-user has been displayed on my screen for a mere split-second. All of a sudden I have added an extra security-concern for this software, since I'm unable to store a password, without it being visible on my screen.
    ... It doesn't matter how tall the walls are, if the burglars know that the key is hidden under the mat.

    ... so that individual users can set their timeouts and instances of when 1Password requires entry of the Master Password to their own liking

    This is irrelevant. The Master Password has nothing to do with my problem. My problem is that when I create (or store) a password for a root user to important servers; then that password is visible on my screen. That is my problem.

    Again, instead of taking developer time to attempt coding a restrictive setup that would make it difficult for users to ever see or edit their password, our advice for such a thing would be not to create or display passwords when in the presence of prying eyes or security cameras. That's the bit where users play a part in the process of their own security.

    There's two ways to solves this problem of mine (and I assume others as well). Either for us to bring my Snowden-towel around. Or for 1password to make one little box that says: 'Never show passwords, - not even when typing them'. And I find it outrageous that we're even discussing which solution I should choose. ... As if I had a choice.

    @brenty ...

    Edit mode is for editing. In order to edit something, you need to be able to see it.

    Ehm... No.

    If you neither want to edit it nor see it, don't click in that field and it won't be revealed — as illustrated in your screen capture.

    I can't. I wish I could create a password without clicking that field, but I can't.

  • Lars
    Lars
    1Password Alumni
    edited August 2018

    @zethodderskov

    So... You're suggesting that instead of 1password making this setting for me, that I (and every other sensible man) bring a towel around?

    Not at all. If anything, I'm suggesting assessing your threat model as accurately as you can and taking appropriate and reasonable steps to use best security practices.

    You see... If 1password had had the feature I'm after, then maybe Snowden wouldn't need to do this, when he created passwords using your software. ;-)

    I don't want to leave you or anyone else with an incorrect impression here. For the record, as far as I'm aware, Ed Snowden does not use 1Password, and I know for certain he wasn't using 1Password to create a password in that photo. He was entering a password he'd created himself, while taking unusual precautions to do so. I used that as an example of the lengths to which one can go if one believes their threat model necessitates it. My apologies for being unclear. Despite working for a security company myself, I don't tend to do the towel-over-head routine when entering passwords but I do make sure I've got a reasonable assumption of privacy (or at least no one snooping) before doing so.

    It doesn't matter how solid the security and privacy is, if the password to the root-user has been displayed on my screen for a mere split-second. All of a sudden I have added an extra security-concern for this software, since I'm unable to store a password, without it being visible on my screen.

    In normal 1Password use, that password is never displayed, even for a split second; once you have the item created and saved, you can fill it without ever revealing it at all. It's only when you generate (or manually type in) a new password that someone potentially snooping might be able to figure out what it is. I guess my question would be: is the password for the root user of your server or device something you frequently (re)generate while, say, sitting on the subway, or in a bookstore/restaurant/bar full of people or surveillance cameras? If it is, I'd recommend not doing that, chiefly because it's not good security practice, just like typing out your Master Password to unlock 1Password with people looking over your shoulder is not. Typically, something as important as a root user password is generated only once using best practices, and then not changed again unless there's reason to suspect a breach. Even in the case of company-mandated regular password change situations, I can't imagine there aren't non-public moments to do this.

    Please understand: I'm not telling you how you should conduct your own security, but I AM saying I doubt this is something we'll be pursuing in order to allow you to change/generate your passwords on a busy commuter train, because there are many, many more cases where users need to be able to see the password created before entering/submitting/using it than there are instances of us receiving requests to "never show the password. That means changing the behavior here would negatively affect far more people than keeping it as it is. However, I don't make the decisions myself on which options and projects get pursued and which don't, so I'll certainly mention your wishes to the development team. Thanks for taking the time to share your idea with us. :)

  • zethodderskov
    zethodderskov
    Community Member

    Thanks for taking your time to address all my comments, @Lars . I still strongly disagree. But I'll let this be my last post in this thread.

    I'm still disappointed in the product. Frankly, - I don't get why 1password would take this step in a direction of lesser security, when it's takes so little, to make passwords safer for people who share my situation. And there are plenty! No one in an office space should use this piece of software, if they want to be 100% safe about their password. Or if you're visiting a client and needs to create a password, while out there - then you have to look for security-camera's first.

    What's boggles my mind even more is, that no 1password-member has admitted that this is a flaw in their program.

    For all CTRL-F'ers / CMD-F'ers out there, who's searching this thread for a solution, a work-around, a fix, how to bypass this problem or where to set the setting, then here's a summary of this thread:

    1password doesn't support hiding your passwords when you're storing them. So what I've done is to create 30 passwords that I've called 'Generic 1', 'Generic 2', 'Generic 3', etc. So when I have to create a password, where I don't want it broadcasted on my screen, then I can rename one of them, and then access the password afterwards.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @zethodderskov: It's an interesting idea, and I apologize for misunderstanding what you were trying to do earlier. It's just never come up before as far as I can remember, and certainly no one else has told us that they're disappointed in 1Password because it shows them the information they're working with. Most people will simply not work with sensitive stuff in an environment as threatening as the one it sounds like you're in. It's absolutely something we can consider for the future, but we do tend to focus on things that more people are asking for. I did want to clarify this though:

    1password doesn't support hiding your passwords when you're storing them.

    That's simply untrue. All of my passwords stored in 1Password are hidden unless I select that item and reveal/edit it. I'm sure you know that, so I guess you mean something else. But I wouldn't want anyone else to get the wrong impression based on the apparent meaning of that statement. Anyway, thank you again for your feedback on this subject.

  • zethodderskov
    zethodderskov
    Community Member
    edited August 2018

    @brenty . Thanks for considering it. As previously stated, - I love the product, except for this part of it.

    And I meant what you quoted me for.

    1password doesn't support hiding your passwords when you're storing them.

    Once they are stored, - yes; then you can set it up, so they're concealed.
    But when you're storing them, then you're unable to store a password that is not showed at some point.

  • :+1: :)

    Ben

This discussion has been closed.