Feature Request: Obscure credit card number like passwords
There may be another post about this, so apologies in advance for any duplicates, but I cannot find it. I know I've mentioned it, but perhaps it was on Twitter.
Credit card numbers should be hidden in the desktop app with ***, until revealed, just like passwords. Thanks to the other known & open bug where the desktop app pops to the front when you click the browser fill button, I had my credit card number revealed today while I was screen sharing.
This change seems like it would be very basic, unless I'm missing something, can you please implement this?
1Password Version: 7.1.2 (70102000) AgileBits Store
Extension Version: Not Provided
OS Version: 10.13.6
Sync Type: 1Password
Comments
-
@apasternak - actually, that other bug has been closed -- it's still in the beta, but should be in our next stable update. I'll certainly mention your request to our developers, but our general best practices are to not use 1Password in hostile (or potentially hostile) environments. That includes on the train, during screen-sharing sessions, and similar situations.
0 -
Normally it's not an issue when auto-filling user/login info because it's filtered by your current site in the browser. I think your recommendation is well-intentioned, but you can't always memorize passwords just because someone is standing over your shoulder or watching your screen.
Why are passwords obscured then, if no one should be watching your screen when you use 1P? Credit card numbers are equally sensitive and should be treated the same way. I was hoping this would already in your backlog, as it was definitely mentioned and acknowledged as a request before. Glad to hear that major bug is in beta to fix, can't wait to get it.
0 -
@apasternak - I don't disagree that credit card numbers are sensitive information, but they're not inherently secret like passwords are. You can set 1Password to Always Open To a specific vault, and (if you like) leave that vault empty so no items are revealed when 1Password is first started up. Or you can move your credit cards to a vault you create especially for them, and have 1Password open to a different vault. Or exclude that vault from All Vaults if you prefer to open to that. It's also worth noting that in the item list, credit cards always show only the first four and last four digits, which means to reveal the full number, you'd have to have 1Password open, unlocked, that specific card selected, and be viewing its details. There are a number of ways to avoid this.
If you're interested in immediate access to the fix mentioned earlier, you can check "include beta builds" in Preferences > Updates
0 -
I tried this back on Oct 11, and just now again today. Even after enabling beta builds, rebooting, etc., it still says I'm running the latest copy, which is Version 7.1.2 (70102000). Do I have to be on Mojave to be a part of it? Maybe that's the issue?
0 -
@apasternak - yup. Right now, we're still in a bit of an interregnum period: the new king (Mojave) is on the throne, but the old king (High Sierra) isn't dead, he's just semi-retired. We've chosen not to push the 7.2 update out to those still loyal to the old king, because 7.2 includes two significant changes: the first is that Safari 12 is the default install in Mojave, but it's still an optional install in High Sierra and earlier. This is important because Apple have deprecated the older .safariextz style of extensions in Safari 12, and replaced it with a newer version called Safari App Extensions. The two are not compatible, and 7.2 is the version of 1Password for Mac in which we switch from one to the other. By not (yet) showing the 7.2 update to those on High Sierra, we're trying to avoid a flood of 1Password users who upgrade to 7.2 but are still using Safari 11 and overnight find that the extension no longer works. The second reason is that there is a significant schema change in version 7.2 which makes reverting to a previous version somewhere between difficult and impossible. That would be doubly bad for anyone in the situation I mentioned a moment ago who is on High Sierra/Safari 11, upgrades to 7.2, finds out (s)he can't use the extension any longer and decides to "revert"...only to find out (s_)he can't revert.
Long story short: for now, we're hiding the upgrade to 7.2 from anyone not on macOS 10.14 (“Mojave”). But you can always visit our downloads page and grab the latest version from there and install it via the installer package if you like. Just make sure that either you're not using Safari or that you're already on Safari 12, and you should be OK. Or, you can wait until we push the release for everyone. That shouldn't be more than a week or so longer.
0
