Selective Restriction To Keyboard Loggers OR Simple Internal Abbreviation Library

felix_haeberle
felix_haeberle
Community Member

Hi Agile-Team,
I read a long discussion about the usage of TextExpander in 1Password. And I understand the safety risks if a possible activation of a key logger is given.
Nevertheless I was wondering if you could not find a simple way to help us as a user not to reenter our email addresses every time - if we not use our browser extension. I have 3-6 account names that I use over and over again. And retyping is not a big deal, but annoying.

A simple list field in the preferences with a autosuggestion for user names would help me immensely.
You might go even so far to create a small dictionary/table like structure to replace a ";icloud" with the given iCloud address of the user (set in preferences or found in other login entries - or is 1Password not trusted by 1Password itself? ;-)

A bolder approach would be the following:

  • Implement the API to text expander (as e.g. agile tortoise or the omnigroup did) and load the abbreviations directly from text expander.
  • After loading store them and close up the connection
    eh voila - no keylogger access needed
    and I am sure there is more than one customer who would love your for that!

Maybe my view of this problem is too simple, and I do not see the elephant in the room, why this is not possible. But again pointing you to the iOS apps who are dealing with a sandboxed application concept, I guess there is none.

By the way - I love your app and the efforts you invest to bring 1Password to all platforms. Keep up the great work and - maybe - help us power-users to get more data into a secure place quickly.

Sincerely
Felix


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Selective Restriction To Keyboard Loggers OR Simple Internal Abbreviation Library

Comments

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @felix_haeberle! Thanks so much for the kind words; we're glad every single time one of our users takes the time to let us know 1Password has helped them with their digital life. :)

    None of what you've inquired about here is a non-starter (well, not sure about TE specifically, but the general concepts are not impossible). What makes such things more difficult for us than for many other developers is that we're not only sandboxed, we're encrypted everywhere and we need to take into account multiple potential attack vectors with each new feature or change we make. We're quite aware of the trust our users have explicitly placed in our ability to do our jobs competently, and we don't take it lightly, ever. Not that I'm saying I thought you believed we DO take it lightly, just pointing out that adding this or that feature or integration has to be considered much more carefully than it might be if we were developing a photo editor or chat app.

    If 1Password were to be compromised because we didn't think through the ramifications of allowing specific features like tie-ins to other apps APIs or predictive search that requires retained knowledge of users' data (just as an example), users and the public wouldn't blame some other app that had vulnerabilities which could be expanded to compromise 1Password, they'd blame us. And they'd be right to do so, frankly, because that's the main reason people spend money on 1Password - to help keep them secure. That's maybe a long-winded way of saying that we'll always take a look at power-user requests - many exist already in 1Password today, in fact - but that doing so may not always translate into new features, for reasons that aren't always immediately obvious. I'm not trying to be intentionally opaque, and short of revealing our source code, one of our core values is transparency about why we take the decisions that we do. Just - since this is your first post here - bracing you for the possibility that this is something that may not see the light of day soon or at all.

    But thank you SO much for the thoughtful suggestion -- it's clear you gave it some real thought. We're truly grateful for every bit of feedback we receive (yes, even the complaints), because it keeps us in touch with what actual users want/fear/love/experience, and it means we've got an awesome user base that cares enough to share their wishes and observations with us. So keep an eye on updates and if you're so inclined, you can turn on beta updates if you like (that's a button in the Updates section of Preferences) to get new features even more quickly. Have a great week!

This discussion has been closed.