Feature Request: Integration between Desktop Client and 1Password X for Chrome

Hi,
Probably my biggest annoyance with 1Password at the moment is that I enter my password to unlock 1Password, and then a minute later I have to enter it again to unlock 1Password X.
I get the idea of 1Password X is that it's meant to be standalone, and that's great. But if it detects that 1Password is installed, then being able to unlock with it would be fantastic.

Few other notes on how to improve 1Password X

  • Right click - you can't just right click on an option to see "Copy Password", etc
  • Setting the default Vault - maybe I have a work and a family account. It always defaults to the work private when I'd prefer it to be family private. Bonus Point: if it suggested a vault based on the username filled in (if it's my work email, use the work vault)
  • Ability to customise the default generated passwords - The functionality of in the box it suggests, "Generate zxc123" is fantastic, but I want the length to be greater than 20 by default, and I want it to include symbols. Multiple suggestions would be cool.
  • Gathering crowd sourced information about various site's password policies. If a site doesn't allow passwords greater than 32 char, then suggest a password 32 char long, if a site insists on symbols make sure the suggested password has symbols. If the policy isn't 100% correct, it doesn't matter, but this would let us default to really strong passwords without the fear that we'll have to repeat the signup process when they complain about a limitation.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @cpmcgrath: Thanks for getting in touch! I hope you don't mind, but your post has been moved from the Windows category to the 1Password X category since that seems to be the main topic. :)

    I get the idea of 1Password X is that it's meant to be standalone, and that's great. But if it detects that 1Password is installed, then being able to unlock with it would be fantastic.

    Agreed 100%. It's not something we're able to do now, but it's definitely something we'd like to do in the future if at all possible. :)

    Right click - you can't just right click on an option to see "Copy Password", etc

    Can you tell me the context (no pun intended)? Generally speaking, browser extensions are just specially crafted web pages running in the browser, so they don't get a lot of the native-app niceties you'd expect from 1Password mini in the Mac app, but we'll continue to push the envelope where we can. ;)

    Setting the default Vault - maybe I have a work and a family account. It always defaults to the work private when I'd prefer it to be family private. Bonus Point: if it suggested a vault based on the username filled in (if it's my work email, use the work vault)

    Generally we recommend using 1Password to fill the username along with the password, so I'm not sure that's a use case we want to design around, but it's something worth considering.

    Regarding vault settings, that's definitely something we're looking to expand. I can't promise anything in particular, but I'd personally love to be able to specify the vault for saving and what 1Password X opens to each session.

    Ability to customise the default generated passwords - The functionality of in the box it suggests, "Generate zxc123" is fantastic, but I want the length to be greater than 20 by default, and I want it to include symbols. Multiple suggestions would be cool.

    Multiple suggestions is an interesting idea, and would probably be necessary if we introduce symbols, since many sites like to be picky about these. That's why 1Password X defaults to 20 characters, lowercase and capital alpha only: because that gives us a password with more than sufficient entropy — overkill, really — which will also work with the vast majority of websites:

    (52)log2=5.7004397181 <- bits of entropy per character
    5.7004397181(20) <- length of password
    = 114.0087944 <- bits of entropy total

    It's something we'll continue to evaluate, but this is very intentional, to make doing the secure thing easy. You can always go use the password generator in the 1Password X menu if you need something more finicky, but we want to the defaults to be sane and simple, to make it usable for everyone.

    Gathering crowd sourced information about various site's password policies. If a site doesn't allow passwords greater than 32 char, then suggest a password 32 char long, if a site insists on symbols make sure the suggested password has symbols. If the policy isn't 100% correct, it doesn't matter, but this would let us default to really strong passwords without the fear that we'll have to repeat the signup process when they complain about a limitation.

    If the policy 1Password knows is incorrect though, that kind of makes it useless. And we really, really don't want to take any chances with regard to privacy, so we're very hesitant to "crowdsource" anything, even though that can be very useful in many other contexts. But if we can find a way to (feasibly, and without any privacy or security concerns) do something like that in the future, that would be great.

    Thanks for the feedback — all of it! Looking forward to hearing back from you. :)

    ref: b5x-122, b5x-214, b5x-420

  • cpmcgrath
    cpmcgrath
    Community Member

    Setting the default Vault - maybe I have a work and a family account. It always defaults to the work private when I'd prefer it to be family private. Bonus Point: if it suggested a vault based on the username filled in (if it's my work email, use the work vault)

    Just to clarify on this I meant that when I sign up on a website, and save the details to 1Password, it always defaults to save in my work account when I want it to default to my personal account.

    Right click - you can't just right click on an option to see "Copy Password", etc
    Can you tell me the context (no pun intended)? Generally speaking, browser extensions are just specially crafted web pages running in the browser

    Maybe this is just a carry over of expected behaviour from LastPass, but right clicking just feels more natural. It's a soft commit to viewing the item. I think there's also a speed gain - the item view is made to layout data in the best way to read it - which is great, but if I know what I'm after I just want quick access to it.

    Multiple suggestions is an interesting idea, and would probably be necessary if we introduce symbols, since many sites like to be picky about these. That's why 1Password X defaults to 20 characters, lowercase and capital alpha only: because that gives us a password with more than sufficient entropy — overkill, really — which will also work with the vast majority of websites

    But there's lots of websites now which insist on having at least 1 symbol.

    If the policy 1Password knows is incorrect though, that kind of makes it useless. And we really, really don't want to take any chances with regard to privacy, so we're very hesitant to "crowdsource" anything, even though that can be very useful in many other contexts. But if we can find a way to (feasibly, and without any privacy or security concerns) do something like that in the future, that would be great.

    If the policy is incorrect, it's no worse than it currently is.
    I agree that there's privacy concerns with getting this data, so I would make the entry of the data completely separate from 1Password - just consume the service. I think people would be more than willing to contribute to this. I would encourage the service to be as open as possible - not just bound to 1Password.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited May 2018

    Just to clarify on this I meant that when I sign up on a website, and save the details to 1Password, it always defaults to save in my work account when I want it to default to my personal account.

    @cpmcgrath: Ah, I see. But I'm not sure what you mean by "defaults to". Are you maybe using All Vaults at the time, and the work account is the one you added first to the app? We would like to add a setting to specify a vault to use for saving when using All Vaults, but you can always switch to the specific vault you want to use instead. Let me know if that helps.

    Maybe this is just a carry over of expected behaviour from LastPass, but right clicking just feels more natural. It's a soft commit to viewing the item. I think there's also a speed gain - the item view is made to layout data in the best way to read it - which is great, but if I know what I'm after I just want quick access to it.

    While I personally prefer the keyboard, I agree that it would be nice for you and others to be able to interact with it that way if we can enable that in the future.

    But there's lots of websites now which insist on having at least 1 symbol.

    Certainly some do. It will depend on the specific sites you frequent as well. Like I said, we'll continue to evaluate this, but for now we're sticking with defaults that have been demonstrated to work with most sites. You can always generate a password using whatever settings you want in the password generator.

    If the policy is incorrect, it's no worse than it currently is.

    Fair enough. :)

    I agree that there's privacy concerns with getting this data, so I would make the entry of the data completely separate from 1Password - just consume the service. I think people would be more than willing to contribute to this. I would encourage the service to be as open as possible - not just bound to 1Password.

    That's not unreasonable, but again, the only way for us to ensure that nothing bad happens with this data — even by mistake — is if we don't collect it in the first place. Given the things we've seen from other companies in recent years, I hope you can appreciate our caution in this area. We'd rather overcompensate in that direction than the alternatives. It's definitely something that's on our mind though, and if we can find a way to offer the benefits without the downsides — potential or actual — I suspect we will. Cheers! :)

  • cpmcgrath
    cpmcgrath
    Community Member

    While I personally prefer the keyboard, I agree that it would be nice for you and others to be able to interact with it that way if we can enable that in the future.

    Hmm, I didn't actually realise how good the keyboard integration was for this. Please copy it into 1Password Mini 🙂

  • AGAlumB
    AGAlumB
    1Password Alumni

    @cpmcgrath: Haha thanks for the kind words! Indeed, we've put a lot of effort into it, and we're always working to make it even better. It's not something that fits naturally into 1Password mini since we designed it a while ago, but it's definitely something we'll keep in mind as we develop future versions. ;)

  • Good news, @ cpmcgrath!! 1Password X now has Desktop App Integration on Mac! 🎉

    Check out our recent beta announcement for details on how to set things up so you can use Touch ID on your Mac. Support for Windows and Windows Hello will be coming in a future release.

    If you're feeling adventurous, please give the beta a try and let us know how it goes. 😘

    ++dave;

This discussion has been closed.