I accidentally added a private password to a team vault via a populated form, and seemingly there is no way to permanently remove it.
I moved the item to trash, but then the only option is to empty the whole team trash, but apparently trash is archived anyway so still doesn't permanently delete.
I've read 2 other posts on this forum where the 1password team explains this is intended functionality, and makes analogies to macOS trash and this is why there is no fine grained removal, but it's nonsensical to adhere so dogmatically to a UI paradigm when coming to shared passwords.
I expect a certain level of fine grained control to force delete things in a shared database, without blasting the whole team's trash, and then having it archived anyway.
All sorts of things crossed my mind. I could empty the trash, but people may notice, and it may occur to them that there was something sensitive within the trash, which can be recovered anyway, and my very attempt to fix my error will draw attention. I contemplated just leaving it there, what are the odds someone would sift through it, and be able to make any sense of it? This very contemplation is evidence of an anti-pattern at work.
This experience makes me angry and resistant to using 1password. It's an unsafe tool that will scrape my forms and permanently commit the results to a shared repository.
While the UI paradigm of "macOS trash" is nice, there is another, more important principle of UI design relating to safety. Actions must be safe to reverse and undo. I do not feel safe using 1password.
I found a workaround by 'moving' the item to my private vault and then trashing it (and emptying the trash), but this workflow is not obvious and just shifts the problem 1 level.
1Password Version: 7.0.7
Extension Version: Not Provided
OS Version: 10.13.6
Sync Type: Not Provided