Suggestions regarding Watchtower

Hello there,
The watchtower features are awesome first of all, it is great to have a place to see all the things that are wrong with my accounts! I have a couple suggestions though.

  1. I think it would be quite beneficial for users that are doing Dropbox syncing to have a warning about adding Dropbox TOTP to 1Password. I could see a scenario where someone accidentally locks themselves out because they just wanted to get all of their 2FA into 1Password. It wouldn't have to be anything fancy, just one of those boxes at the top giving a warning.
  2. It would be helpful to be able to turn off certain parts of the watchtower, specifically "Unsecured Websites", since a lot of times I don't really have control over whether a site uses http or https.
  3. For "Weak Passwords", I'd like an option to unflag a password, because some sites have overly strict password requirements that cause passwords to be considered weak by 1password

2 and 3 might be letting go of some security designed to persuade users to make a change, but 1 I think would be particularly good


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • MikeTMikeT Agile Samurai

    Team Member
    edited August 2018

    Hi @burn123,

    Thanks for writing in. It's been a while.

    I could see a scenario where someone accidentally locks themselves out because they just wanted to get all of their 2FA into 1Password. It wouldn't have to be anything fancy, just one of those boxes at the top giving a warning.

    I could be misunderstanding this completely but how do you foresee that?

    It would be helpful to be able to turn off certain parts of the watchtower, specifically "Unsecured Websites", since a lot of times I don't really have control over whether a site uses http or https.

    You can do this by appending the http tag to the item. We're looking into the ability to suppress certain banners.

    For "Weak Passwords", I'd like an option to unflag a password, because some sites have overly strict password requirements that cause passwords to be considered weak by 1password

    Well, that one is tough to say and it goes into that ability I mentioned, suppressing certain banners. We still want you to see that you have these many weak passwords that you can always access in one area but at the same time, we see why seeing it take up a big spot in the top of the item can be distracting when you can't do anything about it.

    We're surely going to improve on this.

  • Thanks for the response Mike. For the first item, I think you actually got the opposite of what I was saying! So say you use Dropbox to sync, and you didn't have any device with 1password around for some reason. If you had your TOTP for Dropbox in 1password, you wouldn't be able to set anything up, because you wouldn't be able to login to Dropbox. So I was actually suggesting to put a warning box that would suggest the user to not put TOTP for Dropbox in 1password, so they don't accidentally get locked out.

  • MikeTMikeT Agile Samurai

    Team Member
    edited August 2018

    Hi @burn123,

    Sorry about that, I've updated my post after realizing you were talking about something else.

    Basically,

    If you're using Dropbox to sync your 1Password vaults, we recommend using a different authenticator app other than 1Password. If you do use 1Password, be careful as you may not be able to log into Dropbox on new devices without 1Password as your 1Password data is stored behind the TOTP-protected Dropbox account.

    I'm not sure how this will work but we'll consider it.

  • Yeah that's what I was thinking!

  • MikeTMikeT Agile Samurai

    Team Member
    edited August 2018

    Got it, thanks! A bit rough start to this morning but I got there. :smile:

  • (OFF - MikeT, thanks for all the wonderful support here, but please consider updating your avatar photo - this one looks like a crop of a low-res scan of a poor-quality school photo, 90's have long gone! Just to reiterate - I only refer to the 'quality' of the photo used of course)

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @Alexey Stepanov,

    Thanks for the suggestion, I'll try to upload a new one soon. For some reason, the forum is recompressing my images.

  • @MikeT Is there any updates to this? 1password is still prompting me to add 2fa to Dropbox

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @burn123,

    No updates, you'll have to add 2FA to suppress the warning to Dropbox for now.

    I've bought it up with the team that's handling the 2FA database but it is not an easy change and they don't appear to want to do this. I'll keep nudging them but I don't think this will change any time soon.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file