Hmm... I never make temporary passwords for traveling. Not sure I understand the feature. ELI5 pls?
This doesn't create temporary passwords. It removes vaults (not hide) them from 1Password. So I have a vault here for work that contains sensitive information related to being able to build 1Password for Mac and iOS. Think code signing certificates and things like that.
If I'm crossing the border this information is not mine to give. It's AgileBits' data. I can't legally give it to anyone since I don't own it. I simply have permission from AgileBits to have this information to do my job.
AgileBits would rather not risk having this data compromised because I get stopped at the border (doesn't matter which border, just any border, by any type of security). So they limit my account so that when I'm traveling I do not have this data available to me, therefore I cannot give it.
My personal data will remain on the device, if I so choose. What I travel with me is up to me to decide. I could just delete the app from my account but if they know I have an account somewhere they're going to ask me to provide the login information (potentially). I can't give what I don't have. The same is true with travel mode. I don't have it, so I can't give it.
Bummer, 1Password.com only.
The alternative here is you delete the app or vaults. There's no way to "automate" this process really with standalone vaults. So you have to do it yourself. There are certain things having a centralized server can allow us to do, this is one of them. It's making the process easier because our server has control over this type of thing.
Sorry though. As I said you can replicate it by deleting sensitive vaults or the app entirely. Then when you get to your destination re-adding those vaults.
Ok, so it's only to hide passwords from the TSA?
It's not hiding passwords. It's making them unavailable entirely. When travel mode is enabled the vaults no longer exist on your devices. It's not as though the vaults are just hidden and the data is still there in the app, it's literally removed from the app until Travel Mode is disabled.
I like the idea. Kudos to 1Password for continuing to make the app the best it can be.
Thanks! It's little features like this that make us happy as well. We seen a need for this a few weeks ago and got to work on trying to make it reality. And I suspect this is only an initial release, there have been a few ideas floated around about how we can make this better yet.
Sounds like it removes all vault data from all your devices (except the vaults you flag as required/safe) before you travel in case any of the devices get lost or stolen en route. Once at your destination, if you needs your vaults back, you can disable the travel mode and all your vaults are restored.
I suppose because 1Password stores a local copy of your vault on each device, this gives people piece of mind that, if they use the feature and a device is lost/stolen, there is no longer any password data on the device that can be retrieved or accessed.
Edit - also what OldSchoolMacGuy said, there's a lot more security when travelling across borders these days.
It's not just lost or stolen. See my example above. I have sensitive work data related to my job at AgileBits. Data that I simply do not have the permission to give someone else. By making that information not available on my devices I can no longer give that data away either on purpose or by accident.
What people choose to do with this and their own data is another matter. You have to decide that. I suspect in my case I'll be moving the more sensitive data I have to a separate vault that is not safe for travel. I don't really care if someone looks at my Facebook or Twitter or whatever. I can just as easily change my passwords to those. But under no circumstances should anyone see my SSH, GPG, or code signing certificates. As you can imagine, having a government who has access to those types of security bits is an ugly concern.
Hmm, but even if I lose my iPhone isn't my data safe? It's protected isn't it?
This is a highly loaded question.
Do you use a really strong passcode for your device password? If you use the 6 digit PIN that's set by default on Apple devices, no, that's not all that safe. Switching it to a alphanumeric passcode and using something longer is a much more secure option. This will help protect your data that isn't password protected on your phone.
In terms of 1Password. Is your Master Password strong? Also is it unique from your device passcode? They shouldn't be the same, otherwise if someone gets the one they have the other. If you're using a strong unique master password for 1Password, you're in good shape for your 1Password data.
But at a border you could be compelled to provide certain data, if you're arrested you could be required to provide information. Information such as your Master Password or finger print. I'm not a lawyer, so if you have serious concerns about this, I suggest talking to one, anyone here who isn't a lawyer and provides you advice here, expect it to potentially be incorrect. I'm not going to try to provide you advice on that because I know full well I don't know the full extent of this, and it likely varies country to country.
Looks like Agile Bits is about to move to an Adobe-like rent-only option for their software. So sad.
Our licenses are available
here. And our Android and iOS apps allow purchase of our "Pro" features which are the advanced standalone features we've had as options for a couple years now. You can check our In-App Purchase options for both the Mac App Store and the App Store to see that those options are also still present there.
As lovely as this ideal sounds, if they find any indication that you use apps or sites that require passwords and you "don't know" your password, you better believe they'll have the patience to wait until you figure it out. While the premise is good, this will make your life hell more than it will protect you should they decide to dig deep.
I am not a lawyer, but you still can't provide that which you don't have.
This feature isn't really about Facebook logins and Twitter accounts. Unless those Facebook or Twitter accounts are extremely important to you. It's about access that no government should have.
In my particular instance I carry with me a lot of sensitive information for work, I work for a security company after all. Before when traveling I'd have to remove a lot of data from my devices. Then be creative in how I could restore that data when I got to my destination. Most of that data isn't my Facebook or Twitter, I don't particularly care if someone has access to those, but I do care very much if they have access to my work related information. That information is not mine to give. So removing it from my device is the only option and it's something AgileBits decides for me. Our admins determine which vaults disappear in Travel Mode.
I suspect in the end we'll end up making it so that only our admins can restore access as well. This means I can't be compelled to give access that I can't grant to myself. Again, it's not mine to give.
This is obviously very work oriented but a case can be made for doing the same in a family setup where one family member has the ability to restore and the other does not. These are all ideas and potential changes we make in the future. But we're only giving someone the OPTION to do this, if you feel it won't work for you then you don't have to use it. Travel Mode is something that has to be explicitly enabled, so each user has the choice on whether they want to use it, though if you have 1Password through an employer, they may require you enable it for your work data.
Surely if the TSA are going to go to the trouble of looking at your vaults in 1Password, they're also going to check if you've got the 'travel mode' switch turned on?
There's no way to see that Travel Mode is enabled in the apps.
