1Password Introduces 'Nearby Items,' Tying Passwords To Physical Locations (engadget.com) 12
1Password has introduced a 'nearby items' feature, allowing users to tag credentials with physical locations so the relevant information automatically surfaces when users are near those locations. Engadget reports: Location information can be added to any new or existing item in a 1Password vault. The app has also been updated with a map view for setting and viewing the locations of your items. In the blog post announcing the feature, the company cited examples such as door codes for a workplace, health records at a doctor's office, WiFi access at the gym and rewards membership information for local shops as potential uses for location data.
Privacy and security are paramount for a password manager, and 1Password confirmed that a user's location coordinates are only used locally and do not leave the device. Nearby items is available to 1Password customers starting today.
Privacy and security are paramount for a password manager, and 1Password confirmed that a user's location coordinates are only used locally and do not leave the device. Nearby items is available to 1Password customers starting today.
spyware (Score:3)
looks like it wont be long before 1password enshittifies.
Made me sad (Score:5, Informative)
They made a great application, listened to users really well, and made a very nice, secure product. The sort of thing I don't mind paying for.
Then they threw that all away, moved the Mac app to Electron, forced everyone to cloud storage and moved to monthly rental.
At which point I dropped them like a sandwich that starts squirming.
So now it is self-hosted Bitwarden for me, which is what I probably should have done in the first place - I would have saved a lot of aggravation had I not let myself be suckered by a nice UI.
Re: (Score:2)
Re: (Score:2)
They made a great application
Wrong
secure product
Wrong
The product was trash and was compromised on mutliple occasions.
Re: (Score:2)
Only if you know what location to spoof and have all the other factors available too.
If it's more like "When you're at the Westfield site, the passwords for the Westfield site are at the top and just need your other factor to unlock", then it's just a convenience function and a further factor in MFA.
This is amazingly dangerous (Score:5, Informative)
2. I don't believe for a moment that this information won't leave the device. It has high value in the databroker markets, therefore there will be buyers, therefore there will be sellers, and 1Password is likely to be at the top of that list.
3. The quoted article notes "Privacy and security are paramount for a password manager" and I'll note that "Password managers are the opposite of privacy and security". The moment you start using one of these, you're building a one-stop-shopping target for an attacker, a target that's increasingly more valuable than just a single password and thus a target that an attacker is willing to deploy more resources (money, time, effort, risk, etc.) to breach.
Wish 1Password would have warned... (Score:2)
Sort of was surprising to have 1Password to pop up and ask for a permission. This should really never happen unless there is advance warning, and a reason for this, just to make sure it isn't a Trojan or a hijacked update.
I like 1Password, and because of the secret key, they have outstanding encryption, as an attacker has to have credentials, the secret key, and a password to decrypt stuff, but a PW manager isn't supposed to surprise people with things like this. While I'm going to keep using it, for my p
Nearby items? (Score:2)
How the fuck did they find out "blowUpDoll" was my password?
So... the proxy-TPM approach? (Score:2)
I mean... this is what TPM is for... isn't it?
The idea has its merits. (Score:2)
As always, it's a trade-off between convenience and security.
location passwords. (Score:1)