The password manager announces a new feature with which access data can be sent more securely.
If you want to manage your numerous access data to different accounts securely and centrally, you can do this with a password manager – such as that of the Canadian provider Agilebits Inc.
Agilebits Inc. is the company behind the 1Password application. The configured passwords are protected by a master password and AES 256-bit encryption in a kind of virtual safe.
But what if you want to share your login details for a platform or service with others? So far, users of 1Password had two main options: If the other person also had a 1Password account, the data could be exchanged via a shared safe. If that wasn’t the case, for better or worse, the copy-paste function was used, and passwords were sent via E-mail, Messenger or something similar – and thus again exposed the login data to an increased security risk.
Now 1Password announces all in one Blog post however, a third option: A feature called “Psst!” (Password secure sharing tool) should make it easier in future to send the access data securely.
Via the “Share” menu item, a link is generated for the selected item, which loses its validity after an adjustable period of time. The handling of the links is a bit reminiscent of that Google-Documents: In addition to the expiry date, it can also be set so that either everyone who receives the link can open the data, or only those whose email address has been specifically specified beforehand. If you choose the variant with explicitly specified e-mail addresses, the recipients must: specify this to open the link and as a result receive a code sent by e-mail, which serves as the key for the item sent.
If you have successfully opened the link, you will see the sent entry as it is stored in 1Password. Additional fields such as notes, security questions and the like are just as visible to the recipient inside as the login data itself. It is important, however, that the items sent are only copies, so to speak screenshots of the respective entries at the time of sending: “If you change the password after you have released it, the contractor does not see the updated object, but only the original copy. “
The sharing of the items should also be displayed in their own activity log; a look at the details then reveals the name as well as the name IP address, from which it was shared, the date and time of the action, the expiry date of the shared link and the email addresses of the recipients: inside. It also shows how often each recipient has viewed the shared item – and from which IP address.
You might be interested in that too