AgileBits
recently introduced a new 1Password feature called Travel Mode, which is designed to protect password vaults from unwarranted searches when traveling.
When activated, Travel Mode will remove every password vault from all of a user's iOS and Mac devices except for vaults that have been earmarked as "safe for travel," effectively hiding a user's most sensitive information. Travel Mode is available to all customers who have a 1Password membership.
Before Travel Mode, I would have had to sign out of all my 1Password accounts on all my devices. If I needed certain passwords with me, I had to create a temporary travel account. It was a lot of work and not worth it for most people.
Now all I have to do is make sure any of the items I need for travel are in a single vault. I then sign in to my account on 1Password.com, mark that vault as "safe for travel," and turn on Travel Mode in my profile. I unlock 1Password on my devices so the vaults are removed, and I'm now ready for my trip.
Once a user arrives at their destination, Travel Mode can be toggled off and the vaults return to all of a user's devices. AgileBits has a
detailed support document outlining how to use Travel Mode.
Vaults are not hidden with Travel Mode, but instead are completely removed from all devices as long as Travel Mode is turned on. AgileBits says that there are no traces left for anyone to find, and there are no signs that a special mode has been enabled.
With 1Password for Teams, Travel Mode allows the team administrator to turn Travel Mode on and off for employees, giving companies a way to make sure their data stays safe.
1Password can be downloaded from the
App Store for free, but there is an in-app fee to access the service. A standard 1Password account is priced at $2.99 per month and a multi-user family account is priced at $4.99 per month. There is an additional fee when purchasing a subscription through the App Store, and there are separate subscription options for teams. 1Password also offers a one-time purchase option in the
Mac App Store.
-
1Password for Mac [
Direct Link]
-
1Password for iOS [
Direct Link]
Top Rated Comments
(View all)How long could the TSA hold you for?
If you are a US citizen returning from overseas I think it's not very long but they can keep your device(s) for a long time but not forever. If you are a foreign national it will likely be longer on both fronts. I can easily see when this will become the norm for every country to some degree. Generally speaking it will likely be "higher risk" people having to deal with it. The problem is "higher risk" definition changes with whomever is in charge. But governments never give up powers they grab without a fight. And people seem willing to give up their rights these days whether free speech or privacy in exchange for convenience or the illusion of safety.I'm a US citizen. Are we talking days here?
My original post was made partially in jest. But legally speaking, US citizens usually cannot be detained for more than a few hours, but YMMV. As an example, there was a NASA employee (entering from a foreign country) who was apparently told by US Customs & Border Patrol agents that he could be detained indefinitely until he gives up the password for his (government issued) phone - https://www.washingtonpost.com/news/volokh-conspiracy/wp/2017/02/13/can-federal-agents-detain-citizens-at-border-checkpoints-until-they-disclose-their-smartphone-passcodes/?utm_term=.80f51a40b1c5. In this case, it seems like the man was held for over an hour. The author of the article concluded that there's not enough case law to more easily answer similar questions.If I turn my iPhone off, the TSA can't force me to unlock it right? I take my privacy very seriously and I'll fight tooth and nail to protect it as long as I'm not breaking the law.
In a different circumstance but with similar, uncertain legal precedent, there is also an ongoing case of a person who has been indefinitely detained (for over a year as of writing) for not providing the password to his computer - https://arstechnica.com/tech-policy/2017/02/justice-naps-man-jailed-16-months-for-refusing-to-reveal-passwords/
So this is the reason for my first post (as far as for both of your questions go) - if you are detained, you'd have to hope you have a good lawyer available.
A password database is really the smallest problem, assuming it's properly encrypted and they can't force you to reveal the master password.
I am not a lawyer but it was my understanding that they can force you, or at least hold you until you do.
If they 'suspect' that you are involved in terrorist activities then they pretty much have carte blanche to whatever the hell they want. Especially if you are not an American citizen.
(I put suspect in quotes as I believe the law allows them a large leeway in their definition..I certainly wouldn't want to be on the wrong side of them.)
If this helps relieve a potential problem for people then it is a great thing to have.
Their move to a subscription service has received a lot of flak (myself included) but the software is top notch.
Kyle and Ben (I think) try hard to help people on the forums, and it is good to see they are continuing to develop their product.
Although they de-emphasize it, AgileBits still sells the app as a standalone solution, i.e. you don't need a subscription. I just confirmed this with AgileBits and can post the email if asked.
They claim that they don't recommend it because it's a "much more technical" solution than their subscription service. My take? Baloney. It's simple to sync via iCloud or Dropbox, which they're actively developing, and I don't care if my data is encrypted locally vs on their servers (I actually prefer the former). They tout that the app is "free" with a subscription. Fine, but at $3/month, you're buying the equivalent of the 1P app every year, and syncing is crippled if your subscription lapses.
No thanks. I just hope they continue to support the standalone app with 3rd party syncing (2nd party in the case of iCloud). We'll see but I sense the sunset coming. They're really pushing hard for people to "upgrade" to the subscription-based hosted service.
If you don't have the passwords on your phone there's nothing to turn over. By removing them from your phone, this protects you from having to turn over the passwords or other information on your phone.
As lovely as this ideal sounds, if they find any indication that you use apps or sites that require passwords and you "don't know" your password, you better believe they'll have the patience to wait until you figure it out. While the premise is good, this will make your life hell more than it will protect you should they decide to dig deep.
The TSA can force you to unlock your device and may require you to turn over passwords. This may also be true of police in other countries. Refusal to do so may result in the TSA holding you for a very very long time and could result in far worse from other police forces.
If you don't have the passwords on your phone there's nothing to turn over. By removing them from your phone, this protects you from having to turn over the passwords or other information on your phone.
This whole thing sounds horrible.
I haven't travelled internationally in many years so I haven't experienced it yet.
What exactly are they looking for? Which passwords do they want?
I would have a real problem handing over vital passwords like my GMail password. That particular account is the key to everything I do. What prevents the TSA from changing my password and locking me out of everything?
And can't I just show them my Facebook page? Do I really have to give them the password to my whole Facebook account? I also manage many business pages on Facebook. I don't want to give the TSA access to my stuff... and I'm sure those businesses wouldn't want anyone else to have control of their Facebook pages either.
Why don't I make a copy of my housekey so they can rummage through my stuff while they're at it... :)
Seems like a great feature and isn't something I ever considered or thought that I would need.
Good on you guys for making it!
[ Read All Comments ]