The popular password manager 1password has now come up with a new strategy to keep passwords safe when sharing. Specifically, 1Password has announced new tool “Psst!” that supports secure sharing of logins even with non-1Password users.
About Psst! Tool From 1Password
In a recent blog post, Akshay Bhargava, Chief Product Officer at 1Password, has shared details about the new “Psst!” tool. As the name implies, Psst (Password secure sharing tool) supports the stealthy sharing of login credentials with other users.
Sharing passwords is a common practice among most internet users. For instance, people may need to share passwords to official apps with colleagues. Likewise, people may have to share WiFi passwords or Netflix account credentials with others. During such instances, most users simply share the passwords in plaintext via email, SMS, or chat messages – making them vulnerable to theft via malware attacks and snoopers.
With Psst!, 1Password addresses the security lapse by enabling password sharing via exclusive web links. In this way, Psst! tool supports sharing the information even with non-1Password users. Whereas, such sharing also facilitates 1Password-user recipients to directly save the password to their vault.
Users can also use this facility to share any other information (besides passwords) stored in their 1Password accounts.
How Psst! Works
Briefly, 1Password users can quickly share their passwords with others via email by sending a specific web link to the recipient’s email address. Then, clicking on the link redirects the user to the web view of the shared detail (password or any other data).
When sending the link, the sender can adjust the accessibility settings as “Anyone” or specific people. The latter requires the recipient to verify their email address for valid sharing via OTP verification.
Regarding how the information would appear to the recipient, the post reads,
they’ll see the web view of the shared item exactly as it exists in 1Password. That means that if I’ve added extra fields – notes, security questions, or anything else – to an item containing a username and password, the recipient will also see those fields.
Also, the sender can choose how long the link should remain valid. This expiration prevents any potential breach of data if an adversary accesses the weblink later.
The following video quickly demonstrates how Psst! works.
For transparency, all such activities will be visible in the Activity Log for the admins to know and review.
Let us know your thoughts in the comments.