Early access and Alfred / Spotlight / LaunchBar (3rd party search integration)

Since the Alfred integration has been introduced I have noticed that any changes made to website addresses are not being picked up by Alfred.

Is this a known bug?

Hi VirgilBoy, good to know that it's working for you. We'll be here for any future follow-up. 👍

Hi 1P_Ben

OK...I don't recall the method of entering the password on the mini being like this a few days ago. Following your tip, I just typed the password (in the blind) and it is working again.

Previously, seeing no apparent response to copy/paste or tying manually, threw me off.

Thanks, John

VirgilBoy

It is a feature of the macOS Terminal that nothing is shown as you're entering a password. If you type your password and then hit enter/return, does it work as expected?

Ben

Unfortunately, my 2nd Mac was also working, but this morning I discovered that the 1PW/Alfred feature is broken. I used the :1pextras command to try and revive things. In terminal, I am signing into 1PW but the very last entry (my password) is blocked. You see a symbol, but I am not sure what that means.

Is the :1pextras command part of 1PW CLI? Any idea why I cannot finish the signin??

Great to hear you got this working, @virgilboy! We look forward, as Dave mentioned, to further exploring what we can do (and make possible) with the CLI. 😃

Got mine working! I had to utilize the :1pextras trick on my second attempt. Thanks to cortig for that hint!!

Definitely a PITA setup but nice to see this functionality again...

That makes sense and thank you for that great explanation.

what is the security issue and was it present in 1PW 7 and earlier

There wasn't a security issue per se, but rather the approach taken in earlier versions of 1Password weren't ideal. To allow for the integration we needed to write out plain text files (unencrypted) with the following metadata of each of your items:

• title
• description
• URLs
• vault name
• item category
• account name
• vault identifier
• item identifier

This wasn't ideal for privacy and it also added another set of files that needed to be kept in sync. These reasons prompted us to hide this option in the Advanced section of Preferences and to default it to off.

When we went back to the drawing board in 1Password 8 we recreated everything to take performance and privacy to new levels and bringing this option forward didn't align with those goals.

Thankfully the 1Password CLI is now available and as we've seen Alfred has already started to use it. With that said, this is still the beginning and there's more we need to do with the CLI to make integration easier and more performant. For example, automatically bundling the CLI with 1Password (or having a button to install it) would be great.

Sorry for the bumpy ride everybody. And thank you for trying things out and sharing your experiences. 🤗

++dave;
1Password Founder

what is the security issue and was it present in 1PW 7 and earlier

Hoping @ben or someone else on the team can elaborate.

Might also suggest that the existing Alfred integration may need to be deprecated at some point if it is truly insecure.