Schneier - 1Password's Travel Mode

The 1Password password manager has just introduced "travel mode," which allows you to delete your stored passwords when you're in other countries or crossing borders:

Your vaults aren't just hidden; they're completely removed from your devices as long as Travel Mode is on. That includes every item and all your encryption keys. There are no traces left for anyone to find. So even if you're asked to unlock 1Password by someone at the border, there's no way for them to tell that Travel Mode is even enabled.

In 1Password Teams, Travel Mode is even cooler. If you're a team administrator, you have total control over which secrets your employees can travel with. You can turn Travel Mode on and off for your team members, so you can ensure that company information stays safe at all times.

The way this works is important. If the scary border police demand that you unlock your 1Password vault, those passwords/keys are not there for the border police to find.

The only flaw -- and this is minor -- is that the system requires you to lie. When the scary border police ask you "do you have any other passwords?" or "have you enabled travel mode," you can't tell them the truth. In the US, lying to a federal office is a felony.

I previously described a system that doesn't require you to lie. It's more complicated to implement, though.

This is a great feature, and I'm happy to see it implemented.



from Schneier on Security https://www.schneier.com/blog/archives/2018/07/1passwords_trav.html