They don't let you use urls. To use images in their custom stylesheet you have to upload it to reddit, then use a special code or something, that gets replaced with the image url.
I prefer it when its run by a company, rather than someone renting out their apartment (I've stayed a coupleof times where they moved out of their home (once to stay with parents next door, not sure about the other)). I don't really see any advantage (for the person staying). The company ran ones are tidier, have cleaners they can arrange to come out and clean when required (like a hotel's daily clean), etc.
I use airbnb for cheap accomodation and because I can see exactly what the apartment will look like. I don't do it to talk to someone when checking in for an extra 10 minutes.
I don't get why people are making out this isn't a big issue - people would assume whatever is saved in the 'vault' is completely encrypted.
You'd never encrypt a password but leave all the filenames/directories viewable without the password...
(I've noticed this before when grep-ing for a domain, and it came up with stuff from my 1Password vaults, but couldn't work out a better solution so still stick with 1password ). Its a shame, because 1password is great in almost all other aspects.
In my opinion, when they came up with the new data format (OPVault), they should have made some kind of in-app notification/workflow to let people automatically convert to this new format.
Nobody reads all release notes, it's impossible. If you're not a computer nerd, you're using the old format forever.
I've also complained about this on their blog at the time.
> The Agile Keychain kept some information (most notably Location and Title) unencrypted so that these could be used to search for or identify a particular item, while the more sensitive content could remain encrypted. With the Agile Keychain format, the browser extensions could identify and list potential matches for a website without having to be “unlocked”. With the OPVault format, we have moved away from that. The user must unlock the data with their Master Password before they can see a list of Logins.
WinZip made a similar choice with its encrypted archives: you could see the list of directories and files before supplying a password.
I would prefer that my account info be encrypted, but I can't use the new OPVault format, because it requires 1Password 5, which isn't supported on OS X 10.9.
This is actually not the whole story. WinZip archives can be encrypted like you describe, but they can also be created with both the data and the list of contents encrypted.
>You'd never encrypt a password but leave all the filenames/directories viewable without the password...
I'm still not convinced that it isn't acceptable to leave your filenames/usernames still visible without the password for ANY password manager.
The first point is a valid concern, but minor. His second point is really only relevant to this 1password service.
Reason I ask is because I use pass + remote git server. Pass doesn't encrypt the filenames so the files are easily searchable. Are there any risks to this method?
I have the same setup (pass [0] + private git repository via Gitlab).
Password-wise it is as safe as my ssh key + gpp key, so pretty strong.
Metadata wise it is as safe as my ssh key + gitlab account (still pretty strong), or my linux session (WEAK).
Then again the same goes for any password utility I guess, since you can view passwords stored in browsers in clear text anyway.
They're not exactly in clear text: Chrome and IE encrypt them with the Windows session key (meaning only software running as the same user can decrypt them); Firefox on the other hand encrypts them with 3DES-CBC using a master password, if you set one, which is supposedly secure even against software running as the same user.
