1Password Travel Mode: How to Protect Your Phone and Login Information at the Border (2025 Guide)
1Password's Travel Mode allows you to protect login credentials when going through customs. It's not a silver bullet, but it's an important legal step you can take. Here's how to use it.
Searches of digital devices at US borders have reached record levels. Between April and June of this year, U.S. Customs and Border Protection (CBP) conducted searches of nearly 15,000 devices—over 2,000 more than the previous quarterly high. Alongside these numbers are reports of travelers being detained for hours or even denied entry based on content stored on their devices.
UPDATE: Wow, I’m blown away by the response to this post! Thank you to everyone who has shared, commented, etc. I’m going to be running a free (with RSVP) digital self-defense webinar on Thursday, Oct. 2 at 7pm EDT. Find out more here:
Free Webinar: Digital Self-Defense 101
The amount of folks in my life asking me if I could teach them the basics of digital security has been increasing to the point where it seemed like a broader offering might be worthwhile. The recent engagement on my latest post on 1Password travel mode
While U.S. citizens and green card holders cannot be refused entry, they can face device seizures and prolonged questioning if they decline to comply with searches. According to the American Civil Liberties Union (ACLU), even stating you do not consent may not stop CBP from taking your phone. Official policy states that agents may not access data stored solely in the cloud, but enforcement in practice is inconsistent.
Esha Bhandari of the ACLU’s Speech, Privacy, and Technology Project warns that CBP claims “essentially a limitless authority” to conduct searches without a warrant, which means that, if you’re traveling, preparation is key.
To that end, there is one key step you can take to protect (aspects of) your digital existence using 1Password’s “Travel Mode.”
Note: I’m a huge proponent of password managers, and have specifically promoted 1Password for over a year now on the Urgent Futures Podcast. I’ll receive a small commission if you use this link: https://1password.partnerlinks.io/UrgentFutures. I appreciate those of you who support my work this way, but the main point is that you get a password manager, ideally one that has features like 1Password’s Travel Mode.
Minimizing Data Exposure
But before we get to that, one effective strategy is simply reducing the amount of data you carry across the border. Security experts recommend practicing “data minimization”: bring only what you truly need and leave the rest behind. For example, if you’re traveling for vacation, consider whether you really need your work laptop.
For items you do need, storing them securely can add a layer of protection. Password managers like 1Password offer features such as Travel Mode, which temporarily removes selected vaults of information from your device. These vaults cannot be restored without logging in through a secure browser session, making them inaccessible during a border search.
To be clear: this is not an illegal feature and I’m not advocating for violating U.S. laws here. Rather, I hope to encourage you to take your digital identity and information seriously; even if you have “nothing to hide,” we live in an age of leaks and hacks. It’s certainly possible that CBP would download your data and it amounts to nothing at the agency itself, only for that information to make its way onto the Internet because of bad actors finding a way to access the data. This is not something you want happening to any of your passwords, but especially critical ones like those that grant access to your personal email address, through which entry into other websites, platforms, and apps becomes easy (think everything from social media to banking).
How 1Password’s Travel Mode Works
You set Travel Mode up in advance by organizing all your login credentials, notes, and sensitive information into a series of different vaults. You can then choose which vaults are “safe for travel” and which are not. When you activate Travel Mode, your selected vaults are removed from your device. You can reactivate them afterword using your emergency kit, a document that includes your secret key, login email, setup QR code, and a space to input your master password.
You generate an emergency kit at my.1password.com using the Manage Account button. You should either store this emergency kit in an encrypted drive (whether locally or via a trusted cloud provider like Proton Drive) or printed out on a piece of paper and stored in a safe location. A couple caveats: do not store the emergency kit unencrypted on your computer (as this leaves open the possibility of that information being stolen) and do not leave the device you’re traveling with logged in to 1Password (otherwise it might be possible for Travel Mode to be reverted).
To reiterate: a border agent can’t legally search what isn’t on your device. Of course, given the current administration’s relationship to constitutional law and surveillance, it’s never safe to assume you’ll then be off-the-hook—but on the other hand, every step you take to protect yourself might mean the difference between protecting your login information and not.
Note, reader
left some really vital comments about the limitations of Travel Mode (and password managers in general) below, as well as some prescriptions for how to increase your digital security. I highly encourage you to read them to get a fuller picture.Securing Laptops and Other Devices
While tools like Travel Mode can help with phones, laptops require a different approach. Built-in encryption options such as BitLocker (Windows), FileVault (macOS), or Chromebook’s default encryption can protect data from unauthorized access.
For additional protection, some travelers use VeraCrypt, a free, open-source tool that allows full-disk encryption and hidden partitions. Its “plausible deniability” feature lets you create an encrypted volume within another, disguised as random data. Though more advanced, this can be useful if you must travel with sensitive material.
Note for readers: I also host the Urgent Futures Podcast, where I cover topics like this in digital culture, tech, and media theory, as well as broader issues of polycrisis, climate change, degrowth and more. Here’s a sample with :
Nina Jankowicz: Why Disinformation Is Still a Critical Issue for Democracy | Urgent Futures #24
Welcome to the Urgent Futures podcast, the show that finds signal in the noise. Each week, I sit down with leading thinkers whose research, concepts, and questions clarify the chaos, from culture to the cosmos.
👉 Subscribe to Urgent Futures now: Youtube | Apple Podcasts | Spotify.
Practical Steps Before You Travel
While there is no silver bullet to completely immunize yourself from surveillance, here are steps you can take to increase your protection when crossing the border:
Organize and minimize: Decide which files, apps, and accounts are essential and remove everything else.
Use cloud backups wisely: Store sensitive data securely online, but log out of accounts on your devices before traveling.
Encrypt your devices: Turn on built-in encryption, and consider advanced tools if needed.
Plan ahead: If you use tools like Travel Mode, set them up before leaving for the airport.
Ultimately, the safest approach is to cross the border with as little data as possible. That’s why it’s so critical to plan ahead and use available tools to reduce the risk of exposing sensitive information during a search.
And while you’re at it, another clear way to protect yourself is to get a VPN like NordVPN. Use this link to get 77% off NordVPN’s 2-year plan + 3 extra months.
All great points, thank you! Critical stuff to consider. I’ll direct folks this way in the post so that they can read them.
1Password travel mode is not a panacea. It’s a feature that might help while making other tradeoffs.
It is true that you can use 1Password v8 to effectively travel “clean” through customs, with no password data on you. But that too will raise suspicions, just like the kids who thought they could either selectively delete their social media or pretend that they have no social media accounts at all.
Secondly, 1Password v8 forces you to store all your passwords in a cloud system that Agilebits claims is secure. Version 7 and below allowed the user a choice of where to store the encrypted data file and how to exchange updates among devices - in a cloud or locally.
The cloud storage requirement was a cornerstone to the subscription-only model that agilebits rolled out as of v8. In the before times, people could buy perpetual licenses. To me, v8 is a classic example of a “enshittified” app where valuable features are removed while price is raised.
The cloud model is predicated on encryption being secure, their implementation being secure, etc. and it represents a huge target for hackers. It’s available 24/7, lots of reward for the effort put in since 1Password users can also use it to store SSNs, photo ID, and like sensitive documents.
Whereas the local storage model of prior versions would require a hacker to hack into millions of homes (which will not scale as easily since people have choices re firewalls, OS, IDS, and so on). Ditto local exchange vs. cloud exchange. It’s very hard to scale intercepting stuff locally for an attacker.
So no, I would not put 1Password v8 on a pedestal. Instead, I would travel with a password manager that has a minimum of content (ie a travel subset that you cannot be without) while leaving the rest behind. Ideally travel with burner devices that have little content to go through in the first place.
On iOS / MacOs consider strongbox pro as an excellent alternative to 1Password, it gives you a choice where to store passwords and how to exchange them among devices. They even offer family plans and give you a choice between perpetual licenses and subscriptions. I know, choice, what a concept.