Saisie sécurisée du mot de passe maître

Saisie sécurisée du mot de passe maître :

J'utilise en permanence 1Password qui devient indispensable dans ma vie quotidienne.
Ma question se rapporte à la sécurité.

  • Est-ce qu'il y a un risque à déverrouiller 1Password via 1Password X?
  • Serait-il possible d'utiliser Windows Hello pour Google Chrome comme pour Microsoft Edge?
  • Sinon quelles précautions faut-il prendre pour assurer le maximum de sécurité lors de la saisie du mot de passe maître?
    Merci

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Saisie sécurisée du mot de passe maître

Comments

  • Lars
    Lars
    1Password Alumni

    @Ossaife - there is an element of risk involved with anything when it comes to computer security, and no system or product provides you with perfect security at all times. If anything could do that, everyone would already own that product and nothing more would need to be done, purchased or installed.

    Instead, as we often say around here, security is a process, not a product. It requires a coordinated strategy on your part that includes using not just 1Password but also things like (depending on your own situation) a VPN, physical security measures, and whatever else you decide makes sense for your particular profile.

    When it comes to using your Master Password, I'm not entirely sure I know what you're asking. We do have instructions for how to choose a good Master Password, and of course there is the usual advice about not sharing your Master Password with anyone else or entering it in "hostile" environments such as crowded public places or where you suspect you may be under video surveillance, etc.

    In regard to 1Password X, there's no specific vulnerability you need to be aware of, or that makes 1Password X inherently less secure than using 1Password in our older, "requires-desktop-app" extension. I would recommend turning off your browser(s)' built-in password management system, as that can and will try to record your Master Password and store it less securely within the browser...but it's already our advice to turn off browser's built-in password managers, so you should be doing that already anyway (you are, right? ;) ).

    If you're using Windows Hello, there are a lot of options (at least in comparison to just Touch ID or Face ID on the Apple side of things), but they all come down to: how strong is your Windows user account password? If you use a relatively weak Windows account password (at least, in comparison to your Master Password for 1Password), that will be the weak point in such a setup, which is why we'd recommend a user choose an equally-strong user password for their Windows account as well as for 1Password.

    If I've misunderstood your or you have follow-up questions, let us know! :)

This discussion has been closed.