Keeping 1PW open security

Can you tell your best practice recommendations regarding keeping 1PW open (or not). Using Windows. Also, I cant find the Preferences section re security.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Can you tell your best practice recommendations regarding keeping 1PW open (or not). Windows.

Comments

  • Best practices are really dependent on your specific environment and security concerns, @rlbusch, so it's tough to give advice on that topic that remains good across the board. The best way to decide what is best for your situation is to think about the sorts of threats you're concerned about. Is this a device that's likely to be stolen? Is it used in public places where you may need to leave your devices unattended at times? Is it shared with anyone in any way? How sensitive is the data you store in 1Password on that device?

    I have some devices that are both work and personal devices so I have to take some additional precautions on those devices to comply with our security requirements, but on devices that are only for personal use, I'll often be a bit more lax. For example, I have a separate user on my desktop that's exclusively for personal use. I only sign in to my own 1Password account there – not my work account – and the vast majority of the data in there is stuff I share with my fiancee anyway. The cats can't type so he's the only real threat in my home making it not big deal to avoid autolocking entirely. My Surface, on the other hand, is used for work mostly. It's a test device primarily, but I'll work on it when I need to be away from my home office, so I've made its settings more aggressive. Not only is my work data more sensitive and thus in need of greater protection, but there are a lot more risks to my device in general when away from home. I've had more devices stolen over the years than I care to admit, so I've had a degree of paranoia instilled in me as a result. Another example might be someone who is a political activist in a country known for efforts to suppress dissent. These folks are going to have everything on lockdown because they face threats most of us never will. Politicians, similarly, are targets of things we're not likely to have to worry about so their security practices will be more strict.

    It's the most annoying type of answer to be sure, but the only right answer to best practices is that the answer will vary based on the threats you face. If you can share your specific concerns, I and my teammates can certainly give you some specific advice about how to use 1Password to protect you from those threats, but security is something best not handled with generalities. Good security advice has to consider those specific details because the dangers in a lowest common denominator are very real for those with more stringent needs. All the same, I hope some of this gives you some food for thought and helps you consider the specific concerns you have. If you've got some ideas, feel free to share them and we can talk about what might work best for you. :chuffed:

This discussion has been closed.