How secure is using 1PW on corporate laptop?

nashmrkt
nashmrkt
Community Member

I have a macbook pro that company gave me. Our company has all kinds of software that tracks controls the laptop and most likely they have the root password. Let's assume they do not have a key logger (I think that maybe illegal here).
Is using 1pw app safe on this laptop? Safe as to can anyone else access my data if I use 1PW app?
I have so far been using the web version of 1pw on this laptop but I miss the autofill function. I really would like to install the desktop app so that I can use Chrome extension to auto fill my ID and passwords but I want to be sure that no one else in the company can ever get access to my data either.
I know the safest bet is not to use 1pw on corp laptop but I want to know my options.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: 11.3.1
Sync Type: Not Provided
Referrer: forum-search:using 1pw on corp computer

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @nashmrkt!

    I just wanted to let you know that I have sent your questions directly to our security team, we will post back here as soon as possible :+1:

  • Lars
    Lars
    1Password Alumni

    @nashmrkt - I'm surprised to hear that a company which invests in significant surveillance-ware would allow its employees to install apps of their own choosing onto a Mac (or PC). Generally, the first thing companies who go to those kinds of lengths do is to disallow non-Admin user installation of apps. However, if your company does allow it, and your question is: can they get access to your data, the only accurate short answer I can give you is: I don't know.

    ...most likely they have the root password.

    If that is the case, then it is probably best for you to engage in some threat-modeling in order to help you determine the course of action you want to take. If someone can execute code remotely as root on your device, there is very little they could not do. What they will do is a question that I can't - and it sounds as if you can't - answer with certainty. But that would be the question you need to keep top-of-mind in your threat-modeling. If you believe (as you mentioned) they have the capability to do essentially anything, then as you also said, the safest bet is not to use 1Password on that (or any unknown/untrusted) device. All of what I think you were getting at by referring to your options range along asking yourself how likely it would be for your employer - or someone with access - to actually do that. Were it me, I'd keep a mobile device I owned with me at all times, and if I had a need to conduct private business while at work (hey, it happens), then I'd use that to do it.

  • nashmrkt
    nashmrkt
    Community Member

    Yes they do allow us to install application on our laptops as our work requires us to be able to. Thank you for the comprehensive response.
    Of course I assume that no one from my work would actually use their access to my laptop to access any of my personal information. But I want to be safe so you did answer my question. Thanks you

  • Lars
    Lars
    1Password Alumni

    @nashmrkt - you're quite welcome! :)

This discussion has been closed.