a generated passwords ist automatically saved, which is fine. But it isn't saved in private vault but in the vault which is currently selected.
This current vault can be a shared one and in that case the password is accessible by others, which the user is not aware of.
I already have another concern with shared vaults, for me it more and more seems like the sharing in 1Password is not well thought through.
I like the simplicity of sharing passwords by being able to share a whole vault, but behaviors like this really destruct security.
The only way to share is to share a whole vault, and it doesn't seem like you thought about the potential risks of this only way.
Also, sharing should be possible in other ways, also to be able to share the same item to multiple people without having to create an enormous number of vaults.
We just switched to 1Password, but these behaviors really make me doubt if it was the right decision.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Referrer: forum-search:Security issue: Generated passwords are automatically saved in current (possibly shared) vault