Data when 1Password is unlocked

Hello, I am using the 1Password chrome extension and have read through the security documentation of the product (which is very impressive)

One thing I am wondering though is where the unencrypted data is stored after you unlock your vault using the master password? For example, once you unlock your vault, you are able to search the extension for any items which have been decrypted for a certain amount of time without having to re-enter the master password again.

Is the unencrypted data stored in the memory of the chrome extension until it auto locks again? Is the master password stored somewhere temporary in order to decrypt the data again without prompting the password? I'm wondering about the level of security at this stage of using the application so any information about how this is done safely would be much appreciated!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • ag_yaron
    ag_yaron
    1Password Alumni

    Hey @Nexxus ,
    Thanks for taking the time to read our security documentation, which I assume our white paper was a part of, as well as our extension's security in your browser.

    The extension and the data in it are running in a sandboxed environment provided by the browser's API, which means webpages and other extensions are not able to access its local data whether encrypted or decrypted.

    However, if your computer is compromised and someone has access to your RAM and/or hard drive, they will be able to read the decrypted information.
    Your Master Password is not stored anywhere on your computer so it will remain safe, but a decrypted app/extension are vulnerable to direct access of a compromised system.

  • Nexxus
    Nexxus
    Community Member

    Hi @ag_yaron thanks for your response, this helps clear up my question! So the data will be stored locally but within the sandbox environment, is the actual file that is encrypted and containing the info decrypted, or is the decrypted info just held in the local data store?

  • ag_yaron
    ag_yaron
    1Password Alumni

    Glad I could help.

    The database file is encrypted in the browser's local storage, and then decrypted in the same place when you unlock the extension.

This discussion has been closed.