Security Design Question

Community Member


I just read the following and would like to know if this has already been discussed:

My understanding, from reading the above, is that once the master password has been entered into 1Password, all password details have been decrypted, residing in memory on the host computer.

The above article refers specifically to a Windows environment, however, I suspect it is the same on a Mac.

If what the article claims is true, then to my way of thinking, this means that 1Password is only as secure as the host environment it is running on, is secure.

Also, this means that when 1Password starts up, it does not check if the executable has been modified, because if it did, then it does not seem possible that the above could have worked.

As a 1Password user, I found the above blog/post, quite disturbing.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided


  • mrbeign
    Community Member

    That was an interesting read. It looks like there was a comment left by someone on the development team for 1Password versions 6 and 7 for Windows and he gave his thoughts.

This discussion has been closed.