A silly security question.
I'm sure someone can answer this? If an employee at 1password went rouge and decided to hack peoples accounts.
would it be possible for them to get access? Thanks
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Comments
-
Hello @acrylic2022! π
That's a good question! We take data security very seriously and we deliberately limit the information that we can access here on our end. All of your actual 1Password data is end-to-end encrypted using a private key derived from your account password and Secret Key so all that we see on our end are encrypted blobs of gibberish. You can read more about what we know and don't know about users here: What we (donβt) know about you | 1Password
We also have strict internal policies in order to prevent an internal compromise. Changes made to 1Password or to our systems are extensively documented internally and need to be reviewed and approved by multiple people. There's no way for anyone to "sneak" something into any part of 1Password.
We make it impossible for anyone (including us!) to access your 1Password account data if they don't have your account password and Secret Key. Here are a few resources that will allow you to dig deeper into how our security works:
Please let me know if you have any questions. π
0 -
Thanks for that information. I havent looked at the links yet.... i will. One question I have is, If i log into the 1password web account, the act of my putting my password into the actual web page to gain access (is that bit encrypted) Can employees see that? Or decrypt the stored sign in secret key etc.
Cheers and I love the app by the way and have been using it for many years. I'm planning on migrating more sensitive stuff to it, hence the questions.
0 -
Using the 1Password web app does not expose your secrets to us. π
Ben
0