2FA protection/ no autologin/autofill

Community Member


I have a question.
I react on this topic, where is written, why 1password doesnt support autologin..


my question is

  1. in the topic is written, that autologin and autofill is set to manual, because of potencial malware webpage, or added invisible script - but what protects me from phising, when I fill the data manually? Or the only difference is, that I choose, when to fill and where not, but otherwise I dont have any control of being phised by this way..

  2. If I use 2FA for certain pages, and let me being logged.. and if I set YUBIKEY click on certain pages - is hacker able to "re-join" my own IP adress, which means, he will bypass 2FA? (meant it will look, like I am connecting to some service, but actually it will be him) .

  3. If I have PC on, but dont watch and someone hacks my PC, he can just invisibly connect to my services, for example if I will have autofill and autologin in Lastpass? like I guess there are two states - when he remotely controls my screen and I can see, that he is hacking me , so I guess, it will be complicated, and he could be able to "have remote control, have other screen of my harddisk, which I dont see, and without my consciousness do, what he wants" .. - only protection against this would be having the important services secured by 2FA or MFA , so he might see the passwords, but cannot autologin, as he cannot skip the second autentification..

Am I thinking right?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

This discussion has been closed.