1Password on Mastodon

Linux unlock using system authentication service: anyone with sudo access can unlock 1Password?

benzhangbenzhang
Community Member
edited December 2022 in Linux

If I enable "Unlock using system authentication service" on Linux, does that mean anyone with sudo access will be able to access my 1Password vault? i.e. they can change my user's password and sign in as me.

Asking because if this is true, then I would need to contemplate using this feature on any machine that could be easily compromised. e.g. any shared machine that gives users docker access.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • GreyM1PGreyM1P

    Team Member

    Hi @benzhang

    Unlocking 1Password with system authentication in Linux will only ever be as secure as the system authentication service itself. If root or another privileged user is able to override access to your Linux user account, particularly in an environment where the computer is shared and you're not the root user, there is a chance that a nefarious admin on the system could access 1Password in your user account if they took very deliberate actions.

    If you're not the root user of a system and you're concerned that you don't trust an admin user of the system, you may want to consider if unlocking 1Password using system authentication is right for you in that scenario or not.

    Please let me know if you have any questions, or would like any further help. :)

    — Grey

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file