Linux unlock using system authentication service: anyone with sudo access can unlock 1Password?
If I enable "Unlock using system authentication service" on Linux, does that mean anyone with sudo access will be able to access my 1Password vault? i.e. they can change my user's password and sign in as me.
Asking because if this is true, then I would need to contemplate using this feature on any machine that could be easily compromised. e.g. any shared machine that gives users docker access.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Comments
-
Hi @benzhang
Unlocking 1Password with system authentication in Linux will only ever be as secure as the system authentication service itself. If
root
or another privileged user is able to override access to your Linux user account, particularly in an environment where the computer is shared and you're not the root user, there is a chance that a nefarious admin on the system could access 1Password in your user account if they took very deliberate actions.If you're not the root user of a system and you're concerned that you don't trust an admin user of the system, you may want to consider if unlocking 1Password using system authentication is right for you in that scenario or not.
Please let me know if you have any questions, or would like any further help. :)
— Grey
0