1Password's access to the data from the "share passwords" function

feasiblebanana
feasiblebanana
Community Member
edited December 2022 in Lounge

Hi there!

Just wanted to understand how the username/password/TOTP data is stored when using the "Share Password" functionality.

I understand that the vault itself is secure, but by using the "Share Password" function, I'm trusting 1Password with the sensitive data.

So just wanted to understand what 1Password does to protect the data in this scenario.

Thanks!

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • Dave_1P
    Dave_1P

    Hello @feasiblebanana! 👋

    The good news is that even items shared using the secure share link feature remain end-to-end encrypted and 1Password does not have access to those shared items. When you share an item 1Password will generate a unique share secret on your device and that share secret does not get sent to us. Your item is then encrypted using the share secret and a link to both the item and the share secret itself are written into the URL that 1Password creates for you.

    In a share link the portion of the URL after the # symbol contains the share secret and it's never sent to our servers so we don't have the ability to decrypt the shared item. Only the person who receives the URL can decrypt the shared item.

    You can read more about the security of shared items here: About the security of sharing items using a unique link

    Let me know if you have any questions. 🙂

    -Dave

This discussion has been closed.