Are there docs for .config/op/config?

GreenRectangle
GreenRectangle
Community Member
edited February 12 in CLI

In particular, could a malicious actor abuse this information? I'm trying very hard not to have any plaintext secrets on the filesystem anywhere.

{
    "latest_signin": "",
    "device": "",
    "accounts": [
        {
            "shorthand": "",
            "accountUUID": "",
            "url": "",
            "email": "",
            "accountKey": "",
            "userUUID": "",
            "dsecret": ""
        }
    ],
    "system_auth_latest_signin": ""
}

Like some of these fields are self explanatory like email and url, but what about accountKey or dsecret?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • GreenRectangle
    GreenRectangle
    Community Member

    okay, it looks like accountKey is "secretKey" when logging into 1password. They really should rename that since accountKey seems much less important.

    It's unfortunate the cli can't take advantage of mac's keychain to store the sensitive bits here.