1Password Chrome keeps offering to save... on 1Password.ca
I'm using the Chrome extension with a 1Password team account.
I don't want 1Password to save my master password to 1Password!
I have an entry in my vault for:
mydomain.1password.ca
1password.ca
1password.com
All of them are set to "Never fill on this website".
At the login page, I have used the right-click menu "1Password -> Hide on this page"
Yet every time I log in, it pops up and offers to save my password.
Site-specific autofill settings should also affect the "offer to save" feature.
1Password Version: Not Provided
Extension Version: 8.10.46.26
OS Version: MacOS 13.6.9
Browser: Chrome 129.0.6668.90
Comments
-
Hello @sylvank! 👋
Thanks for the question! It's absolutely safe to store your account password (and Secret Key) in your Private vault in 1Password. No one can access your 1Password items without both your account password and Secret Key so they would need to know your account password/Secret Key to get to your account password/Secret Key.
A good analogy here is to think of a physical safe: you can store a copy of the key to the physical safe inside of the safe and someone would need to already have a key in order to open the safe and get the copy of the key.
Was there a particular reason why you wanted to avoid saving your account password in 1Password? Using the 1Password - Password Manager > Hide on this page option will prevent 1Password from saving or filling on a page until the next time that you restart your browser. There isn't a permanent hide option.
-Dave
0 -
Hi @Dave_1P thanks for getting back to me. In this case it's a matter of user preference; I don't want any possibility of an active browser session or forcibly accessed device being used to log into the admin site.
I just found that using the Hide option on both the login and the post-login page effectively accomplishes what I want, if it were a permanent setting.
I already have "Never fill on this website", which is an option you have provided for users, and so you (as a team) see there may be various needs or reasons why a user would do it, otherwise why have the feature? So then popping up offering to save the password for a site already marked "Never fill" just becomes an unnecessary UI annoyance.
0 -
Thanks for the reply. "Never fill on this website" is an autofill behaviour that applies to filling but not saving logins.
I've filed a feature request on your behalf to add an option to permanently prevent offering to save a password on a certain website and the team will consider it for future versions of 1Password. Thank you for the feedback!
For the time being, I recommend changing your auto-lock settings so that 1Password locks more often in order to prevent folks from being able to access 1Password without your knowledge:
I hope that helps.
-Dave
ref: PB-43201303
0 -
Hi, sorry for the delay, just want to thank-you for considering my feedback. This would be a nice quality-of-life improvement.
Also just want to note both BitWarden and LastPass have this feature:
https://bitwarden.com/help/exclude-domains/
https://support.lastpass.com/s/document-item?language=en_US&bundleId=lastpass&topicId=LastPass/Manage_Never_URLs.html&_LANG=enus0