Locking my vault -- best practice?
Do I always have to have 1password unlocked to use it? It seems like I do. But by having it unlocked all day while I am at my computer, aren't I vulnerable to someone stealing all my data out of my 1password account? Am I supposed to lock and unlock everytime I walk away from my computer? I feel like if I leave it on all the time I am vulnerable to someone getting my data without my realizing it. Am I supposed to lock and unlock it after every use?
Comments
-
If you leave your desk then you should lock your data. That goes for Windows as well as 1Password. However, you don't need to lock it in between each use unless you're super paranoid.
Personally I have my auto-lock settings all turned off except the "Lock when the workstation locks" option. When I leave my desk I hit Win+L and it locks both 1Password and the workstation.
0 -
Thanks, @RichardPayne!
@newbie, you have almost complete control over how often and under what circumstances your 1Password vault is locked.
The options are mostly on the Security tab of 1Password preferences, but some of them are affected by options on the General and Browsers tabs, as well.
0 -
If I am sitting at my desk using my computer as normal and I am online and 1Password is unlocked, can someone hack into my computer via malware or some other spy ware and get all my passwords without me knowing it? Also, I can't figrue out what setting I changed that is making me have to log in twice every time I use it. I log in and then to open it I have to log in again, any idea why?
Thanks for the above advice!0 -
It's hard to say what setting you changed. I can only ask you to review your settings on those three tabs cited above and read the corresponding articles in the user's guide, to know how to set up the behavior you want.
Note the one scenario, though, in which you will have to unlock your vault when it seems to be already open:
https://guides.agilebits.com/1password-windows-kb/4/en/topic/excessive-data-locking0 -
I'll ask our "security guru" to address your concern about malware.
0 -
Hi @newbie!
You will discover that there rarely are short answers to security questions. The bad news is that in principle, once your computer is compromised it is no longer your computer; it is the attacker's. So if your computer gets compromised with malware that runs with your (or higher) privileges than it can get at anything that you can get at. So if 1Password is unlocked, then both you and it will be able to get at the secrets stored by 1Password.
In practice, however, most malware does not exercise all of the powers that are available to it in practice. For example, a fair amount of malware just runs superficial keystroke loggers, which we offer some defense against. You can read about that in Watch what you type: 1Password’s defenses against keystroke loggers.
The most important thing to do is to keep your system free of malware.
Single most effective way to keep your computer malware free
By far and away, the number best thing you can do for your system security is to keep it and its software up to date.
If you haven't enabled automatic Windows Updates, please do so. That single action will dramatically reduce the chances of your system being compromised.
Other steps.
- Pay attention to what software you install
- Run Microsoft Security Essentials on Windows 7 or Windows Defender (already switched on) on Windows 8.
Modern operating systems, including Windows from Vista onward, make it harder for malware to be installed and run on your computer. But they do require that you keep your system up to date and that you be sensible about what you download and install.
1Password helps enormously to your security, but you must provide it with a secure foundation to stand on.
0
