I am concerned about the safety of chrome autofill

I am a long-time user, however concerned about using it in regards to this hack outlined here:
http://gizmodo.com/to-anyone-smart-in-all-things-security-does-this-mean-1791180918
can you address this for me?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:chrome autofill

Comments

  • Drew_AG
    Drew_AG
    1Password Alumni
    edited March 2017

    Hi @djdiem,

    Thanks for asking us about that, I'm glad you're thinking about the security of your data! :) I hope you don't mind, but I've moved your message to our Saving and Filling in Browsers forum.

    EDIT: After posting my original reply, I realized I might have misunderstood the exact nature of the problem, and my answer was probably a bit too simplified to apply to this exact situation.

    The short answer is that 1Password works a bit differently than the built-in password managers in web browsers, so the problem described in that article wouldn't fully apply. For example, the article says says the browser might fill credit card details in hidden fields even if it was instructed to fill identity information like an email address. With 1Password, you would need to explicitly choose to fill credit card information.

    For a more detailed answer about exploits involving hidden text fields, please take a look at this post from Jamie in response to a similar question: https://discussions.agilebits.com/discussion/comment/349354/#Comment_349354

    I hope that helps, but if you have more questions about that, please let us know. Cheers! :)

This discussion has been closed.