1Password and unsecured public WiFi

Options
Munch
Munch
Community Member
edited May 2017 in Mac

Sorry if this has been asked/answered, but, I was unable to find any info...
I read the "White Paper" but was unable to gleam an answer.

If I am at Starbucks or using a similar unsecured Wifi network, is the login information for various sites stored in my Vault secure during transmission over the unsecured network? I understand my 1Password Master Password is secure, but, concerned about the login information being transmitted to the Wifi router from my devices.

Thanks!

Bill

1Password Version: 6.7.1
_Extension Version: Not Provided
OS Version: 10.12.4
_Sync Type: Not Provided

Comments

  • Drew_AG
    Drew_AG
    1Password Alumni
    Options

    Hi @Munch,

    Thank you for reaching out to us with your question. I'm glad you're thinking about the security of your data!

    If your question is in regards to syncing your 1Password data between your device and the cloud, the answer is that your 1Password data is end-to-end encrypted, which means it is always stored encrypted, stays encrypted while it’s being uploaded or downloaded, and is only ever decrypted locally on your devices. Even if someone were to get a copy of your data, it would be an encrypted blob that would be useless to them. We have more information here: How 1Password protects your data when you use a sync service

    Or if your question was about using the 1Password extension in your web browser, the extension itself doesn't actually contain any of your data. The extension is basically just a way for 1Password mini to interact with your browser so it can fill forms and offer to save/update Login items (when you click on the 1Password extension icon in your browser, the information shown there is coming from 1Password mini. The communication between 1Password mini and the 1Password extension happens locally and is encrypted and authenticated, so your data cannot be sent to any other processes except for the 1Password extension and 1Password mini. You can find more about that here: 1Password extension and 1Password mini security

    As far as filling your data on websites, once 1Password fills them, it has nothing to do with how the website transmits that information over the internet. At that point it's the same as if you typed that information in the website yourself, and transmitting that data over the internet is up to the website, browser, your internet connection, etc. If you're connected to a public and/or unsecured Wi-Fi network, it's a good idea to protect yourself and your device by using a VPN.

    If you're interested, you can find even more information about how 1Password protects your data here: About the 1Password security model

    I hope this helps, but please don't hesitate to let us know if you have more questions. Have a great weekend! :)

This discussion has been closed.