1PasswordX with onscreen keyboard

Sariel
Sariel
Community Member
edited November 2018 in 1Password in the Browser

Hi,

I'm just testing 1Password on my Linux machine. I have noticed that i unfortunately can not use the FF extension window in combination with my onscreen keyboard (e.g. Onboard) as it closes the window as soon as I start typing on the osk (when it looses focus). So i have to use the https://my.1password.com page to enter my master password.

So I'd like to ask two questions about this:
1. Is it somehow possible to change this behavior (e.g. in the settings)?
2. Does it have any negative impact on the security to log in via the https://my.1password.com website (e.g. is anything, like for example my master password, transferred over the internet that otherwise wouldn't be transferred if I'd use the extension window to log in)?

Thank you for your answer!
Sariel


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Sariel: Hmm, interesting. It sounds like your "onscreen keyboard" is just another app, so interacting with it takes focus away from the browser. I'm not sure that's something we can work around. I use 1Password X here all the time with the Windows 10 onscreen keyboard, but I guess that's different because it's an always-on-top overlay. Or Linux may just do things differently in this regard.

    1. Is it somehow possible to change this behavior (e.g. in the settings)?

    If you mean 1Password X settings, no. And I'm not sure it's something we could control anyway. The browser dismisses extension menus when something else is interacted with, and it's actually pretty important for security that we don't have the 1Password X menu drawn inside the webview. If you mean a way to have the browser not dismiss an extension menu when something else is focused, there's no way to change that that I'm aware of, but perhaps there's something undocumented.

    1. Does it have any negative impact on the security to log in via the https://my.1password.com website (e.g. is anything, like for example my master password, transferred over the internet that otherwise wouldn't be transferred if I'd use the extension window to log in)?

    I'm not sure what you're asking here, but I think it helps to clarify that at no time when you enter your Master Password to unlock 1Password is your Master Password transmitted. 1Password.com uses SRP specifically to avoid that. It's pretty sweet. I think that mayb answer your question indirectly, but if you have any others let me know! :)

This discussion has been closed.