DefCon - phishing 1password - Comments?

I just saw defcon video (published feb 2016), and this one part really worries me....can 1password comment on this ?
<-- min 5:26 (the whole video is pretty interesting as well).

| I understand that the threats not really directly to 1password, as the phising is targeted towards the computer, but how can we prevent/mitigate this kind of threats.


1Password Version: 6.1
Extension Version: Not Provided
OS Version: OS X 11
Sync Type: Dropbox


  • @√MrSLK you'll probably find this knowledge base article relevant (in case you've not already read it):

    How does 1Password keep my data safe?


  • brentybrenty

    Team Member

    @MrSLK: The interesting thing is that this has nothing to do with 1Password or a cell phone provider or satellites. The details don't matter, and this just serves to highlight that that you or anyone entrusted with your sensitive information are a potential security risk. And that's terrifying.

    But the cool thing about 1Password is that we can never reset or change your password. Now, if you forget your password you're out of luck, but after watching this video I suspect that anyone will gladly accept that tradeoff since it means we can't be compelled, coerced, or otherwise tricked into screwing you.

    However, going back to the first point, if you yourself are fooled into giving up your Master Password when someone has access to your computer (and therefore your data), they are effectively you and can use it to unlock your vault just as you could. It's absolutely critical that we're each vigilant and only install software from trusted sources, so that we don't unwittingly give someone else access to our most important data. Better safe than sorry.

This discussion has been closed.