Secure Input Mode

Hi,

I'm considering using 1Password on my mac and the only worry I have is the master password and the possibilty of getting it compromised through for example key loggers that might already be on your system when installing 1Password. I have been reading around and read about Secure Input Mode and 1Password. Does this mean that even if (for example) key loggers are installed on your system, your master password can never be exposed since you type it in the 1Password application which uses Secure Input Mode?

Comments

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    Yes. That's pretty much it, @RdW.

    1Password uses Secure Input Mode for exactly this reason.

    -j

    –-
    Jeffrey Goldberg
    Chief Defender Against the Dark Arts @ AgileBits
    http://agilebits.com

  • Owh that's good to hear. I assume every part of 1Password uses SIM? Like when adding logins in the application itself or in the browserplugin?

    RdW

  • khadkhad Social Choreographer

    Team Member

    Password fields have Secure Input in OS X. And if you are saving Login items via the browser extension(s) as we always recommend, your passwords are saved directly into 1Password and filling them via the extension also bypasses the keyboard entirely. :)

  • But if you don't use the extension and save login items directly in the app itself that is also guarded from stuff like keyloggers?

  • khadkhad Social Choreographer

    Team Member

    All password fields have Secure Input in OS X.

  • thanks for the quick replys. I just got myself 1Password (macstore version). Is there a specific reason btw why you recommend adding logins via the browserextension?

  • khadkhad Social Choreographer

    Team Member

    thanks for the quick replys. I just got myself 1Password (macstore version).

    Thanks for your support! It's our pleasure to help. :)

    Is there a specific reason btw why you recommend adding logins via the browserextension?

    We always recommend saving Logins via the browser extensions because it allows 1Password to "learn" all the form fields on the page which results in more accurate filling. If you save Logins in the main app, 1Password can't actually learn anything about the specific page where you are trying to fill a Login item. It is pretty smart and its guesses work very well in the majority of cases, but for the most accurate filling, it is best to allow 1Password to actually see the page and record the exact form fields. We also find it much easier since you are filling out the form to log into the site anyway. Just allow 1Password to automatically save the Login or click the + button in the extension after you have filled out the form to save what you have typed into a Login item.

    I hope that helps. Please let me know if there is anything else I can help with.

This discussion has been closed.