Signing back into the Community for the first time? You'll need to reset your password to access your account.  Find out more.

Forum Discussion

System's avatar
System
Super Contributor
4 years ago

Electron

This discussion was created from comments split from: 1PW8 for macOS.
betas
1P_PeterG's avatar
1P_PeterG
Icon for Community Manager rankCommunity Manager
4 years ago

@privateuser - I'm sorry to hear you say this. We care very much about security here, and in fact our security model is based explicitly off not asking you to simply accept a pinky-swear that we're secure. We don't want you to have to trust us. We want to architect a solution that means you won't have to. That can still be done with cloud sync.

The entire architecture of 1Password - from AES-256, end-to-end encryption, on to the Electron hardening in 1Password 8 - is intended to provide security without sacrificing privacy.

We do serious security audits as well:

https://support.1password.com/security-assessments/

since there is no way of proving they're not tempering with you data server side

Respectfully, there's no way for us to do this, because the model we've established doesn't allow it. We never have your account password or Secret Key, so we can't do the calculations necessary to decrypt your data. How could we? It's just not mathematically doable.

We also collect minimal information on our customers, as detailed here:

https://support.1password.com/1password-privacy/

Whatever your criticisms of our approach, I hope you'll choose to engage with what we're actually doing. It's hard for us to respond to criticisms of things that are neither our practice nor intent.