Secure Desktop Function Removed?

Still monitoring this from time to time. I think the decision to remove Secure Desktop for master password entry is a poor one to say the least if it wasn't entirely clear in my previous posts! :-)

While I understand Secure Desktop for 1Password is less secure than Microsoft Window's own system level processes triggering it, it still provides another layer of security to protect 1Password customers using Windows. Sure, keyloggers - particularly the hardware keyloggers can still log keyboard entries but most software keyloggers will not be able to circumvent the 1Password Secure Desktop.

Further, there have been many examples of systems being circumvented using fake UIs. It is very EASY for a developer to create a mockup of a UI that looks like 1Password asking for a master password without Secure Desktop. Giving us Windows users an option to activate Secure Desktop by deter most if not all of these mechanisms.

Remember - we are looking for ways to protect our master password. It is very well and good to just say 1Password data is protected by both 2 or 3 secrets but when even 1 secret has been captured, it weakens the overall security of our vaults and that's never a good thing. This is how real world spy vs spy stuff works. They slowly gather enough intel about you until they have you!

And yes, Agile Bits can state that it is not our job to protect you from malware, threats and state actors trying to gain access but I hope you all remember that you're in the business of protecting passwords. The vault holds the keys to our kingdoms and it would be poor branding to just fob this off as "not our problem".

Until Master Passwords become a thing of the past (and I mean you no longer ask for it anymore), I hope you all reconsider this.