Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
`op account add` shouldn't show the Secret Key!
I'm configuring the CLI for the first time, and I was surpresed to see that op account add shows the Secret Key as I type it (same for op vault ls ).
For such a sensitive secret, it should defin...
Sorry, but I'm completely lost. My understanding was that the secret key (previously called Master Password) is extremely sensitive, since it's used to unlock 1Password, and give access to all of my (940) passwords. It's hidden in the 1Password for Mac, 1Password in the browser, and in the web (https://my.1password.com/).
Now you're telling me that it's not sensitive, and it's ok to store it in cleartext in a text file with a known location?
What's the purpose of locking the vault then? If an attacker has access to my computer he can read ~/.op/config and then unlock my vault and read all my passwords!
