Online security while traveling

Options
Fairgame
Fairgame
Community Member
in iOS

Would you or some smart forum users confirm or explain the following security setup.
Thank you in advance.

Using iOS device on a hotel wifi network with VPN and 1Password.
This is my understanding;
The hotel or any other public network is not very secure. But if I use VPN, the internet traffic is encrypted from my device to the web site I’m visiting, being routed through the VPN servers.
Now, theoretically, VPN company could build a system that actually tracks and collects data without the end user knowledge even if the traffic is encrypted by said VPN.
If I use 1Password to provide login information to the website I’m trying to access, my device knows the information and the website I’m visiting receives the information to allow me to login. I understand that only data requested are decrypted in 1Password so the rest of my logins are secure. The wifi provider (hotel in my case) should see only encrypted data because of the VPN.

But, is it possible for the VPN provider to see the transmitted data or is it decrypted in 1Password in a way that VPN cannot access the data?
Or broader question, how secure is login while on public network with VPN using 1Password?

Thank you

1Password Version: 7.4.5
Extension Version: Not Provided
OS Version: iOS 13.3.1
Sync Type: 1Password

Comments

  • Ben
    Ben
    Options

    Hi @Fairgame

    Now, theoretically, VPN company could build a system that actually tracks and collects data without the end user knowledge even if the traffic is encrypted by said VPN.

    Correct; in some ways you are shifting your trust from the hotel, cafe, ISP, etc to the VPN provider.

    But, is it possible for the VPN provider to see the transmitted data or is it decrypted in 1Password in a way that VPN cannot access the data?
    Or broader question, how secure is login while on public network with VPN using 1Password?

    Your connection to 1Password would be secure, but your connection to the websites you are trying to log in to may not be. You should always verify the website you're connecting to is using SSL (HTTPS) before filling your credentials. SSL is an encrypted tunnel between you and the website you're connecting to.

    Ben

  • Fairgame
    Fairgame
    Community Member
    Options

    Thanks

  • ag_tommy
    ag_tommy
    Options

    On behalf of Ben you're welcome.

This discussion has been closed.