Online security while traveling

Would you or some smart forum users confirm or explain the following security setup.
Thank you in advance.

Using iOS device on a hotel wifi network with VPN and 1Password.
This is my understanding;
The hotel or any other public network is not very secure. But if I use VPN, the internet traffic is encrypted from my device to the web site I’m visiting, being routed through the VPN servers.
Now, theoretically, VPN company could build a system that actually tracks and collects data without the end user knowledge even if the traffic is encrypted by said VPN.
If I use 1Password to provide login information to the website I’m trying to access, my device knows the information and the website I’m visiting receives the information to allow me to login. I understand that only data requested are decrypted in 1Password so the rest of my logins are secure. The wifi provider (hotel in my case) should see only encrypted data because of the VPN.

But, is it possible for the VPN provider to see the transmitted data or is it decrypted in 1Password in a way that VPN cannot access the data?
Or broader question, how secure is login while on public network with VPN using 1Password?

Thank you


1Password Version: 7.4.5
Extension Version: Not Provided
OS Version: iOS 13.3.1
Sync Type: 1Password

Comments

  • BenBen AWS Team

    Team Member

    Hi @Fairgame

    Now, theoretically, VPN company could build a system that actually tracks and collects data without the end user knowledge even if the traffic is encrypted by said VPN.

    Correct; in some ways you are shifting your trust from the hotel, cafe, ISP, etc to the VPN provider.

    But, is it possible for the VPN provider to see the transmitted data or is it decrypted in 1Password in a way that VPN cannot access the data?
    Or broader question, how secure is login while on public network with VPN using 1Password?

    Your connection to 1Password would be secure, but your connection to the websites you are trying to log in to may not be. You should always verify the website you're connecting to is using SSL (HTTPS) before filling your credentials. SSL is an encrypted tunnel between you and the website you're connecting to.

    Ben

  • Thanks

  • ag_tommyag_tommy

    Team Member

    On behalf of Ben you're welcome.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file