I often have my Firefox browser window narrowed to its minimum width to allow me more space for the window of an application I am working in, entering data from a site displayed in Firefox.
I have noticed that when I use the Firefox browser extension to initially authenticate to 1Password, the cursor does not appear in the 1Password window but rather in the browser's address/url window. I sometimes don't notice this in time an end up typing in my 1Password password which the browser dutifully sends off to the internet as a search string.
It strikes me that a bad actor who might have compromised my default search engine (DuckDuckGo) would see that a computer with such and such an IP address has entered this nonsense phrase several times over the past week and deduce that it is a password.
I don't know about the behavior of other browsers or platforms other than Mac. But I wanted to raise this issue within the forum to see if there's a cause for worry and to flag the issue as a possible bug. I can't tell you that exact pixel width at which this behavior is triggered other than it consistently occurs with the latest version(s) of Firefox and its narrowest width on my Mac.
1Password Version: 7.6
Extension Version: 1.20
OS Version: OS 10.15.6
Sync Type: Not Provided