Not sure whether this intended, but at the very first login to 1Password X (for Firefox) I chose the option "Public computer" and expected to have to enter my Secret Key at every next login. However this is not the case; I only have to enter my password (so also not my email address).
What's the intended behaviour?
1Password Version: 1Password X for Firefox
Extension Version: 1.6.3
OS Version: macOS 10.13.4
Sync Type: 1Password.com
Comments
Team Member
Hey @XIII,
Great question! In our "About 1Password X security" article we write:
I stand by that 100%. You should not use 1Password X or any 1Password client applications on untrusted or public computers. That being said you've run into a confusing situation because we use the very same login form for 1Password X as you see when logging into your 1Password.com account to access the web client. We really shouldn't allow users to add an account to 1Password X when that box is checked. I've gone ahead an opened an issue for the rest of my team so we can get this UX changed.
In the meantime, if you're looking to add an extra layer of protection to your 1Password.com account, I highly recommend checking out our new two-factor authentication.
I hope that helps, but please let me know if you have any questions and have a great weekend!
-Beyer
Team Member
@XIII: Seriously, great catch! Thanks for bringing this up.
ref: b5x-353