Using Chrome extension with login


Team Member
This discussion was created from comments split from: 1Password Accounts security in general.


  • Hi,
    Log time 1PW User, but new and novice to the new 6.7.1

    Upon using the 1PW Chrome extension, and upon using the my.1password login
    for the Agilebits website, the 1PW extension (because I allowed it to) absorbed
    the login, key, and pw, ostensibly to do what it does, convenient, fast logins.

    Well, now all 3 items are populated thru the 1PW Chrome extension
    when called upon. Do I need to remove both the key and the master pw
    from the 1pw app, to keep it from passing thru google chrome, or just
    either the master pw or key?

    Network security is supposed to be painful, that's what they teach,
    so if it's best to manually type key and/or master pw, need to know.

    Thanks much, for all your hard work and accomplishments,

  • FrankFrank

    Team Member
    edited April 2017

    Hi @Mongoose - It's great to hear you're giving a 1Password membership a test drive. We appreciate the support :+1:

    Great question! Indeed it's super convenient to have everything filled using the browser extension but I understand where you're coming from. To be honest, I don't keep my Master Password stored since I know it by heart. Your Secret Key is with you all the time, if you added the account to one of your devices. You can always copy the Secret Key from there.

    If you know your Master Password by heart, you don't have to store it within 1Password. I like the convenience of using Touch ID on my iPhone and like you, I used the browser extension to open & fill my login details at some point. I realized the more I didn't type out my Master Password the more mistakes I made and eventually I forgot it. Now I type it in every-time to keep my memory fresh. Also note, your Master Password and Secret Key are never transmitted.

    I hope sharing my use case with you helped a bit. Ultimately the decision is completely up to you and let us know if you have any further questions. Thank you again for the kind words, I really appreciate it :smile:

  • brentybrenty

    Team Member

    @Mongoose: I also wanted to clarify that 1Password doesn't ever store your data in the browser; rather, it gets things you request on demand from the main app. And even better, 1Password doesn't decrypt all of your data when you unlock it either; it too only decrypts items as you access them. So roughly 99% (or more, if you have greater than 100 items in your vault) is encrypted pretty much all of the time, and data is only sent to the browser as needed. Cheers! :)

This discussion has been closed.