I got an email to say someone from another country had signed into my 1Password.

JennyD47
JennyD47
Community Member

KFSUWI Jersey on Saturday October 27, 2018 at 6.40pm BST. Hi, Jenny. Your 1Password account was just used to sign in from 1Password for Android. New 1Password sign-in from KFSUWI. 27 October 2018 18.40.

This is all the information in the email. Note - I do not live in Jersey.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:I got an email to say someone from another country had signed into my 1Password.

Comments

  • Hi @JennyD47. Do you recognize the device that was used to sign in or recall signing in at that time? Also, do you use a VPN at all?

  • Finke03
    Finke03
    Community Member

    Hi,
    I‘m currently struggling with my self to switch from 1PW4 to a family membership and upload all my sensible logins to your cloud platform.
    But if I’m seeing such kind of posts, I will be confronted with the worst case horror scenario.
    Does somebody know the outcome of this topic? In the past I saw a similiar post, but I think the discussion has been clarified via mail and the outcome was not transparent to the community.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Finke03: We haven't heard back from them, but in order for someone to sign into your 1Password.com account, they would need to get all of your account credentials from you -- including the Master Password, which you choose and is stored only in your brain, and the Secret Key, which is a random 128-bit code generated locally on your device during account creation -- which we never have. That's pretty transparent in the white paper, and you can also try it yourself. We receive a lot more messages from people who are locked out of their accounts because they've lost their credentials. Provided you don't give them away, that is a much more likely scenario. Not sure that's unequivocally "good news", but for security it is at least, as no one can get in without those credentials -- including you.

This discussion has been closed.