I recently decided to update the security and privacy settings on my Facebook account. I noticed a "security question" option, where I had to select a question, enter an answer and my password to save it. I selected my question, entered my answer, and hit Cmd-\ to fill my password. I had auto-submit enabled, and since there is no option to manually "fill only" anymore, 1Password CHANGED MY SECURITY QUESTION ANSWER to my email address, filled my password and submitted the form.
For anyone not familiar with Facebook's policy about the security question, it can NEVER BE CHANGED once set. Thanks to 1Password, the answer to my security question is now and forever set to my email address, which is my Facebook login and has absolutely nothing to do with the question. I'm sure you can appreciate that this is not very secure.
Yes, Facebook's security policy is rediculous to begin with, and they should ask for confirmation and display warnings before saving this change. I had no idea when I was doing this that it was irreversible. However, now thanks to 1Password changing a security question answer I had already filled to my email address and offering no easy way to temporarily disable auto-submit, the whole world has a permanent backdoor into my account.