Skip to main content
dgkimpton
September 20, 2025
Solved

Super secure items

  • September 20, 2025
  • 5 replies
  • 397 views

I have, basically, access to my entire life in 1password now and it's making me a bit twitchy. Is there a way to add a second layer of passwords to some items?

I.e I would love if I could ve required to enter a second, different, password to access my bank details, credit cards, and passport. This would mean that even if my master password became know at least my most important details would still be safe.

Even better if I could set these items up to require that password on every access rather than just once per session. Some things are worth that extra layer of confirmation. 

Best answer by prakharaug

Hey @dgkimpton 
For this, I generally use salting with a 4-character salting key that only I know. When saving banking or highly sensitive passwords, I add these characters after 1Password auto-fills the saved password. I’ve also added a tag to identify which passwords require this salting key. This way, even if someone gains access to my 1Password account, they still won’t be able to log in due to the additional salting key.

5 replies

September 20, 2025

I like this idea. It’s somewhat like the iOS hidden folder. You could requires certain items to either use a biometric or a physical Fido key to access, raising the level of security for just those most important items .

AJCxZ0
September 20, 2025

I think this could only work in the threat scenario you describe is if these super secure items were encrypted separately from the rest of the data. This would involve another layer of key management, export/import difficulty, recovery options, support costs, etc.

The other scenario is unauthorised access to the unlocked Vault, e.g. on the unattended desktop or mobile device during the interval before it automatically locks. This is where there might be some value to being prompted again for the master password.
One approach would be to have more than one category of Vault, with a type of Vault which can be searched, but unlocking only provides one-time access to only a single item.
This is something which would be much easier and less costly to implement than another layer of encryption (especially since I'm not doing the work).

September 20, 2025

Hey @dgkimpton 
For this, I generally use salting with a 4-character salting key that only I know. When saving banking or highly sensitive passwords, I add these characters after 1Password auto-fills the saved password. I’ve also added a tag to identify which passwords require this salting key. This way, even if someone gains access to my 1Password account, they still won’t be able to log in due to the additional salting key.

dgkimpton
dgkimptonAuthor
October 3, 2025

This is probably the best acheivable at the moment indeed. I think I might well implement this, thanks for the suggestion!

December 5, 2025

Also consider that this could be even more secure with multiple suffixes. For example one suffix for financial sites and another for social media sites. There are many other ways to tweak this approach to further enhance security.

1P_Dave
1Password Employee
September 22, 2025

Hello @dgkimpton! 👋

Thank you for the feedback! 1Password is designed to offer the same level of encryption-backed protection for all of the items that you store in 1Password. There aren't different security levels for different items since we want all items to be protected using the same high level of security without having to require users to configure additional options. And, unlike other services that you might use, 1Password uses encryption in addition to authentication to protect your data: Authentication and encryption in the 1Password security model

Your data is protected using both your account password and Secret Key. Even if your account password was compromised, an attacker would need your Secret Key to access your account on a new device: About your Secret Key

That being said, I've filed a feature request on your behalf. Our product team will consider your request for future versions of 1Password. 

-Dave

PB-50873578

dgkimpton
dgkimptonAuthor
October 3, 2025

Hi Dave,

Thanks - that matches my current understanding but I was looking for little something extra specifically for the situation when my main device (mobile) is taken whilst logged in - obviously if I've already unlocked my device and 1Password (or my master password was known) then everything is immediately compromised. Whereas, if I can protect a few really important items with an additional password layer which is only ever unlocked for a few seconds it would really reduce my risk factor during device theft. It would, admittedly, be annoying to use but for things like access to savings accounts it would be very comforting.

cheers!

March 24, 2026

This is a great feature request and it seems even more essential now with emerging AI tools like Claude Dispatch and OpenClaw. When you have an AI agent offering to take over your computer and complete tasks for you, it would be really useful if I could create a sub-vault (or just mark the item directly) in 1password so that it requires TouchId or some equivalent biometric validation (with a 5 minute timeout or something) even when 1password is "unlocked".

Whether it's an AI agent or an admin assistant using your computer, there are certain categories of secrets that require extra protection, but they're only about 1% of all of my logins. Thanks