Forum Discussion

New Contributor

10 months ago

1Password Extension Hijack

I recently watched a video (see link below) where an unassuming Chrome extension could mimic the 1Password extension. It temporarily disabled the extension, changed its appearance to look like 1Passw...

browser extension

keithm1p

New Contributor

10 months ago

Yup, watched that YT video on this as well. I can't help to think that this is just sneaky enough to fool even experienced users. While I don't think I've seen this before with 1P, new versions of other extensions do sometimes force a clearing of cached credentials, logout, and prompt you enter them again.

I don't use Chromium-based browsers, but many do. We shouldn't be so quick to dismiss as to "Not 1P's problem" though. The browser plug-in ecosystem is where 1P lives --- that's where it's useful, and without that, I probably wouldn't be a subscriber. If there are adjacent risks, or threats within that same system, it would be foolhardy to not at least investigate and remediate. And maybe 1P has already looked into it -- and would be interested as well to hear what's being done.

Forum Discussion

1Password Extension Hijack

Featured discussions

December 2025 at 1Password: More browser options, easier sign-in, and safer saving and filling

Recent discussions

The Advanced setting "Release channel" is not respected

Biometrics Broken On Android

Safari extension doesn't work on Safari Technology Preview?

FaceID works on iPhone, but I can’t login on iPad because I forgot my Password. How to recover?

Which App Store has 1Password?