All accounts unlock is not consistent

1Password Team

4 years ago

Hi @chrisjaffe:

We do not recommend using your 1Password account password anywhere else. As I mentioned earlier, we use Secure Remote Protocol to authenticate to the 1Password servers from the 1Password clients. When you enter your account password on my.1Password.com, it is not sent anywhere. The client (your browser with my.1Password.com open), and the 1Password.com servers both arrive at a shared session encryption key. my.1Password.com in your browser and the server both perform some derivation from secrets they already have to arrive at this session key, and neither your account password or Secret Key are sent over the internet during the process. The session key isn't able to be reversed into either your account password or Secret Key.

Jack

Forum Discussion

All accounts unlock is not consistent

Featured discussions

September at 1Password: Browser versions, enhanced security, and new integrations

Recent discussions

Identity and instant messaging: ICQ, Skype, AOL/AIM, Yahoo, MSN

Include variable in identity?

Ongoing Autofill Issues on Android

1Password ssh agent and TOTP auto-fill

TOTP & Security Key MFA