Browser Extension Risk Clickjacking

This isn't something we've refused to fix — it's something no extension can completely fix on its own. There are partial mitigation approaches out there, but in our research and testing, they can break expected behavior without fully eliminating the risk.

That’s why we’ve focused on safeguards that matter in practice. The 1Password extension already enforces strict domain matching so logins only fill where they belong, and it blocks scripts from tampering with the extension interface. Credit cards have always required a confirmation prompt before filling, and in our latest release we’ve added the option to turn that same protection on for other item types too.

Our goal is to reduce the risk in a way that’s both effective and reliable in everyday use. If you’d like the deep dive, we’ve put together a security advisory and a blog post that walks through the research and the steps we’ve taken.

The steps you’ve already taken are spot on. Enforcing shorter auto-lock times and requiring app updates are exactly the kind of things that help reduce exposure today. On your broader question, we’ve published both a security advisory and a blog post that go deeper into the research and our response.

While users can already turn on confirmation prompts for all item types in their extension settings, we know that’s tough to manage across a whole company. That’s why we’re rolling out a new Business policy that will let admins set those defaults for their team. Timelines will be shared soon, but it’s actively in the works.

It's not that this is something we've chosen not to fix —  but rather that clickjacking is something no extension can completely fix on its own. There are partial mitigation approaches out there, but in our research and testing, they can break expected behavior without fully eliminating the risk.

The 1Password extension already has safeguards in place to protect against real-world risks like this. Logins only fill on the domains they’re saved for, and the extension blocks scripts from tampering with its interface. Credit cards have always required a confirmation prompt before filling, and in our latest release we’ve extended that same protection to other item types as well.

I hear your point about sometimes approving prompts out of habit — that’s exactly why we’ve focused on visibility and control, so autofill only happens when you mean it to. Paired with shorter auto-lock times, it’s another layer that makes clickjacking much harder to exploit.

Thanks for flagging this, and apologies for the delayed response. 😅

Firefox releases can sometimes appear later than other browsers due to Mozilla’s review process. The latest version has been approved since your comment and is live on the Firefox Add-ons site, so you should now be able to update to 8.11.8.40 which includes the fixes mentioned here.

Thanks for the updates.  I wonder why the other password managers implemented a fix, and not 1Password?

Until fixes become available, Tóth recommends that users disable the autofill function in their password managers and only use copy/paste.

BleepingComputer has contacted all vendors who haven’t pushed fixes onto their products yet, and we will update this post with their responses once they reach us.

[Update 8/20 3:20 PM EST] - LastPass and LogMeOnce reached out to BleepingComputer following the publication of this article to explain that they too are working on resolving the issues raised in Tóth's report.

[Update 8/20 3:40 PM EST] - Edited the vendor notification timeline for better accuracy, based on new information received from Socket.

[Update 8/20 4:15 PM EST] - LastPass sent BleepingComputer the following statement:

The vendors that implemented fixes are Dashlane (v6.2531.1 released on August 1), NordPass, ProtonPass, RoboForm, and Keeper (v17.2.0 released in July). However, users should make sure that they're running the latest available versions of the products.

Ah, sorry, I wasn't clear. I was referring to 1Password on my Mac, not on my phone. I tried something as close to what you describe, on my laptop, but did not find anything. 

Still confused, despite your kind attempt to unconfuse me ;^)

Thanks for taking the time to write such a detailed comment bhx​! It’s clear you’ve really thought about both the technical side of this and the practical impact for people who may not be security experts. We share that focus, and your points around defaults, education, and layered defenses are very much in line with the kinds of conversations our teams are having internally.

On the product-hardening side, the research being discussed reviewed a wide range of technical implementations, many of which don’t apply to the 1Password browser extension. Our extension is already built with multiple layers of protection. It prevents other scripts from manipulating the extension interface and enforces strict origin-matching rules that stop unintended iframe autofill and common web-based attacks like many types of XSS.

Because the attack scenario assumes a fully malicious website with complete control over its own scripting and UI, there are limits to what additional preventative measures can achieve. For example, current browser behavior allows Popover APIs to be layered on top of each other, reducing the effectiveness of some proposed alternatives.

To address this risk, we’ve taken a product- and user-focused approach: a confirmation alert makes it clear when autofill occurs. This prompt is especially important for credit card and identity items, which can be autofilled on any webpage or domain. It’s important to note that login items already benefit from extensive safeguards, as they only autofill on domains that match the site saved in 1Password.

We remain committed to strengthening the extension, while also ensuring our protections are practical, reliable, and user-friendly. If you'd like to dig in further, we’ve published both a security advisory and a blog with additional details.

Hi DenalB​ ,

We’ve released a new security advisory that might help explain what data is at risk and what isn’t.

Clickjacking does not expose all your 1Password data or export all your vault contents, and no website can directly access your information without interaction with the browser extension’s autofill element. At most, a malicious or compromised webpage could trick you into autofilling one matching item per click, not everything in your account.

We chose the confirmation approach because we identified that many technical controls to detect and prevent clickjacking attacks come with limitations and can often be bypassed or break expected behavior for legitimate sites, as they don’t address the broader class of attack.

I hope this helps. Please let us know if you have additional questions!

The video you linked is an example of an older iFrame-based vulnerability and, more importantly, does not apply to 1Password. You can see the same video you referenced in the researcher's paper at:

https://marektoth.com/blog/dom-based-extension-clickjacking/#iframe-based

There, the researcher says:

In this research focused on password managers, one of them had this issue.

In December 2023, I reported this clickjacking vulnerability in the NordPass password manager.

Above that quote, the researcher also stated that he was explaining the iFrame-based vulnerability only as background. It was not the subject of the current research:

I will first describe the IFRAME-based variant, which was not the research focus but may be unknown to many people.

Concerning how 1Password is vulnerable to clickjacking, 1P_SimonH​ said:

At most, a malicious or compromised webpage could trick you into autofilling one matching item per click, not everything in your account.

The researcher's conclusion agrees with that:

1 click = attacker gets your credentials incl. TOTP (only for vulnerable domain)

So, Autofill = good, Invisible Auto-submit = bad. "Out of band" confirmation sounds like a good (comprehensive, technical) solution. 

For family and employees who don't care what happens under the covers (or overlays) - i.e. 95% of humanity - but want bullet-roof security: 

1. Enable "Ask before filling" for all three item types in Security,
2. Disable "Sign in automatically after autofill" in Autofill & Save (handles other use cases) 

There are reports that clickjacking also steals passkeys at 1password:
https://thehackernews.com/2025/08/dom-based-extension-clickjacking.html

1P_SimonH​ 

I just installed the new version of the 1Password for Safari extension, which says that "ask before filling" is an option under Settings / Security, but I cannot find that option anywhere.