Enable DNSSEC

1Password domain names are not signed with DNSSEC (at least 1password.com and 1password.eu). Customers are therefore potentially vulnerable to MITM attack. This means that when attempting to access the password manager's online services, an attacker could falsify DNS resolution responses and redirect the client to a fake server.

https://internet.nl/site/my.1password.com/3801661

https://internet.nl/site/my.1password.eu/3801663

In addition to the absence of DNSSEC, these links will inform you that certain best practices are missing from your web server configuration.

1password.com

feature request

Forum Discussion

Enable DNSSEC

Featured discussions

December 2025 at 1Password: More browser options, easier sign-in, and safer saving and filling

Recent discussions

Enable DNSSEC

Autofill doesn't play well with apparent PG&E website change

1Password 6 used to work in Firefox until a few weeks ago

What justifies the huge subscription price increase?

1password dpkg package should stop creating 1password.list