Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Forum Discussion
Q re not filling passwords in private tabs
I am not sure if I want to use 1password in private tabs or not. The explanation that if I do, websites will be able to see my browsing history is something I am not sure about.
Is this a Security issue or just a privacy issue?
What is the real world danger of having 1password work in private tabs?
I'm looking for examples of what bad things could happen. I prefer to use private tabs sometimes simply so my browser does not record them, but I use Brave which is very privacy oriented, and also I use Nord VPN so I am wondering if it is really important for me not to use 1password in private tabs on Brave...?
I have brave set to clear cache and history on closing as well... So
a) do I really need to use Private tabs, and
b) do I really need to not use 1password when I do?
Thanks for enlightening me on this. I'd like to use 1password on private tabs but do not want to be less secure.
8 Replies
- 1P_Dave
Moderator
Hello jim2525! 👋
Thanks for the question! Private browser tabs are designed to prevent your browser from storing information about what websites you visit in the browser's local history (or synced your browser's cloud account). They also keep your browsing separate from your main browser profile so that if you're signed into a website in your normal profile, you won't be signed-in in a private tab.
The explanation that if I do, websites will be able to see my browsing history is something I am not sure about.
In general, websites are not able to see your browsing history. However they can use different methods to track you and private tabs (depending on the browser) can offer more protection against tracking if desired. I recommend that you reach out to the developer of your browser for more specific advice regarding private browser tabs.
Regarding 1Password specifically, are you referring to use the 1Password browser extension in a desktop browser? Or are you talking specifically about using 1Password on your Android device?
-Dave
I am talking specifically about using one password on Android AND the computer.
I guess the question really is, Since the settings of 1password have an option to not use it in private tabs, Why does it have that option?
Why would one NOT want to use it in private tabs?
- 1P_Dave
Since the settings of 1password have an option to not use it in private tabs, Why does it have that option?
Thanks for the reply. Just so that I can make sure that we're on the same page, can you post a screenshot of the setting that you're referring to from both your Android device and your desktop computer?
I look forward to hearing from you.
-Dave
The risk of sharing data and functionality between a browser profile and a Private or Incognito session is that it compromises the isolation of the session. This is of course a matter of degree in much the same way that a Private or Incognito session only provides a degree of privacy and security.
A full or even a thorough consideration of privacy and security in this context would be way too much, too complex, and in the wrong place. Even a suitably narrow consideration of a specific use case with an understand of the user's security and privacy concerns is surprisingly complex.
The same goes for choices of browsers, VPNs, platforms, and the almost uncountable ways they can be configured and used.With all that said (or avoided being said), enable the 1Password extension in Private or Incognito sessions. It will make filling in those fields and authenticating so much easier than copying and pasting them all, or giving up in the case of passkeys. The chance of this change alone exposing you to some serious compromise of your privacy or security is very small - mostly consisting of the risk of you unintentionally filling fields with data which you didn't intend.
Not sure I understood your reasons but it sounds like you know what you're talking about. ;-)
That said, I'm hoping others will chime in so I can get a consensus of opinion.I hope so too, as I'm pretty sure that Bronzed Export is some medieval torture which 1P_Blake has planned for me.
You're taking several steps which significantly improve the privacy and security of your (primary, general purpose, main, ...) browser use.
One important detail which you don't mention is the separation of different use categories into separate profiles. Your financial session cookies aren't going to be exfiltrated when you click on the wrong thing when you only ever use your Moneybags profile for banking etc. As a bonus, you can have more locked down settings and fewer, more trusted, extensions in that profile. This can also tie into making good and safe use of Portable Web Apps (PWA).
