Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Secuvera findings
Hi there,
will you improve the security of your product after the secuvera‘s findings?
Yes, secrets need to be accessible to the processor, but findings say, the secrets of 1P stay there e...
Hello 1Password Team,
today I came across a https://www.secuvera.de/blog/studie-klartextpassworter-in-passwortspeichern/ which highlights a vulnerability in 1Password, classified as CWE-316. According to their findings, certain sensitive information, such as the SecretID, remains in memory even after the application is closed, which could potentially expose this data to unauthorized access.
Could you please provide more details on how 1Password classifies this vulnerability? Is there any ongoing work to address this issue, or are there recommended steps we as users can take to mitigate this risk on our systems?
Best regards,
miggl8
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
