Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Secuvera findings
Hi there,
will you improve the security of your product after the secuvera‘s findings?
Yes, secrets need to be accessible to the processor, but findings say, the secrets of 1P stay there e...
In a recent investigation, security experts from secuvera GmbH have identified a serious vulnerability in various security-relevant applications such as OpenVPN, Bitwarden and 1Password. It leads to confidential information such as passwords or login information remaining in plain text in the process memory even after users have logged out, making it easily accessible to potential attackers. This vulnerability is classified as CWE-316: Cleartext Storage of Sensitive Information in Memory. See: https://www.heise.de/en/news/Serious-flaw-in-critical-applications-Plaintext-passwords-in-process-memory-9830799.html
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
