Forum Discussion

New Contributor

2 years ago

CLI GET/EDIT Method Security Concern

When using the 1Password CLI, why does doing a GET or EDIT on an item return the item with the password in plain text? Wouldn't it make sense to add a --response none flag? Even on the front-end U...

CLI

1PassUser39398

New Contributor

2 years ago

Hi David, the use case is fairly simple. One of our vendors changed their apex domain so we now need to iterate through thousands of credentials updating the URL. To my surprise, when the EDIT command is used, the URL is updated, but the entire item is given in the response with the password in plain text. In your document on https://developer.1password.com/docs/cli/reference/management-commands/item page, you state "Caution: Command arguments can be visible to other processes on your machine". If responses are also visible (or logged), whether natively or using malware, the CLI becomes insecure.

Forum Discussion

CLI GET/EDIT Method Security Concern

Recent discussions

1PW extension bug: autofill theme detection fails when using oklch color scheme

Connection reset when `podman login` runs `op`

request: remember application approval for SSH agent

SSH Bookmarks don't support Port Numbers

Feature Request - Access vault from inside docker container