Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Introduction thread!
I am actually checking if there's any introduction posts (or even a existing introduction thread) here in the community forums, but since there's none I'll do it myself. To get started, I'll introduce myself first to break the ice. I'm Andrei Jiroh Halili, a college student and Autistic from the Philippines! You might see me at 1Password Developers public Slack workspace as a developer tools user and https://github.com/1password/for-open-source user for https://github.com/1Password/for-open-source/issues/1064 (disclosure: https://hackclub.com/fiscal-sponsorship), but I also occasionally write things at https://blog.andreijiroh.dev.
Game Over Scenarios - What To Do in Breach
Hi, Going through some paranoia I’ve been running through some “what if” scenarios about 1Password and figuring out: How stressed I should be in each case What to actually do if it happens Here’s my current thinking — would love feedback: Category 1 – Vault Not Compromised Examples: Someone steals 1Password’s servers but not my Secret Key or master password My phone/laptop is stolen but locked with a strong passcode and biometrics Stress: Low Actions: Unlink stolen devices (only helpful if they are online) Remote wipe if possible No urgent password changes — maybe rotate some over time for peace of mind Category 2 – Vault Potentially Compromised Examples: Malware on my device (could capture my master password next time I unlock vault) Device stolen and unlocked. I thinking something like a phone snatch. Weak device password that could be guessed Stress: Medium–High Actions: Stop using compromised device Change vault master password + Secret Key Immediately change Tier 1 account passwords (email, bank, primary cloud logins) Rotate other accounts over time Category 3 – Vault Definitely Compromised Examples: Attacker knows both master password + Secret Key They have an export or backup of my vault data Stress: High Actions: Immediately change Tier 1 account passwords first Then Tier 2 (social media, messaging, secondary financial) Then the rest Closing thoughts: Avoid malware — it’s one of the few scenarios no password manager can save you from Device theft is more common, but if the vault is locked and your passcode is strong, you’re probably fine. Would you remote wipe straight away or wait to see ifs handed in? The “$5 wrench” attack… well, not much to do there Keep a list of Tier 1 accounts handy for emergencies so you know what to change first Offline-only vault on a USB stick could be more secure, but a lot more inconvenient — I only access password in a secure location. If I'm on the road and no one at home to give me a password, then what. Would appreciate some input to get over the paranoia haha
Missing Markdown
Please add the missing support for any of the Markdown which is not rendered: # Heading 1 to ###### Heading 6 **Bold** _Italic_ > Block quote 1. ordered list - unordered list `code` Rule --- [Markdown Cheat Sheet](https://www.markdownguide.org/cheat-sheet/) link | Table | Table | ``` code block ``` Footnote[^1] [^1]: This is the footnote Term : Definition of the term ~~strikethrough~~ - [x] task list item - [ ] task list item :smile: emoji ==highlight== H~2~O subscipt πr^2^ superscipt PS. Please also provide an option to not use the WYSI(almost)WYG editor including the ability to preview a post.
1Password's 20th Anniversary
Congrats Dave, Sarah, Roustem and Team on 1Password's 20th Anniversary. You've come a Long Way from your early days! I remember it. As a long time 1Password user myself. I've asked before, years back. Could there be a Lifetime Membership for 1Password? There wasn't ever a Definite answer as I recall, but I thought I would try again this year being your 20th Anniversary. I may have seen something similar on Twitter before (lost the link), no answers from there from email. Thanks for the memories.1Password branded security keys
OptimaX 's question about MFA referenced FIDO/WebAuthN/U2F security keys as one of the two methods which currently work for 1Password and the guide references two well-known brands suggested something like this: While I don't expect 1Password to open a manufacturing facility capable of producing their own engineered product line, or know what white label options exist in the current market, I would purchase this. The product image was created by OpenAI's Sora based on my prompts to ChatGPT based on Yubico Security Key Series and current 1Password logo. I've included the obvious wrongness because every subsequent effort was worse, but not as bad as the efforts by Gemini, Claude and Grok. Imagine one of them with a USB-C connector and another as NFC only.Be a part of Random but Memorable's 150th episode!
1Password’s Random but Memorable podcast is celebrating its 150th episode! We’re marking this exciting milestone with a special episode. To do that, we want to hear from you! We’re looking for Community members and RbM fans to share a brief audio recording (2 minutes max) that answers one of the following questions: How has 1Password helped you in your personal life? What's your favorite 1Password tip that other people should know about ? What do you love about Random but Memorable? What's been your favorite Random but Memorable episode? Send your audio file to podcast@1password.com and it might be included in the episode! The audio doesn’t need to be studio quality, but record in a quiet space if possible. Let us know in your email if you would be happy for us to use your Community username, or if you would like to remain anonymous. Please send your recordings in by 12am (ET) on May 28th. Thanks all, we look forward to hearing your answers!
1Password asking for permission to sell our data
One of the reasons I have been using 1Password for more than a decade (approaching two!) now is because of trust. For example, on your about page right now you post this message, which I like: Your private information is yours, and we don't sell it or give it away. Wherever possible, we don't even collect it. Yay. That's good, right? So why when I visit your website am I asked to give you permission to sell my data, unless I take explicit action to opt out of that?Thanks for the memory!
In the process of typing things here - I've inadvertently closed the browser where I was typing 😱 I was resigned to having to type it all over again - but I was pleasantly surprised to find that when I migrate back to where I was, what I had previously typed was miraculously put back in there!🙌 Thanks so much for doing that! I think there's lots of other forums and online places where it's just GONE.
