undefined | Better HN

0 pointsjavagram6y ago0 comments

Yep! 1password is great. I do use their cloud sync service with all the apps, I just don’t ever use the website or the browser extensions to limit my exposure.

0 comments

AGKyle6y ago

Note that the browser extension actually does limit your exposure quite a bit. You make trade offs here.

For instance, if you aren't using the browser extensions, how are you getting your password to the browser to sign in? Copying and pasting? It's possible for any app on your system to read the clipboard.

Drag and drop should be a better alternative there, as we now support that in 1Password 7.

The extension though uses either Safari App Extension (for Safari, obviously) or Native Messaging Host (Firefox and Chrome browsers) and aren't susceptible to clipboard type snooping.

The browser extensions also only present items that match the website you're on. This helps a lot in phishing attempts.

So, yea, you could not use the browser extensions but you're going to have to trust that YOU always do the right thing.

Note again that 1Password does not "auto fill" like other password managers, where simply visiting the site fills the data in. You always have to explicitly ask 1Password to fill into the page.

Just some insight anyway.

Kyle

1Password

javagramOP6y ago

Thanks Kyle. I do appreciate your response! And the tip about drag-and-drop, I may make use of that :)

j / k navigate · click thread line to collapse