This includes anything from a rogue employee of 1Password to, as you might've guessed, a breach of 1Password's servers in which encrypted data is leaked. Your Secret Key is meant to protect you from us and anything that might happen on our end. It's also generated on the client side (meaning it's created on your computer, not ours) so we never know what it is. It's strong, random, and unique to each 1Password account that's created. And unlike an account password, the Secret Key is not guessable. Rather, your Secret Key, much like your account password, contributes to the encryption of your data. In fact, it's not an authentication-based tool at all. On the Secret Key: it's not a form of two-factor authentication. I'm glad you asked! I've been hoping for a Secret Key + 2FA thread that I could reply to and refer to in the future.
0 kommentar(er)
