1Password Security Model Explained
🧐 About
This 10 minute video reviews the 1Password zero-knowledge security model at both a high-level and a deeper-level to break down the various pieces that make up our security architecture.
You will also learn how the security architecture of users unlocking 1Password with traditional unlock differs slightly from those unlocking with SSO, as well as a quick review of our privacy policy and data hosting.
💡 Highlights
- 1Password has a zero-knowledge security architecture, the foundations of which are end-to-end encryption backed by a two-secret key derivation approach and server-client authentication governed by the secure remote password protocol.
- The security architecture differs slightly between traditional unlock and unlocking with SSO. To learn more about these different unlocking flows please check out Unlocking your 1Password Business Account
- Nothing crackable is stored on our servers and decryption is solely occurring locally on a user's device.
- We nor anyone else has access to your account password and Secret Key.
- Our servers are hosted with AWS, you can choose to host your fully encrypted data on our .us, .ca or .eu servers.
🤓 Video
🗂 Additional Resources
- Unlocking your 1Password Business Account
- About the 1Password security model
- Authentication and encryption in the 1Password security model
- About your 1Password Secret Key
- How PBKDF2 strengthens your 1Password account password
- How to choose a good 1Password account password
- About 1Password Unlock with SSO security
- Unlock with SSO: under the hood blog post
- 1Password in your region
- 1Password Privacy Policy
- 1Password Security whitepaper
📝 Do you have feedback about this content? Suggestions on how to improve this card or video? Please email us at asksolutions@1password.com.