1Password has unveiled a new phishing protection tool designed to safeguard users from malicious websites. This feature compares the URL of the site you're visiting with the URL stored in your 1Password vault. If there's a mismatch, 1Password will not autofill your credentials and will display a warning if you attempt to paste them. (support.1password.com)
Phishing attacks, which often involve deceptive websites designed to steal sensitive information, can lead to significant financial losses and identity theft. By implementing this tool, 1Password aims to provide an additional layer of security against such threats. (support.1password.com)
The phishing protection feature is being rolled out in phases, starting on January 20, 2026. It will be enabled by default for all individual and family plans. Administrators of 1Password for Business can activate enhanced phishing protection for employees through the Authentication Policies in the 1Password admin console. (support.1password.com)
This initiative comes in response to the increasing prevalence of phishing attacks targeting users of password managers. In August 2025, a clickjacking vulnerability was discovered that could expose autofill data across major password manager extensions, including 1Password. This vulnerability highlighted the need for enhanced security measures to protect user data. (techradar.com)
For more information on this new feature and additional tips on avoiding phishing scams, visit 1Password's official support page. (support.1password.com)