1Password has introduced a new anti-phishing feature in its browser extension that aims to protect users from handing their passwords to fraudulent websites, according to multiple reports. Previously, the password manager would simply refuse to autofill credentials on sites whose URLs did not match saved logins. The latest update goes a step further by displaying a real-time warning pop-up when users try to paste their login details on an unfamiliar website, prompting them to pause and verify the site’s legitimacy before continuing. This simple interruption is designed to disrupt a common phishing tactic that relies on users inadvertently pasting credentials into deceptive pages.
The feature starts rolling out immediately and can be enabled in the 1Password browser extension’s settings under Notifications. It is turned on by default for individual and family plan users, and administrators can activate it for business teams through the admin console.
According to 1Password, phishing attacks have grown more sophisticated, with scammers using AI and other tools to create convincing fake login pages. By blocking autofill and adding a cautionary warning on manual pastes, the new protection adds an extra layer of defense against credential theft without significantly slowing legitimate logins.
