1Password rolls out smarter phishing protection

Technology Jan 22, 2026

1Password just dropped a new browser extension feature to help keep your logins safe from phishing scams.
Now, it blocks autofill if a website's URL doesn't match your saved login and warns you if you try pasting passwords into sketchy fields.
Think of it as an extra set of eyes looking out for you before you enter sensitive info.

How it actually works

Passwords will only autofill on the exact sites where you saved them—helping prevent accidental logins on fake lookalike pages.
Even if there's just one suggestion, 1Password won't fill anything in automatically without your say-so.
For shopping fans, credit card details can still autofill across iframe elements with different origins, and the extension shows a confirmation alert for credit card fills to make buying stuff easy but safe.

Who gets it and how to tweak settings

The update started rolling out today (Jan 22, 2026) and should reach everyone in the next few weeks.
It's on by default for individual and family accounts; businesses can turn it on through admin settings.
If the warnings aren't your thing, you can switch them off under Notifications > "Warn about potential phishing."
Just a reminder: IBM says phishing attacks cost companies an average of $4.8 million each time—so these new guardrails might be worth keeping around.