iOS Developers Claim 1Password isn’t Removing Deleted Profile Pictures

fria · November 22, 2025, 8:16pm

The iOS developer and security researcher duo Mysk claims that after deleting their 1Password account, their profile picture was still being stored and remained publicly accessible via a URL.

This is a companion discussion topic for the original entry at https://www.privacyguides.org/news/2025/11/22/1password-stores-profile-pictures-of-user-accounts-even-after-changing-deleting-your-account-according-to-security-researchers-at

jonah · November 22, 2025, 8:23pm

This came across my radar a few days ago and I think it’s a bit of a nothingburger. The long string in the URL is the authentication to access that image. It can’t be stored with the vault data because all the 1Password apps show an account chooser with this data when you’re logged out, and people would want to quickly pick out an account based on this.

This is pretty cringe though

This is a problem I think a lot of software has, where they store all the things you upload in an S3 bucket and very rarely clean up outdated information, because storage is cheap and developers are lazy. This instance should definitely be fixed though

kissu · November 23, 2025, 7:12pm

Unfortunately, this is exactly the issue.

Topic		Replies	Views
Deleted photos appearing on (wiped) iPhone / iPad devices after 17.5 update General	22	1677	May 23, 2024
Apple wasn’t storing deleted iOS photos in iCloud after all General article	7	556	May 24, 2024
Several questions about Discord and Snapchat Questions	8	418	December 31, 2024
Latest iOS update has brought back some pictures I deleted in 2021 General	2	384	May 15, 2024
One-A-Day Account Deletion Challenge Off Topic	4	570	February 20, 2025

iOS Developers Claim 1Password isn’t Removing Deleted Profile Pictures

Related topics