Speed Decline with 1Password Extension

Fail-Safe

When the 1Password (chrome) extension is installed and enabled, it seems to have a significant negative effect on Orion's rendering speed. Once the 1Password extension is disabled, rendering speed returns to a more respectable level.

Steps to reproduce:

Open MacOS Activity Monitor to the CPU page and sort by the % CPU column (descending)
Disable all extensions in Orion
Visit https://browserbench.org/Speedometer3.1/ and Start Test
While the test is running, note the absence of a "chrome-extension://..." process
Allow test to complete and note the resulting score. For me this ends up being ~ 18.0.
Enable only the 1Password (chrome) extension in Orion
Refresh the Speedometer3.1 page or open a new tab to https://browserbench.org/Speedometer3.1/, and Start Test
While the test is running, note the presence of a "chrome-extension://..." process that is using high CPU (upwards of 100% CPU on my testing)
Allow test to complete and note the resulting score. For me this ends up being ~ 8.0.

1Password extension disabled:

1Password extension enabled:

Ideally, the resulting Speedometer 3.1 test scores would be within a few tenths of a point with the 1Password extension enabled vs. disabled.

Even a point or two in performance loss might be acceptable with the 1Password extension enabled.

As a point of comparison the Brave browser [Version 1.78.97 Chromium: 136.0.7103.93 (Official Build) (arm64)] achieves a score of 27.6 even with the 1Password (chrome) extension installed.

1Password extension enabled in Brave v1.78.97:

Version 0.99.133-beta (WebKit 621.1.2.111.4) Build date April 21, 2025 MacBook Pro (macOS Sequoia 15.5 build 24F74)

Sequoia (15)

robrecord

I have this problem too, exactly as the OP. Very similar Speedometer scores. Latest 1password version. Disabling it gave me my browser back!

ReneB

I have this same problem. On Version 0.99.136.1-rc (WebKit 623.1.8.0.0)

getdustedyun

Yea same issue.

With 1Password enabled all speedometer tests which have input fields (so all the TodoMVC tests) are getting stuck for a bit when the benchmark tries to interact with them, and take a significantly longer time to finish than with 1Password disabled.

And the difference is very noticeable during regular browsing, some pages are really painful to use with 1Password is enabled.

theseanbird

I have this issue as well. In addition, I experience lag when clicking any kind of dropdown menu on any form, but if I disable 1Password extension I have zero lag and Orion is its usual fast self.

Faraz

The issue is that the 1Password extension is optimized for Chrome (which Brave is based on). 1Password for Safari doesn't have this issue, but for some reason 1Password for Safari extension is also incredibly slow when loaded into Orion which is odd since 1Password for Safari is blazing fast.

I'm seeing reductions on speed test from 36 to 14 consistently when enabling 1Password.

theseanbird

Faraz I even tried using the firefox version of 1password instead just out of curiosity and it behaves identically. Same slowdown and lag.

Fail-Safe

I've obviously never seen the source code behind Orion, but I've observed a few things about the interaction between Orion and the 1Password extensions that I'll drop here in case they're of any use.

The 1Password extensions work by inserting a chunk of javascript into every page where there is 1..n <input> elements. There may be other HTML elements or CSS selectors it looks for to know when to "hook" into a page, but I have observed it consistently with pages that contain <input> elements, if nothing else.

I'm going to preface this next section with, "As of the time of this post..."

Curiously enough, the script which 1Password injects into a page with <input> elements is called, aptly so, injected.js. As of the time of writing this, this script is ~ 360 kB in size--a mere 17,260 lines of javascript. 😏

Now, on a typical website, I rarely observe the injected.js script being loaded more than a handful of times. For example, it's only loaded once on Amazon.com, three times on Walmart.com, and twice on Reddit.com. However, the story changes dramatically on a browser benchmarking site like https://browserbench.org/Speedometer3.1. This type of site is meant to stress a browser and push it to atypical limits.

In the case of https://browserbench.org/Speedometer3.1, the script is injected/loaded 201 times in the course of one full benchmark execution (580 steps at the time of writing this). This is due to the nature of the test--the main page is loading dozens of "sub-pages" within the middle of the browser window. Each of those sub-pages may contain 1 or more <input> elements. Thus the 200+ injections of injected.js into the current tab.

But, if you're thinking to yourself, "isn't this true of all browsers? Why would this perform so poorly on Orion?" you're not alone. I don't have any complete answers, just observations. What I can see, though, is that when running the Browserbench.org test in Brave, for instance, it scores quite a bit higher than Orion. However, one difference I see is in the initiator.

In a typical browser, a javascript file load/execution will have an initiator. In the case of Brave, all 201 loads/executions of injected.js are initiated by a script called inject-content-scripts.js. I haven't dug into that script deeply at the moment, and I can't say for certainty whether that is a Brave specific script or something more generic that other browsers also use/execute. But it seems to be the same script (just incrementing VMs?) for each initiation of injected.js.

But in contrast, the 201 loads/executions of injected.js in the same Benchmark.org test in Orion are executed instead by dozens of different initiators.

My hunch is that at the end of the day, some browsers like Brave are using some method of caching the parsed injected.js script and holding it close in memory (via VMs?) so each subsequent execution of the identical script doesn't require a re-parsing and re-interpretation of all ~ 360 kB of the same script in the same tab hundreds of times over. Perhaps this is the current difference between something like Brave and Orion? Again, those close to the Orion source code may laugh and tell me I'm off my rocker. 🙂 But from outside the black box, it's my best [somewhat educated] guesstimation at this point.

In all reality, I'm not sure the speed impact of injected.js is incredibly significant in the course of typical browsing. As I mentioned, it only seems to be loaded a small handful of times even on popular websites. The actual day-to-day impact is likely negligible--unless you're one who runs browser benchmarks on the daily. 😉

I'm not claiming that there are no interactivity issues with 1Password and Orion. Just coming to the realization that synthetic benchmark testing might not be the truest indication of a real "issue" here. Is there opportunity for Orion to optimize here--for sure! Just trying to keep this in perspective, though.

Thanks for reading!

getdustedyun

@Fail-Safe I don't think the speedometer results are being impacted too much by the script being injected many times over and over. There probably is some impact, but it's not the main issue because as you've said, if it was the root cause for the low speedometer results it wouldn't be noticeable during day-to-day browsing, except it is noticeable during regular day-to-day browsing. The issue is that when an input is focused for the first time there's a significant delay before the input is actually focused and can be typed in (all subsequent focuses of the same input are fine), and I wasn't able to reproduce that in any other browser including Safari, so it doesn't seem like a WebKit-specific issue but an Orion-specific one.

One of the more egreggious examples is the comment field in Azure DevOps PRs because it's it's an <input> that is replaced with a <textarea> once focused, so for this input every time is the first time and the delay can be observed repeatedly without a page reload.

This is a gif of the PR comment input in Orion with 1Password enabled - there's a significant delay between the click and the field becoming focused.

This is the same input in Orion with 1Password disabled - no noticeable delay

And finally this is Safari with 1Password enabled - no noticeable delay

theseanbird

getdustedyun Yes!!!!! This is precisely what is driving me mad. It's that discernible lag every time you click a menu or cell in forms (something I do all day). I don't care about the the browserbench as much as I do how it feels to use, and it's this continuous waiting for the lag to catch up that drives me nuts and keeps me using Firefox as my daily driver (which is not a browser known for speed, but even with 1Password extension installed Firefox feels the same as when it's disabled).

getdustedyun

(actually it probably isn't focus specifically since the border changes right away, but the field can't be typed in until after the delay. On kagi.com I get outright beachballs before I can type my search query)

Fail-Safe

getdustedyun

You raise some great points, for sure. My experience has been that browsing in Orion with 1Password enabled has an overall more sluggish feeling to it than other browsers like Brave or Firefox. But, it is not horrendously slow for me.

However, it's entirely possible we are all having different experiences that could potentially be mapped to other "external" factors such as type of Mac (read: CPU model) and RAM size. Could also be different internet connections types, as some have inherently more latency than others.

You mentioned about kagi.com beachballing. I get the momentary lag with the visible beachball. But in my case, it beachballs no longer than a second--which admittedly is still not acceptable because other browsers are not doing the same. But it's not multiple seconds or anything like that.

You've gotten my gears turning on this again, which I very much appreciate. Thank you! 😊 I'm going to see if I can come up with a way to more objective measure the impact across this user-base and see if it leads to any useful results. More to come...

Faraz

The only fair comparison is between Safari and Orion because they're both WebKit*. Safari with 1Password for Safari does not have this performance issue, and you can use the same extension with Orion too. It's the most neutral test.

If Safari can handle Speedtest with 1Password, why can't Orion?

Github is also a bad test because it is well know to perform like trash on WebKit.

*Maybe Orion is just out of date?

Fail-Safe

Faraz

Faraz The only fair comparison is between Safari and Orion because they're both WebKit*.

I see what you're driving at, but the honest truth is that in this day and age, there are no less than a dozen "daily-driver" quality browsers any of us could run toward (other than Orion and Safari).

So if we're talking about strictly comparing objective performance of WebKit based browsers, then I can get onboard with your statement. But I generally have found all WebKit based browsers to be slower than other mainstream alternatives. I wish I could love Safari (and Orion by extension) more, but neither quite measure up to the "pep" of current Chromium-based and Mozilla-based offerings, in my experience.

I think Orion should strive to not just best Safari, but be able to compete with (and hopefully surpass) the other major players. That is the benchmark I would hope is being aimed at.

All that said, I am cooking up a pretty basic "test harness" (not sure what else to call it at this point) that anyone following this thread can pull from GitHub and use to do some objective testing of the impact of 1Password on the UI. Hopefully we can gather some interesting data that could be useful in determining common and contributing factors. 😊

Fail-Safe

Fail-Safe I am cooking up a pretty basic "test harness" (not sure what else to call it at this point) that anyone following this thread can pull from GitHub and use to do some objective testing of the impact of 1Password on the UI.

Here we go:
https://github.com/Fail-Safe/Orion-1P-Troubleshooting

Hopefully the usage is pretty straightforward after a quick review of the README.

And to get the fun kicked off, here's the results of my run through the tests with multiple browsers: Fail-Safe.results.md

If you hit any issues with this test, open a GitHub issue on the project and I'll jump on it. Thanks!

Fail-Safe

@getdustedyun @theseanbird @Faraz @ReneB @robrecord Would you be willing to help test and contribute your results to see if there is any interesting data hiding in the details?

theseanbird

Fail-Safe I would do anything to help make Orion better. I love this browser.

getdustedyun

Fail-Safe Sure, do you want me to post the test results here or should I open a PR in the repo since everything is so nicely formatted down to the filename