Skip to main content
January 27, 2024
Question

Being prompted to enter my account password more often than expected on my Chromebook

  • January 27, 2024
  • 13 replies
  • 599 views

I just migrated to 1Password and I have the impression that I have to unlock it after auto-lock expires. Every 5 hrs I have to enter my long, complex password just to use the browser extension? Am I missing something?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: ChromeOS/Linux
Browser: Chrome

13 replies

PhotoTedAuthor
January 27, 2024

Oops, I missed the settings on the browser extension allowing me to disable auto-lock. Phew. In case some other lost newbie stumbles on this, click the browser extension icon, pick Settings from the menu (icon to the left of New Item). It's under Security.

steph_giles
1Password Employee
January 29, 2024

Hey @PhotoTed,

Thanks for the update. Here is our guide on how to manage your auto lock settings: How to set 1Password to lock automatically.

Let us know if there's anything else we can help with at all.

PhotoTedAuthor
January 31, 2024

A follow up question on this topic.

While I have figured out the browser extension settings are different than the site settings, I now have the impression that I still have to log into the extension every time I restart the browser. Assuming I'm right (and I do have a bad track record on that), that feels excessive and something that users should be allowed to control themselves. For me, I WFH, live alone, so my systems will never be physically compromised - and even if they were, I would likely have already signed on, so that layer is useless.

So, did I miss something else again???

steph_giles
1Password Employee
February 1, 2024

Hi @PhotoTed,

This is indeed the case if you are only using 1Password in the browser.

If you install the 1Password desktop app alongside 1Password in the browser they will share the lock state of one another and you will have a few more options when it comes to 1Password auto locking such as 1Password not locking when you close your browser.

You can install the 1Password app from here: Get the 1Password apps.

Let us know how you get on!

PhotoTedAuthor
February 1, 2024

Not so well.

I installed the Android app on my Chromebook. The only Autolock option I found under Password was for times. The Device opened Settings for a lock screen, but I had no options there. So far, everytime I restart the PC, I am having to enter the password again.

1Password Employee
February 1, 2024

Hey @PhotoTed, thank you for your reply. I appreciate the additional details about your device.

1Password for Android, including for a Chromebook, doesn't link via shared lock state to 1Password in the browser as would be the case with 1Password for Mac, Windows or Linux.

For some context, the 1Password extension doesn't have a secure place to store your account password (encrypted) on the Chromebook. For example, on Apple devices that have a Secure Enclave, the passwords can be saved on the device encrypted and the 1Password app can be unlocked via biometrics. Without a secure place, the password would be stored unencrypted on the disk which would not be secure.

So, it's expected that you're required to unlock the 1Password extension after restarting your computer.

While I’m not aware of how the current experience on the Chromebook can be improved, I’ve shared your feedback regarding auto-lock with our product team and they’ll look into the situation further to see if any improvements can be made in the future.

I hope that helps.

ref:38103789

PhotoTedAuthor
February 1, 2024

Ouch. ChromeOS is a primary OS for me. The thought of being forced to enter the password that frequently is a concern for me, maybe a deal breaker :-(.

I'm not saying I would go down that path but would a YubiKey improve my experience? If so, to what degree? I've not used one before. Would just leaving it in the USB port of my Chromebook work or do I have to do other actions, fingerprint, NFC, etc. Would the cheapest ($25) YubiKey solve the problem?

PhotoTedAuthor
February 2, 2024

Thanks Evon. Since your response I did have questions about YubiKeys, although I did install the 1Password app on my Linux box and that does seem to be working any better for me. It seems when I restart that system, I still have to provide the 1Password account password when the 1Password app starts.

I am getting the impression that no matter what, if I restart a computer, running any OS, I have to enter the 1Password account password.

1Password Employee
February 2, 2024

Hey @PhotoTed, I apologize for the delay in response.

Adding a Yubikey to your 1Password account adds an extra layer of security when you're authenticating your account for the first time on a new device. It does not replace having to enter your Account Password to unlock the 1Password extension or the 1Password desktop app.

if I restart a computer, running any OS, I have to enter the 1Password account password.

Yes, that is correct. Every time the computer is restarted, you're required to either enter your account password unless biometrics are enabled on a device with a Secure Enclave or a Trusted Platforms Module. However, a Yubikey can be configured on your Linux device to use for https://support.1password.com/system-authentication-linux/#use-system-authentication. Once that's set up, the 1Password for Linux app should authenticate through that after initially unlocking with the account password at system startup.

That being said, I understand the usefulness of the ability to unlock 1Password for Linux using a fingerprint after a Linux device restarts. Therefore, I've filed an feature request regarding this functionally with our product team for further consideration.

Additionally if you're interested, here are more details on our lock implementation for 1Password on Linux -> https://support.1password.com/system-authentication-linux-security/#your-1password-account-password-is-secured-by-the-system-authentication-service.

I hope that helps!

-Evon

ref:38126900

PhotoTedAuthor
February 3, 2024

I'm passing on 1password for the moment, although I do appreciate the support from Evon and Steph.

If you are curious about my reasoning:

First and foremost needing to log into 1Password on every reboot is too much for me. I have some understanding of security, encryption, storing in memory vs. disk and see the reason for it - it's probably a more secure option. Still, I wish there was a way to make that less onerous.

Second, I found the UI of all the different access points so different as to be confusing. Accessing from the web site, vs. the Android app vs. the Linux app vs. the Chrome extension. Maybe I'm getting old and too easy to confuse but found that frustrating.