Failed login attempts

Hello dhalonen​! 👋

Thanks for the feedback! 1Password works a bit differently from other services you might use, since the information you store is protected with encryption, not just authentication. When you use the 1Password app, it keeps an offline cached copy of your encrypted data on your device. This means that even if you set a limit on the number of sign-in attempts, someone with access to your device could still try to perform an offline brute-force attack on that encrypted cache.

When it comes to online brute-force attacks, 1Password is designed to prevent them. To sign in on a new device, both your account password and Secret Key are required. Together, these provide over 128 bits of entropy, making a brute-force attack practically impossible.

If your organization uses SSO (Single Sign-On) to unlock 1Password, as Tom mentioned, many identity providers allow you to set sign-in attempt limits on their end, and those same restrictions would apply when accessing 1Password.

That being said, our team is always listening to how we can make 1Password better for organizations that use it. The "Login Attempts Exceeded" value in the Activity Log is a placeholder for now. I've shared your post with our team internally so that they're aware that you'd like to see such a feature be added to 1Password in the future. 

For the time being, the sign-in attempts report is the best option to monitor failed sign-ins. You can configure reporting and even notifications by using the 1Password Events API to send your 1Password account activity to your security information and event management (SIEM) system:

• Monitor sign-in attempts in 1Password Business
• Get started with 1Password Events Reporting

-Dave

PB-51862291