1Password chrome extension keeps getting locked because an update is available

This was resolved in one of the last few nightly builds. I'm not encountering this any more.

Hey @laffingleigh, tomstock,

Please can you send over the following so our team can dig deeper and further assist with the issue at hand:

• Save a console log for 1Password in your browser
• How to send a 1Password diagnostics report

Please attach the reports to an email message addressed to support+forum@1password.com with a link to this thread. Thank you!

steph_giles Happening again today. No Chrome update visible, but requiring me to manually enter password.

I've started encountering this issue today, for the first time ever.
1Password for Desktop 8.10.8 NIGHTLY 81008004
1Password for Chrome 2.11.1 BETA 21100100

steph_giles I've attached to this a screenshot that shows the issue. Chrome is not saying an update is required at this time, yet 1Password requires a password each time.

steph_giles @jamesbull has nailed the issue. Restarting Chrome is an ordeal. As an agency many of our customers are providing Google Accounts for our employees. The easiest way to manage these multiple Google Workspace accounts is to use multiple Chrome profiles. Users will frequently keep Chrome open for 3-4 weeks at a time with 5-6 Chrome profiles with 5-6 windows per profile with 20-30 tabs per window (yes, the machines are beefy and people are using tab suspension) and only restart when an OS Chrome when an OS update is pushed.

People even take this a step further by using multiple virtual machines and then facing this problem with multiple instances of Chrome running on virtual machines all on one physical machine... Yes, this is probably not a common use case but you'd be surprised with software devs... Also, it would be almost impossible to measure if people are doing this, it's just going to look like one account being used on many machines...

Additionally, people are using 5-6 1Password instances due to being given accounts on client 1Password instances. This experience has gotten way better so props on that 1Password. Still not there yet though... I'd still like to see an experience like Slack Connect for 1Password to make working with external businesses easier but I imagine that'd be amazingly difficult to do with a secure architecture... And it would lead to a significant reduction in paid user accounts for 1Password. Our employees can basically have 6 accounts, one paid for by us and 5 by clients....

It's still painful using multiple 1Password instances though where those instances have unique passwords, I know 1Password will unlock all instances if they share the same master password and that because of the unique architecture of the 1Password Master Password password reuse doesn't have the same negative implications it does elsewhere... That still breaks most users brains though "oh, don't reuse passwords anywhere, it's really bad... Oh except the most important password you have, your 1Password Master Password, it's fine to reuse that... But remember, only as a Master Password on other 1Password instances...

The irony (whilst technically sound) of 1Password deploying password reuse to solve a UX problem does not seem to have been lost on the community and was thoroughly discussed here: https://1password.community/discussion/comment/608291/#Comment_608291

Realistically one should close out their browser and update it quickly to be as secure as possible. That's best practice. It's just not always realistic if it needs to be done weekly or daily.

The current user experience feels like 1Password is getting opinionated about what people's update habits should be around other apps beyond 1Password. That feels like overreach and and a holier-than-thou attitude. It just leaves a bad taste.

I don't think that's actually what's happening here, I think it is a genuine architecture of the browser extension/desktop app relationship but that won't matter to a user who doesn't care to understand the nuances of the architecture. They just see 1Password having opinions about how up to date their browser is and see functionality being restricted in order to force behaviour change and not monthly or quarterly, sometimes weekly or daily depending on how frequently Chrome updates rollout (which is not to their stated fortnightly schedule btw, that's an aspiration, it usually whenever something urgent needs patching).

Imagine if Chrome started restricting access to Google Products if the browser was out of date and this happened daily or weekly... Yeah nah.

1Password is a critical tool that gets used hundreds of time per day by our users.

Using that power to force people to reboot other applications by restricting access to that tool and doing that multiple times per week (even if unintentionally) feels like negligence at best and abuse of power at worst.

This is part of a broader issue for the tech industry (Google is going to face it with Chrome and their 'traffic light's update system in Chrome) which is that users will revolt if core applications start needing full restarts daily or multiple times per day. There is going to need to be a concerted architecture effort by most applications to enable live patching wherever possible and keep the requirements for full restarts to the absolute bare minimum.

Applications that manage this engineering challenge will inherit the users of applications that choose to prioritise engineering ease over UX.

What I'm saying is that 1Password have made architecture tradeoffs that cause a poor user experience, that's fine but I imagine 1Password is flying close to the sun on this and is getting to the point where they're crossing the line of what they can force users to do... I mean only 1Password have access to user churn data but if I had to guess, this sort of thing would be driving it up.

It feels like a Steve Jobs moment is required where he comes in, says that he doesn't like the way the bounce animation works on iPhone scroll and holds the entire iPhone project until the bounce animation feels just right.

Yeah it's a good damn engineering pain in the backside but it's what makes for iPhone level UX driven success.

If 1Password wants that level of success, keep prioritising the UX. Keep refusing to ship product with a solid engineering solution but a bad UX.

Don't ship until the engineering is genius and the UX is best in class.

There are plenty of other password managers out there...

Don't mess up your USP.

Yes. I've read the thread and understand why it works that way. It still doesn't change the fact that its a terrible user experience.

When you say "frequently", what do you mean by that? Chrome pushes an update every two weeks. That's frequent to me.

Here's my scenario:

I have hundreds of browser tabs open, spread across 12+ browser groups in 12+ browser windows. Restarting Chrome is a time consuming and fragile process, as Chrome doesn't always restore the tabs back properly. Therefore, I delay updating Chrome until I have 30+ minutes in my day to make sure my browser is back the way it needs to be.

Sometimes this means that I delay restarting Chrome. Unknowingly to me, that delay might be only 2 days before another Chrome update gets pushed. Therefore, the frequency of having to restart chrome because of an update, because of 1Password's dependency, could be within days of each other. Again, that's frequent to me, and incredibly disruptive to my day, and to my work.

I would kindly ask that the 1Password dev's explore alternative solutions. It's painful.

Thanks for getting back to me @jamesbull, the reason your password is required is because when this happens the connection between 1Password in your browser and your 1Password app is lost.

This shouldn't be happening frequently though and a simple restart should get things back on track. If this is proving to be really troublesome I'd be happy to take a look to see if there is a deeper issue.

steph_giles I don't think there is anything going "wrong", per se. It's just a crummy user experience that we have to manually enter our 1Password password every time we need a website password once chrome requires an update.

Hey @jamesbull, @laffingleigh, @GabeBrady,

I'm so sorry for the delayed response.

Just so I can try to better understand what may be happening can you let me know are you leaving your Chrome browser open for extended periods of time? As you say a restart improves things it would be good to try and pinpoint exactly when things go wrong.

If you experience the behaviour again can you send over the logs as requested here

Apologies for the disruption!