rss.livelink.threads-in-node

Feature Request: 1Pasword MSP Share Items to "Managed Companies"

ITKW — Thu, 18 Jun 2026 11:07:09 GMT

I requested support about sharing vault items with my managed companies. Support advised me it is not possible. I would like to suggest it as a new enhancement to the MSP product.

As an MSP, I have vault for each of my clients with all of their technical information.
Many items in my MSP client vaults have passwords the client end users need day-to-day (WiFi, Printer Access, Door Codes, etc.).
I would like to have the ability to SHARE specific Items in my MSP Vaults with specific users in my Managed Companies (or at least to a "shared Vault" in the Managed Company so the users can have access).
This would eliminated the burdensome and error-prone process of updating 2 complete separate company vaults - and eliminate the high probability the overlapping data will be not maintained properly. Manual duplication/sync is never a good idea.
Specific items would have to have the ability to share (without expiration) to the client end user to specific end users in my "Managed Companies" groups. I would not want to share the entire client MSP vault to the "Managed Company" clients, as some items in the vaults are "administrative level" passwords.
It would also be good if I can select if the item can be shared as "view only" or "editable", as some password for computer user access I would like the end user to update if they change their password.
There is little advantage to me as an MSP to have "Managed Companies" if I cannot share data from the MSP level vaults to the "Managed Companies".

Thank you and I look forward to the further developments in the MSP area.

Start 1Password

schweiwi — Thu, 18 Jun 2026 09:02:53 GMT

Hello

Since yesterday, I’ve had to enter my master password every time I launch 1Password. That can’t be right 😒

Windows 11 25H2 (Build 26200.8655)
Firefox browser extension, version 151.

Until now, I would launch 1Password either in the browser or on the desktop.And then Windows Hello would pop up. Unfortunately, that no longer happens.

I’d appreciate some help.
Best regards
schweiwi

MacOS Feedback - Inconsistent Surfacing of Expiration Notification for Date Fields

adamlogan — Wed, 17 Jun 2026 22:42:05 GMT

I'm not sure if this is just a MacOS Desktop App issue. It could apply to other platforms as well, I only have access to MacOS and Android platforms. I am sure this is happening on MacOS though. I would appreciate it if expiration/notification dates for date fields were reliable about appearing when creating new date fields.

At first this feature was really confusing, but now that the date formatting has improved some (still needs more flexibility on choosing date format though) I find this feature incredibly useful and would prefer to get push notifications via 1Password rather than having to use my task manager to remind me when expirations are coming up for credentials and other time-limited documents or objects stored in 1password.

The Firefox Extension does not let me login from the icon on the web site login fields anymore

WoofGrrrr — Wed, 17 Jun 2026 18:50:12 GMT

This used to work until recently. It DOES still work with the Chrome extension. But I don't use Chrome because I do NOT want Google to track my every move.

Device-encrypted caching for op - fewer round-trips, no unlock prompt storms

theo — Wed, 17 Jun 2026 16:15:24 GMT

I’m one of the creators of varlock. We build free and open source tools for secrets and configuration, including plugins for all the popular providers including 1Password. Since op CLI latency and repeated unlock prompts are two recurring pain points in this forum, I wanted to share something we just shipped specifically for 1Password users - and for ourselves, since we are 1Password users too!

While varlock already adds validation and many other DX improvements on top of 1Password, we've now added a built-in cache that sits in front of op calls, so repeated secret loads don't keep hitting remote servers. There are already a few lightweight op cache wrappers out there, and while they help with speed, they generally give up op's session-scoped biometric unlock, and could leave plaintext secrets available in memory. We wanted the speed without sacrificing security.

As an added bonus, our own “session” logic is a bit more flexible than op’s, and helps reduce spurious unlock prompts in cases where it feels unexpected - like parallel reads in turborepo, and non-TTY uses like claude/codex desktop apps.

How it works

Varlock loads secrets from a declarative .env.schema via its 1Password plugin. It supports both traditional vaults and the newer Environments. The plugin writes values to a secure cache, and subsequent reads will use the cache instead of extra roundtrips to 1Pass servers.

On the first read, you’ll see the 1Password prompt (if using local desktop app auth via the CLI). The next read (which hits the cache) will show the varlock prompt. After that, no more prompts (in that session) until any of - call `varlock lock`, machine locks/sleeps, or inactivity timeout. If you'd rather not use Desktop app auth, you can use a service account token, and varlock will you encrypt and secure that too.

The cache encrypts values at rest, keyed to your device (Secure Enclave + Touch ID on mac, Windows Hello / DPAPI on Windows, TPM2 on Linux). No plaintext secrets left lying around. If no hardware backend is available, it stays in-memory only for that run rather than writing plaintext to disk.

This isn't a replacement for op - it's built on top of the CLI/sdk and 1Password stays the source of truth. We'd genuinely love feedback, especially from anyone who knows op's internals well. Happy to answer anything here.

---
An example .env.schema - caching is enabled by the cacheTtl option

# @defaultSensitive=false @defaultRequired=infer # @plugin(@varlock/1password-plugin) # Uses OP_TOKEN in CI/deployed envs, othewise use local app auth # @initOp(token=$OP_TOKEN, allowAppAuth=true, cacheTtl=1h) # --- # 1Password service account token. Set directly in CI/deployed env # @type=opServiceAccountToken @sensitive OP_TOKEN= # @sensitive XYZ_API_KEY=op("op://acmecorp-ci-secrets/xyz/api-key") XYZ_ACCOUNT_NAME=acmecorp # non-sensitive config can be hardcoded # ...

Watchtower export automation

Parker — Wed, 17 Jun 2026 14:12:59 GMT

Hi everyone,

I'm looking for advice on automating the Business Watchtower report export, and if there's no current solution, I'd like this to serve as a feature request for the 1Password team.

The use case:

We run a recurring internal security awareness campaign where each employee receives a personalised report of their vault's Watchtower score. The data source is the Business Watchtower CSV export (the one available under Reports for owners/Security group members), which contains per-vault metrics:

Vault · Vault Type · Total Items · Issues · Compromised Websites · Vulnerable Passwords · Reused Passwords · Weak Passwords · Unsecured Websites · Two-Factor Authentication · Expiring Items · Items In Wrong Account

The problem:

Right now the only way to get this file is a manual click in the web UI. We need this automated on a schedule.

What I've already ruled out:

Browser automation (Playwright/Puppeteer): Fragile — any UI change silently breaks the pipeline, and storing admin credentials for a headless browser is a security concern in itself.
-Reconstructing the report via `op` CLI + service account: Technically possible for some columns, but requires fetching and locally evaluating every item across every vault. For an organisation of our size this would take hours per run — and replicating the breach/weak-password logic exactly as 1Password computes it is non-trivial.
Events API:*Covers audit logs and item usage, not Watchtower security scores.

What I'm looking for

A current method I've missed — perhaps an undocumented endpoint, a `op` CLI flag, or a Reports API that exposes this data.
Confirmation that this isn't possible today, so this can be logged as a feature request.

Feature request (if it doesn't exist)

A `op report watchtower --format=json` command, or a REST endpoint under the existing API surface, that returns the same per-vault Watchtower summary that the UI export produces. A service account with read access to all vaults would be the natural auth mechanism.

This would be a significant quality-of-life improvement for security teams running automated reporting or compliance workflows. Happy to provide more detail on the use case if helpful for prioritisation.

Thanks in advance!

1Password Mac 7.9.11 and iOS 7.10.2 stopped syncing data

aostapchuk — Wed, 17 Jun 2026 06:32:58 GMT

Hello!

Today or yesterday 1Password Mac 7.9.11 and iOS 7.10.2 stopped syncing data.

Windows: 7.9.836 - still working.

Is this the final end for 1Password 7?

Cannot use 1P for passkeys in Google OICD login flow

killpack — Wed, 17 Jun 2026 05:58:21 GMT

This is a tricky one to explain but I've run into this problem a couple of times. I did not take any screenshots and subsequent repro attempts have failed because my login hits a fast path and I don't see any web UI.

My Google Account has a passkey on it. When a particular Mac App (NetNewsWire) opens a browser window to initiate a Google Account login, the window has no UI other than the location bar. This is important.

When I get to the screen in the GA login flow where it asks for my passkey it gives me two options to source my passkey from, neither of which allow me to pick 1P. And because there is no other browser UI in the pop-up window, there is no 1P extension icon to interact with. I tried using the 1P Quick Access app but it didn't register what was happening. I have to use another login method (secure code, backup code etc) to successfully complete the login flow. It is a process of trial-and-error and I'm concerned my activity looks suspicious and will result in an account lockout.

Does anyone have suggestions on how to fix this?

Paste without Paste? Fake Keyboard Input.

sschluntz — Tue, 16 Jun 2026 23:11:50 GMT

There are situations where paste is unavailable. I run into it often with virtual consoles and remote keyboard/monitor/mouse adapters. The interface doesn't support copy/paste into or out of the UI. I understand the lack of copy, often the UI is a graphical representation of a screen and not actual text. But the lack of paste causes issues, especially with complex passwords and short timeouts.

Would it be possible for 1Password to pretend to be a human interface device, or just perform an text entry on behalf of the user? Something like "type the password for me in 10 seconds" or "in 5 second types the username, enter, the password, and enter" long enough so I can change windows and then let 1Password type for me?

1P fingerprint log in didn't work with unlock Android with face

Shin — Tue, 16 Jun 2026 14:33:59 GMT

Hello team,

I started 1P trial yesterday on my Intel Mac and Android. The features are much more than expected and everything looks great except 1P fingerprint log in on Android. From my observations through several attempts, it looks like 1P fingerprint won't work when Android has been unlocked with face.

Expected: 1P fingerprint log in works regardless Android unlock methods
Observed: 1P fingerprint works only when Android has been unlocked with fingerprint

Unlock Android with fingerprint → OK: 1P fingerprint

Unlock Android with fingerprint
(Login 1P with password; for the first time only)
Lock 1P → Login 1P with fingerprint → Success
Close all apps → Login 1P with fingerprint → Success
1P fingerprint login continues working as far as I unlock Android only with fingerprint

Unlock Android with face→ FAIL: 1P fingerprint

Unlock Android with face
Login 1P with fingerprint → "That didn't work. Please try again." (after 1-2 sec)
Click "Fingerprint icon" (right-side) → Only screen flashes
Forced login 1P with password
Lock 1P → Password only (no more fingerprint icon)
Close all apps → Open 1P → Password only

It's interesting that I can still recover 1P fingerprint by unlocking Android with fingerprint, then start 1P (i.e. restarting from the beginning of OK above).

Ref. 1P Security Settings

Unlock biometrics/device passcode/device: All ON
Require account password: Never
Lock when device locks: OFF
Auto-lock on exit: Never

For the reference, my symptom is similar to the one reported for Xiaomi in the other thread and I tried the Recommendation by 1P_Timothy twice but the issue still persists. My phone is running Android 16 on Sharp AQUOS R8 Pro (model: SH-R80P) and I'm happy to send diagnostics upon a request.

Thanks,

Shin

Drop your questions in the Random but Memorable mailbag! 🎙️

1P_Blake — Tue, 16 Jun 2026 13:51:54 GMT

Hey everyone 👋

We're putting together a special episode of Random but Memorable, our award-winning podcast, and we'd love for you to be part of it.

Got a question about cybersecurity, privacy, passwords, or passkeys? Leave it in the comments below and we may answer it on the podcast!

Whether you're just getting started with online security or you've been in the space for years, we want to hear what you're curious about.

Note: Product questions are welcome, but please send any bug reports to our support team so they get the right attention. We’re aiming to keep things here focused on general cybersecurity or best practices!

Thanks for being a part of the 1Password community. We're excited to dig into your questions on the show!

"Welcome to 1Password" repeating pop-up

micmitch — Tue, 16 Jun 2026 13:49:32 GMT

I'm seeing the issue with repeated "Welcome to 1Password" pop up.

I'm on the latest version of MacOS and checked to make sure I have the latest version of the Safari browser extension.

Anything I can do to stop it?

Feature request: Search and sort by domain

toddclare — Tue, 16 Jun 2026 13:41:26 GMT

I've just run the mother of all imports as we start off with 1Password Familes (from LastPass). For every member of my family, I've imported from LastPass, their phones with some entries before LastPass, their laptops (also with some entries before lastpass), paper notes, etc. It's a mess.

Duplicate entries in Watchtower is great, but browsing around I see 1Password support telling folks to manually deal with "almost" duplicates. What would be amazingly helpful would be the ability to sort or search "all items" or whatever view by the domain name inside the item. So I could get all the "google.com" items at least physically near each other in the list to try to triage them. Wildcard search would be a very nice add.

The power and security of 1Password seems great, but I'm surprised at the pretty obvious user centered features like these that are missing... 🤨

How to remove Apple Passwords

Fazant — Tue, 16 Jun 2026 07:14:21 GMT

I enabled Apple Passwords and even removed 1Password. That was a bad decision! So I reinstalled 1Password, however Apple Passwords stays active and is just a nuisance. How can I turn it off, so I get back to the old 1Passwords only?

Family Subscription Count Exceeded

Jeds — Tue, 16 Jun 2026 04:08:02 GMT

Hi,

Did anyone have this problem?
Any fixes or how to get Support to get interested and fix this for me?

I have a family subscription allowing up to 5 Logins. Originally I setup 4 accounts and then deleted 3 of them to change the email address (I didn't realise I could change email for an existing acct) ...

After deleting the old logins, the system now thinks I have used those licenses and so I can't add the entire family back in with their new email addresses.

Obviously 1Password back-end doesn't update when old logins are deleted. Not sure how to fix this other than buy an entire new subscription and export everything out and re-import to the new subscription.

Hoping someone knows some fix for this situation?
Thanks

Printing records as a PDF 8.12.22

swanvestas — Mon, 15 Jun 2026 19:43:58 GMT

Is this possible? The CSV file is really difficult for a layman to work with, especially as a printed document kept in a Safe Deposit Box for Legacy access.

Feature Request - Email code autofill

michaeljcallahan — Mon, 15 Jun 2026 17:25:18 GMT

If you've used an iPhone you've probably seen when you receive a 2FA SMS the iPhone keyboard will give you to option to fill the code without having to navigate to your texts.

It would be nice if 1Password had a gmail/email connector that behaved similarly. SMS filling would be great too but I imagine iPhone wouldn't allow that (not sure about Android).

Feature Request: Watchtower filter multi-select

brian163 — Mon, 15 Jun 2026 16:04:13 GMT

When you go into Watchtower and select a category, the resulting list has a pull down menu of categories that acts like a filter.

It would be really helpful to make this menu multi-select. For example, I want to identify all of my passwords that have Weak passwords AND have Passkeys available.

As it stands, you have to pick one option and then parse through every credential in that category to find any other condition which just seems unnecessary. 1P can clearly identify all of these conditions at the same time.

Linking URL from entry

Gerard — Mon, 15 Jun 2026 11:27:58 GMT

I still cannot figure out how 1Password determines which login to show in the login fields.

I have quite a number of similar websites I need to login to which all have a little distinction. When I want to login to a site I see a number of possible logins, but often the’re not close to what should represent the actual login.

3 hours to find the solution to install on new phone!

incantata — Sun, 14 Jun 2026 22:19:44 GMT

Yes, I have 1 password on my computer and an old Android phone. I knew all of the info asked for: email, security key, password ... but no matter how I tried to set it up on the new phone, whether by scanning a QR code or entering the details manually, I kept getting the message "no passkeys found". I had no idea what it was looking for. Finally I went to Gemini to ask how to proceed. There I was told to go to my web account and remove all passkeys and 2-factor login info. After I did that I was finally able to install and use 1password on my new phone. However, there was no help or instructions on the help menu and I did not remember setting up Windows Hello passkey. So buyer beware! I'm now thinking of moving to a new password manager.