Level up your business security with free, on-demand training and certification. Explore 1Password Academy today →
Show the requested credential
I'm heavily using 1password now for agentic usage. All of my business is set up on it now, and all of my credentials are locally using op://, or service accounts. I've put in a lot of effort to try and isolate systems using least privilege, but one problem is that when agents (or applications) request a credential from the system, it doesn't say WHAT credential is being requested. Half the time it doesn't even say the correct name for the application making the request, either. This is a big problem, because I'm starting to get into the habit of just spamming "Accept" blindly. But the whole reason I have set up this whole pipeline is so I can catch malicious programs trying to gain access - for example, supply chain attack infections. Without seeing what credential is being requested, and the process information that is requesting it, I'm finding it's not actually adding much protection at all, because it's putting me into a false sense of security and promoting bad habits. If I'm running multiple agents in parallel, which is often the case, it might just say "Terminal requests access to your vault" or something similar. Which terminal is that? What is the underlying entity being requested? What credential? What is the process ID or terminal title, so I can isolate it to a terminal/agent? Etc. I think this is something that urgently needs to be added. Otherwise, as it stands, it's not really offering much protection because users will just go "oh, it's probably just that agent running - I'm sure it's fine" and accept everything. If that agent happened to have installed a malicious npm package, you'd probably catch it too late.
How to customize the suggested item name in the auto-save prompt?
Hello. When a user saves a new login on our site (e.g. app.acme.io), the "Save in 1Password" prompt defaults to a name derived from the domain so we get "Acme" instead of "acme.io". It doesn't match our brand. We've already done what compatible-website-design recommends: brand-name <title>, application-name, apple-mobile-web-app-title, og:site_name, manifest.webmanifest (name / short_name), correct autocomplete attributes. None of these influence the suggested name. Questions: Is there a client-side mechanism (meta tag, well-known endpoint, JSON-LD…) we're missing to declare our brand name for the auto-save prompt? If not, what's the official process to submit a domain + brand name + logo to 1password Rich Icons / website database? Thanks.
Feature Request - Step Up Auth Geo-restrictions
We are starting to have more users working overseas temporarily from locations outside our usual allow list. We'd like a middle ground option to allow these locations but only with an additional authentication factor, or allow them for a small number of users.
Quick Access Touch ID Mini-Blockade on MacBook Used In Desktop Mode
I have a paid 1Password subscription on another computer other than this forum account. I have a feature request to fix a 1Password user-experience inconsistency: 1. The Good Part first: First, let me introduce how I use 1password. Sometimes I enter the master password, but I also have let it use my biometric (Touch ID). Compare the bottom-right corner of these two screenshots: When using with MacBook open, Touch ID logo button shows: When using with MacBook closed (External Monitor), Touch ID logo button disappears: If I open/close MacBook, the bottom-right-corner button changes correctly when I open/close/open/close MacBook. Good, you did it properly in use case #1. This is great, because I can often open MacBook, do the TouchID thing, and close MacBook. I can even initiate by external keyboard (<TAB><TAB><ENTER> to select the TouchID dialog-button, before reaching my thumb over). This is without needing to use a mouse or touchscreen, if it's inconvenient to fully reach over to view my MacBook set aside during external KVM use. I can even use Touch ID without peeking at the MacBook (open lid only by 1-2" only to use Touch ID, tab, tab, enter on my external keyboard, then slip thumb briefly onto the touch ID). So this even works even if I can't currently see the MacBook screen because MacBook is oddly to the side and only slightly opened briefly only for TouchID use. (Due to desktop config with external display/accessories) So I am satisfied with this mode of operation -- It is convenient to Touch ID briefly even with my MacBook mostly closed. The problem arises with Quick Access (use case #2 below): 2. Problem #2: Quick Access Becomes Slow / Browser Autofill Inconvenient If I try to use either (A) Quick Access hotkey while in an external monitor use... or (B) try to use Browser Autofill. suddenly it's less convenient. This dialog appears: Since I'd rather not enter a long password every single time, I open the MacBook slightly, but it doesn't let me use Touch ID if the window is open before I re-open my MacBook (external monitor mode). Does not let me use Touch ID, even though Touch ID is enabled I have to manually re-close the 1Password dialog, then re-open it again in order to use Touch ID! How to reproduce: Use a closed Macbook in desktop mode (Connect to external monitor, keyboard, mouse. ) Use MacBook normally, while using external monitor/keyboard/mouse Now activate 1Password either via either Quick Access or Browser Autofill (same problem) It prompts you for 1password password Open your MacBook lid, intending to access the Touch ID Try to use Touch ID Try to get the dialog to let me use Touch ID It won't work You have to close the 1Password Quick Access dialog, and reopen it, to force it to let me use Touch ID. It's not necessary with the non-Quick-Access window (as seen in Item #1 near top), but necessary with the misnomer of a Quick Access window? And slows down Browser Autofill too. It unexpectedly turns the normal "Open 1Password" faster than "Open Quick Access" or "Autofill", because of this inconsistency during this use. Unlike the main 1Password login (which correctly detects laptop lid open/close properly), the other dialog (Quick Access / Browser Autofill) doesn't detect MacBook lid close/open events. Attention: 1Password Developer Team May someone at 1Password fix this "MacBook being used in desktop mode" usability inconsistency (#1 vs #2)? Bringing #2 into parity with #1, fixing the "Quick" in "Quick Access", and making browser autofill more convenient again.
System Down due to Expired Client Secret
I'm in desperate need of some support here. Our Notion alert that the client secret for our 1Password Entra ID SSO was expiring did not alert like it should have and we are now all locked out. There seems to be no way to bypass and use the emergency kit to update the integration in 1Password. I have opened a support ticket, but it isn't moving fast enough. Is there a way for Administrators to bypass SSO and get back in using the emergency kits that I'm missing?
