Level up your business security with free, on-demand training and certification. Explore 1Password Academy today →
Feature Request - Step Up Auth Geo-restrictions
We are starting to have more users working overseas temporarily from locations outside our usual allow list. We'd like a middle ground option to allow these locations but only with an additional authentication factor, or allow them for a small number of users.
Quick Access Touch ID Mini-Blockade on MacBook Used In Desktop Mode
I have a paid 1Password subscription on another computer other than this forum account. I have a feature request to fix a 1Password user-experience inconsistency: 1. The Good Part first: First, let me introduce how I use 1password. Sometimes I enter the master password, but I also have let it use my biometric (Touch ID). Compare the bottom-right corner of these two screenshots: When using with MacBook open, Touch ID logo button shows: When using with MacBook closed (External Monitor), Touch ID logo button disappears: If I open/close MacBook, the bottom-right-corner button changes correctly when I open/close/open/close MacBook. Good, you did it properly in use case #1. This is great, because I can often open MacBook, do the TouchID thing, and close MacBook. I can even initiate by external keyboard (<TAB><TAB><ENTER> to select the TouchID dialog-button, before reaching my thumb over). This is without needing to use a mouse or touchscreen, if it's inconvenient to fully reach over to view my MacBook set aside during external KVM use. I can even use Touch ID without peeking at the MacBook (open lid only by 1-2" only to use Touch ID, tab, tab, enter on my external keyboard, then slip thumb briefly onto the touch ID). So this even works even if I can't currently see the MacBook screen because MacBook is oddly to the side and only slightly opened briefly only for TouchID use. (Due to desktop config with external display/accessories) So I am satisfied with this mode of operation -- It is convenient to Touch ID briefly even with my MacBook mostly closed. The problem arises with Quick Access (use case #2 below): 2. Problem #2: Quick Access Becomes Slow / Browser Autofill Inconvenient If I try to use either (A) Quick Access hotkey while in an external monitor use... or (B) try to use Browser Autofill. suddenly it's less convenient. This dialog appears: Since I'd rather not enter a long password every single time, I open the MacBook slightly, but it doesn't let me use Touch ID if the window is open before I re-open my MacBook (external monitor mode). Does not let me use Touch ID, even though Touch ID is enabled I have to manually re-close the 1Password dialog, then re-open it again in order to use Touch ID! How to reproduce: Use a closed Macbook in desktop mode (Connect to external monitor, keyboard, mouse. ) Use MacBook normally, while using external monitor/keyboard/mouse Now activate 1Password either via either Quick Access or Browser Autofill (same problem) It prompts you for 1password password Open your MacBook lid, intending to access the Touch ID Try to use Touch ID Try to get the dialog to let me use Touch ID It won't work You have to close the 1Password Quick Access dialog, and reopen it, to force it to let me use Touch ID. It's not necessary with the non-Quick-Access window (as seen in Item #1 near top), but necessary with the misnomer of a Quick Access window? And slows down Browser Autofill too. It unexpectedly turns the normal "Open 1Password" faster than "Open Quick Access" or "Autofill", because of this inconsistency during this use. Unlike the main 1Password login (which correctly detects laptop lid open/close properly), the other dialog (Quick Access / Browser Autofill) doesn't detect MacBook lid close/open events. Attention: 1Password Developer Team May someone at 1Password fix this "MacBook being used in desktop mode" usability inconsistency (#1 vs #2)? Bringing #2 into parity with #1, fixing the "Quick" in "Quick Access", and making browser autofill more convenient again.
System Down due to Expired Client Secret
I'm in desperate need of some support here. Our Notion alert that the client secret for our 1Password Entra ID SSO was expiring did not alert like it should have and we are now all locked out. There seems to be no way to bypass and use the emergency kit to update the integration in 1Password. I have opened a support ticket, but it isn't moving fast enough. Is there a way for Administrators to bypass SSO and get back in using the emergency kits that I'm missing?
Remote Linux machine opens GUI
Setup: Linux Machine that I directly connect to when in the office. Has 1Password installed. Works great. ~/.ssh/config file has ``` Host * IdentityAgent ~/.1password/agent.sock ``` Windows Machine that I directly connect to when in the office or working remotely. Has 1Password installed. Works great. C:/Users/Me/.ssh/config file has ``` Host mypc User me HostName mypc.local ForwareAgent yes ``` The OpenSSH Authentication Agent service has been Disabled and Stopped so that my computer is listening to `\\.\pipe\openssh-ssh-agent` Issue: When sshing into the Linux machine from the Windows machine, git does not work. `git pull` when sshed will open the GUI on my Linux machine (I have watched both screens to test this) I want my WINDOWS machine to open its GUI for me to log in. There's no point to remote in if I can't use the Windows 1Password.1Password deployment on VDI / Citrix environments - best practices and support status?
Hi everyone, We're evaluating 1Password for our organization and need to deploy it in a Citrix Virtual Apps and Desktops environment. I've read through the deployment documentation, but I'd like to get some clarity on a few points from the community or 1Password team. Our scenario: Citrix Virtual Apps and Desktops (mix of persistent and non-persistent VDI) Windows Server-based session hosts User profiles managed via FSLogix / Citrix Profile Management Questions: Non-persistent VDI: What's the recommended approach for non-persistent/pooled desktops where the VM is reset after each session? Is it sufficient to persist the local data folder via FSLogix or Profile Management, or are there additional considerations? Multi-session hosts (RDSH): Is 1Password supported on multi-session Windows Server environments where multiple users share the same server? Are there any known limitations? Browser extension: Does the browser extension work reliably in VDI scenarios, especially when connecting to a locally installed 1Password app on the virtual desktop? Installer choice: The documentation mentions that MSIX is preferred over MSI. Are there specific VDI-related reasons for this recommendation beyond the passkey limitation? Any insights from organizations running 1Password in similar environments would be greatly appreciated. Thanks!
Duo SSO Login Issue
I recently setup Duo SSO. I have one user who missed the deadline to sign in before they needed recovery. The issue I'm having is that during that time they had their email change (name change). And I can't move forward with the recovery because their email on 1Password is different from their email in Duo. As far as I can tell they are essentially locked out of their account and I can't figure out a way to change their email in 1Password to make it match. Thanks, -Bryan
Microsoft Entra ID SSO issue
We have recently migrated all our users over to using Microsoft Entra ID SSO. It works fine except every time they close the app or shutdown their computer, it asks them to login using SSO. We have a set of employees who do not always have a connection available. They go from site to site and some basements where they need to go don't have network or wi-fi. When that happens, they are unable to use 1password. Keep in mind that most of the time when they access these places they are escorted by security to go down in the basements and it's wasting their time as well as the security employee. We have it set to ask the Entra password every 7 days. Expected behavior: if I close the app or restart the computer, the token should still be valid. Current behavior: Every time I close the app or restart the computer, I have to login to the microsoft account again.
1Password account switch depending on Chrome profile.
I cannot log in, becouse a coworkers 1password is being pushed even when logged into the browser, as you can see (we have different Chrome profiles). Please help - and she is getting an error when she wants to log in, and tries to fix this, that somebody else is already logged into this computer, even if I sign out! :(
