It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Support vs. Community
Many posts here are folks looking for or needing 1Password Support, or following up to an insufficiently prompt email response from Support, where there is little or nothing the Community can do to help or learn. Staff usually quickly respond to get the poster engaged with Support and close the thread to prevent crossing the streams, which is of course the right thing to do... except when the poster describes a problem or behaviour which others might encounter. In this case folks searching for the same or similar experience might find [Commentary of the efficacy of the search function omitted] the post, but no solution or useful commentary. For cases such as these, re-opening the thread and encouraging the poster to follow up with their results after receiving support would share the useful results, save folks from disappointment, providing solutions, and no doubt save 1Password billions in support costs. The timing and co-ordination is left as an exercise for staff.
Can't post on forums most of the time!
Getting any of these error banners on the SAME attempt to post: "Something went wrong, try again" – what are we sup[posed to do with this??? "HTML included that's not allowed" – nothing in the post is weird, just using tools in forum tool bar! "You've exceeded number of posts, try later" – returned later and one of the above banners appears instead! Whatever I do doesn't work!Internal Server Error
Received the error Internal Server Error Something went wrong Go to community home in response to posting a reply, which appears to have posted successfully. Since this is a 500 error, I won't waste anyone's time with irrelevant client details. Posting this for others to find if they experience the same, not so much to get the server fixed. Please excuse me, as I now need to head out and find a local community home.
FYI got error messages repeatedly when trying to reset password
I got a second email about joining the new 1Password community, and I heeded it this time, but I was pretty quickly regretting it. First, my old password didn't work. Then, when I tried to reset it, I was getting error messages. I'm only here because the error messages inexplicably stopped. Could your server be overly taxed? (Asking this rhetorically, as I doubt I'll try to login again in a while)
Password at registration may contain username
When registering for an account here, the restrictions on passwords are 15 to 25 characters No part of the username however pasting nothing but the username, Bob, gets a check ✔️. I suspect that the validation code fails to understand character encoding. It's a tricky subject.
Game Over Scenarios - What To Do in Breach
Hi, Going through some paranoia I’ve been running through some “what if” scenarios about 1Password and figuring out: How stressed I should be in each case What to actually do if it happens Here’s my current thinking — would love feedback: Category 1 – Vault Not Compromised Examples: Someone steals 1Password’s servers but not my Secret Key or master password My phone/laptop is stolen but locked with a strong passcode and biometrics Stress: Low Actions: Unlink stolen devices (only helpful if they are online) Remote wipe if possible No urgent password changes — maybe rotate some over time for peace of mind Category 2 – Vault Potentially Compromised Examples: Malware on my device (could capture my master password next time I unlock vault) Device stolen and unlocked. I thinking something like a phone snatch. Weak device password that could be guessed Stress: Medium–High Actions: Stop using compromised device Change vault master password + Secret Key Immediately change Tier 1 account passwords (email, bank, primary cloud logins) Rotate other accounts over time Category 3 – Vault Definitely Compromised Examples: Attacker knows both master password + Secret Key They have an export or backup of my vault data Stress: High Actions: Immediately change Tier 1 account passwords first Then Tier 2 (social media, messaging, secondary financial) Then the rest Closing thoughts: Avoid malware — it’s one of the few scenarios no password manager can save you from Device theft is more common, but if the vault is locked and your passcode is strong, you’re probably fine. Would you remote wipe straight away or wait to see ifs handed in? The “$5 wrench” attack… well, not much to do there Keep a list of Tier 1 accounts handy for emergencies so you know what to change first Offline-only vault on a USB stick could be more secure, but a lot more inconvenient — I only access password in a secure location. If I'm on the road and no one at home to give me a password, then what. Would appreciate some input to get over the paranoia haha
