Protect what matters – even after you're gone. Make a plan for your digital legacy today.
1Password deployment on VDI / Citrix environments - best practices and support status?
Hi everyone, We're evaluating 1Password for our organization and need to deploy it in a Citrix Virtual Apps and Desktops environment. I've read through the deployment documentation, but I'd like to get some clarity on a few points from the community or 1Password team. Our scenario: Citrix Virtual Apps and Desktops (mix of persistent and non-persistent VDI) Windows Server-based session hosts User profiles managed via FSLogix / Citrix Profile Management Questions: Non-persistent VDI: What's the recommended approach for non-persistent/pooled desktops where the VM is reset after each session? Is it sufficient to persist the local data folder via FSLogix or Profile Management, or are there additional considerations? Multi-session hosts (RDSH): Is 1Password supported on multi-session Windows Server environments where multiple users share the same server? Are there any known limitations? Browser extension: Does the browser extension work reliably in VDI scenarios, especially when connecting to a locally installed 1Password app on the virtual desktop? Installer choice: The documentation mentions that MSIX is preferred over MSI. Are there specific VDI-related reasons for this recommendation beyond the passkey limitation? Any insights from organizations running 1Password in similar environments would be greatly appreciated. Thanks!
Kolide Custom Checks?
Hi everyone, We have rolled out 1Password XAM and are really liking the Kolide Device checks. However we are running into edge-cases where we need to configure some custom checks and are struggling a bit. For example, we want to allow people with devices owned by other (partner) organisations access to some of our Kolide-protected apps. They have been allowed by their admins to install Kolide but they use a different EDR product that is not covered by the supplied checks. (Ie we use Crowdstrike Falcon, they use Palo Alto Cortex) Has anyone worked out a way to implement this sort of thing? Both in terms of a custom checks for Cortex and an either/or setup for EDR.
HELP! Some of our team member cant access the app within the vault.
I need some help. I’m the admin and password manager, and some team members can’t access the platforms in the vault I shared with them. A few users can log in without issues, but others are getting “incorrect password” errors even though the credentials are correct. I can log in fine on my end, so I’m not sure where the issue is. Because they needed urgent access, we had to share the passwords manually, which defeats the purpose of the vault. I’d really appreciate your help resolving this.Research opportunity: Help shape the future of 1Password + gift card for your time
Hey 1Password community 👋 Our team is running 1:1 research interviews with current 1Password Business customers, and we’d love your insights. We’re especially interested in hearing from folks using the 1Password Enterprise Password Manager (with or without 1Password Device Trust or 1Password SaaS Manager), and who are involved in managing access, identity, and device posture at their company. Our goal with this research is to better understand how access is managed in the real world, especially in places where SSO, IdPs, and MDMs may not reach. Your feedback will directly influence how we evolve our products and features going into 2025. Who we’re looking for: Admins, IT, or Security leads at companies with 500–3,000 employees in North America, Europe, or Australia Decision-makers, or those with hands-on experience managing access tools Current users of 1Password Business and/or Extended Access Management What to expect: A 60-minute live interview Flexible scheduling between August 4th and 15th A $100 gift card from popular retailers as a thank-you We only have 10 slots available, so if you’re interested, please fill out this short screener survey. Thanks for being part of the community, we’re excited to learn from you!
Help with 1Password SSO Unlock Across Multiple Desktops
Hi, I’m looking for some assistance with 1Password in a small office environment (around 45–50 desktops) that runs Hybrid AD. We’ve enabled Unlock with SSO, and it works fine on a user’s first workstation. However, when the same user signs in on another workstation, 1Password prompts them to transfer their encryption key. The challenge is that our users often move between desktops throughout the day depending on their work schedule. This constant key transfer prompt is disruptive. Is there a way to disable this key transfer requirement or a recommended best practice to allow seamless use of SSO across multiple desktops? Thanks in advance for any guidance!
Issue re-instating employee
Hello, We provision 1Password from AD. We had a user resign and return shortly after. We had not wiped their device so we returned it to them. They were removed and re-added to the group we use to control who gets invited and their account and profile look normal on the 1Password admin console. We initiated a recovery which they completed. Upon trying to sign-in they are prompted with the message: This device was deauthorized. You will need to re-enter your Secret Key and sign in again. We have not encountered this before nor can we figure out how to re-authorize the device. The used does not have their original Secret Key.1Password for Windows app keeps requiring encryption key transfer
I have a business account that uses SSO for authentication. I am able to authenticate in the browser just fine and use the browser extension with no issues. When I sign in to the Windows app via SSO, I am asked to transfer the encryption key from my browser. I am able to do this successfully, but I keep having to transfer the key every day or two. Is there a way to prevent the encryption key transfer from happening or to get it to stop repeating?
