Level up your business security with free, on-demand training and certification. Explore 1Password Academy today →
Feature Feedback: UI Overlap Issue & More Flexible Secret Sharing Controls
Dear 1Password Team, I would like to share several feedback points regarding usability and flexibility within the 1Password Windows desktop application and its secret sharing feature. First, I noticed a UI issue in the Windows desktop app where the "New Item" button appears overlapped by the window’s minimize control. This creates a confusing visual layout and may affect usability, particularly when navigating quickly. It would be helpful if this overlap could be reviewed and adjusted to ensure consistent spacing and clarity across window sizes or display scaling settings. Second, regarding the secret sharing feature, I would appreciate more flexibility in configuring expiration and viewing limitations: * Custom link expiration duration Currently, the available options for "Link expires after" are limited to fixed presets (1 hour, 1 day, 7 days, 14 days, 30 days). In practical scenarios, more granular control would be very useful — for example: - 30 minutes - 90 minutes - 21 days - any custom duration defined by the user While this may seem like a small enhancement, it would significantly improve usability in real-world workflows where precise timing matters. * Custom number of allowed views At present, the viewing limitation only allows either: - unlimited views - or exactly 1 view It would be very helpful if users could specify custom limits (e.g., 2 views, 3 views, 5 views, etc.), especially when sharing secrets with small teams or temporary collaborators. * Selective field sharing Another improvement that would greatly enhance security flexibility is the ability to choose which fields within an item are shared. For example, in my case, I may want to share GitLab credentials (username and password) but exclude attached files such as recovery codes. Currently, sharing an item also shares all attachments, which may expose sensitive backup data unintentionally. Overall, these enhancements would improve both usability and security control, especially for users who rely on 1Password for professional workflows and credential sharing. Thank you for continuously improving the product, and I hope these suggestions are helpful for future updates. Best regards,
New item is "dumb" when a specific item type is specified
I'm not sure if I missed a settings option, that's always possible, but I find strange that if I select APIs or Software License, and other as a filter, when I click the New item button, I have to go through the whole selection of item type before I get to populating it; this is suboptimal when the item type is in the "Show more" section. I'd expect that the type selection informs what item gets created, that'd be optimal, or if the items shown could be based on recency, so the selection would be easier, less optimal (one more click) but better than the current situation (2 clicks). What do you guys think?
id.me uses nonstandard TOTP URL scheme?
I am setting up an account with id.me and 1Password is unable to set up TOTP codes. 1P provides the following error upon scanning the TOTP setup code: "the one-time password URL is incorrect: the scheme is invalid." When I check the TOTP setup URL for id.me, it does not follow the format of: otpauth://totp/... Instead, id.me provides a path that looks like this: https://account.id.me/mobile/generator/... I've tried scanning the QR code into 1P with the browser plugin and my phone, and the same error message keeps appearing. I keep my software up to date... not running old versions of 1P. Also, I have an existing account with id.me and I'm able to use 1Password to provide TOTP codes to complete logins. And that entry uses the otpauth://totp/ URL scheme. Has anyone else encountered this issue with recent setups of TOTP for id.me using 1P?
Feature Request: Allow Users to Set a Default Vault and Hide Other Vaults Until Explicitly Enabled
Hello 1Password Team, I would like to request a feature that would significantly improve privacy, organization, and usability for users who maintain multiple vaults. Current Behavior Every time I open 1Password for Mac or the browser extension (Firefox, Safari, Chrome, etc.), I am presented with: All Accounts All vaults listed beneath it For example: All Accounts Personal Vault Work Vault Family Vault Private Vault Even when I primarily use only one vault, all vaults remain visible and accessible from the interface. Requested Feature Please allow users to: 1. Choose a Default Vault Select a specific vault that becomes the default view whenever 1Password launches. For example: Open directly to "Personal Vault" Search only within that vault by default Autofill and suggestions prioritize that vault 2. Completely Hide Selected Vaults Allow users to hide vaults from the interface until they are intentionally re-enabled. Hidden vaults would: Not appear in the sidebar Not appear in search results Not appear in autofill suggestions Not appear under "All Accounts" Remain securely stored and available when manually re-enabled Think of it as a "vault visibility" or "vault privacy mode." Why This Matters Privacy During Screen Sharing Many people share their screens during: Zoom meetings Microsoft Teams meetings Google Meet calls Presentations Technical support sessions Even seeing the names of vaults can reveal personal information, projects, clients, or sensitive activities. Separation of Identities Many users maintain separate vaults for: Personal life Family Work Consulting clients Volunteer organizations Side businesses Sensitive projects Often only one of these vaults is needed on a daily basis. Reduced Risk of Accidental Autofill Users may want credentials from only one vault available by default. This helps prevent: Filling the wrong account Using work credentials on personal sites Accidentally exposing accounts that are rarely used Cleaner Interface Users with many vaults can experience unnecessary clutter. A focused view: Reduces distractions Simplifies navigation Improves search relevance Makes 1Password feel faster and more intentional Better for Shared and Family Accounts Some users participate in family or team accounts but only access certain vaults occasionally. Those vaults do not need to be visible every day. Example Use Case Imagine a user with: Daily Vault Family Vault Business Vault Client Vaults Sensitive Archive Vault The user may spend 95% of their time in the Daily Vault. With this feature: 1Password launches directly into Daily Vault Only Daily Vault is visible Other vaults remain hidden When needed, the user can temporarily enable another vault This creates a cleaner, safer, and more focused experience. Summary A combination of: Default Vault Selection Hidden Vaults / Vault Visibility Controls would provide substantial improvements for privacy, organization, security workflows, and overall user experience. Thank you for considering this feature request.Adding Software License drag'n'drop
Was there a regression or is it no longer possible to create a new software license by dragging the app from /Applications to 1Password and then just entering the license information? I remember that was possible, now when doing drag and drop 1Password emits an error message. Should we submit a suggestion to get that feature back? Cheers, Chris
Creating masked email issues
Tonight I wanted to sign up for two new services, TopCashBack and ExpressVPN. On neither of these websites did 1Password for Windows 8.12.22 (81222017) ask me if I wanted to create a mask email. I had to stop twice and go to Fastmail WebUI login and create a mask email myself. This getting frustrating in that this is not the first time that this has happened. On prior occasions I just used my regular email because I could not be bothered to go through this procedure. There is no easy way of creating a masked email in 1Password and it has been requested numerous times, apparently.
Show the requested credential
I'm heavily using 1password now for agentic usage. All of my business is set up on it now, and all of my credentials are locally using op://, or service accounts. I've put in a lot of effort to try and isolate systems using least privilege, but one problem is that when agents (or applications) request a credential from the system, it doesn't say WHAT credential is being requested. Half the time it doesn't even say the correct name for the application making the request, either. This is a big problem, because I'm starting to get into the habit of just spamming "Accept" blindly. But the whole reason I have set up this whole pipeline is so I can catch malicious programs trying to gain access - for example, supply chain attack infections. Without seeing what credential is being requested, and the process information that is requesting it, I'm finding it's not actually adding much protection at all, because it's putting me into a false sense of security and promoting bad habits. If I'm running multiple agents in parallel, which is often the case, it might just say "Terminal requests access to your vault" or something similar. Which terminal is that? What is the underlying entity being requested? What credential? What is the process ID or terminal title, so I can isolate it to a terminal/agent? Etc. I think this is something that urgently needs to be added. Otherwise, as it stands, it's not really offering much protection because users will just go "oh, it's probably just that agent running - I'm sure it's fine" and accept everything. If that agent happened to have installed a malicious npm package, you'd probably catch it too late.I Generate my 1pw Password by misstake
I am facing a issue accessing my personal account. By mistake, I changed my account password using the password generator inside the app, which logged me out of all devices. Currently, I do not have the new password or the recovery code, but I do have my Secret Key and my Emergency Kit. This account contains all of my important email and service passwords, so losing access is a major problem. Could you please advise me on the official steps I can take to restore access, or confirm if there are any recovery options available given that I have the Emergency Kit and Secret Key? I’ve tried every possible method, but unfortunately I still can’t access my 1Password account. I don’t have the Recovery Code, and I logged out of my phone because it was asking for the new password that was generated through your app and saved inside it — which I can no longer access. I’m fine with deleting the account. However, I want to keep the subscription I already paid for on my old account and have it transferred to the new one after deletion. Thank you very much for your support.
