Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Support for immutable linux (Bazzite, etc)
1password is rough to use on immutable fedora (Bazzite, Aurora, etc), since flatpak doesn't let 1password communicate with browser, use SSH, or fingerprint scanner. I'm not fully sure what solution would be since AppImage is depreciated. Maybe flatpak permissions config that would let 1password talk to browser?
1password dpkg package should stop creating 1password.list
When installing the 1password .deb file, the post-install script automatically creates a file at /etc/apt/sources.list.d/1password.list. This is irritating and is bad behaviour. Point one: the user did not ask for this file to be created. If you're going to create it, at least ask users if they want it. Point two: I create and manage my sources files centrally; I do this for my personal systems, and I've always done this when I'm managing a fleet of computers. I create names that make sense to me and have the correct details. Unfortunately, every time I update 1password it re-creates `1password.list` and then apt breaks because I now have two files pointing at the same apt repository - yours and mine. Point three: I use the new deb822 .sources file format, because this allows me to keep the Apt configuration and the GPG key in the same file, meaning I only have one file to manage. This makes it easier to manage things centrally, and helps keep from scattering GPG keys all over the servers. 1password needs to either: Just stop doing it (give people instructions like every other website does) Make it optional via e.g. a debconf setting (which the application could theoretically have a UI for, even, if you wanted to get crazy with it) Make the file part of the actual package contents so that admins can dpkg-divert it In the meantime, I created a symlink pointing 1password.list to /dev/null; apt still complains about it but at least nothing breaks.
1Password from AUR does not integrate with Librewolf
Hey there, for a while I’ve been having issues with the 1Password browser extension, I use Librewolf from package manager (not flatpak or anything) and 1Password Desktop from AUR. Have done https://support.1password.com/additional-browsers/?linux#connect-an-additional-browser-to-1password, but the browser app still cannot connect with the desktop app, meaning I can’t use system auth to log into websites, instead having to input the master password into the extension every time. $ cat /etc/1password/custom_allowed_browsers librewolf $ stat /etc/1password/custom_allowed_browsers File: /etc/1password/custom_allowed_browsers Size: 10 Blocks: 8 IO Block: 4096 regular file Device: 0,30 Inode: 4864266 Links: 1 Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2025-08-04 19:31:07.164831572 -0300 Modify: 2025-08-04 19:31:19.444947905 -0300 Change: 2025-08-04 19:31:32.486071500 -0300 Birth: 2025-08-04 19:31:07.164831572 -0300 I’ve contacted support a while back and after some debugging they couldn’t narrow it down, it seems like a Cachy-specific issue. Regular Firefox does integrate fine, just Librewolf is stuck. I've already tried linking Librewolf's native-messaging-hosts folder to Firefox's, with no luck.
Feature Request: 1Password on Flathub
Since the recent https://1password.community/discussion/comment/615214/#Comment_615214 would be, time to publish 1Password on https://flathub.org/home. Flathub is the best known Flatpak package store, so it would be a good idea to public 1Password on it, and it is easier to find Flatpak apps directly from it, since users expect most Flatpak apps to be there. Here is the guide on how to publish on Flathub: https://github.com/flathub/flathub/wiki/App-Submission 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided
Remote Linux machine opens GUI
Setup: Linux Machine that I directly connect to when in the office. Has 1Password installed. Works great. ~/.ssh/config file has ``` Host * IdentityAgent ~/.1password/agent.sock ``` Windows Machine that I directly connect to when in the office or working remotely. Has 1Password installed. Works great. C:/Users/Me/.ssh/config file has ``` Host mypc User me HostName mypc.local ForwareAgent yes ``` The OpenSSH Authentication Agent service has been Disabled and Stopped so that my computer is listening to `\\.\pipe\openssh-ssh-agent` Issue: When sshing into the Linux machine from the Windows machine, git does not work. `git pull` when sshed will open the GUI on my Linux machine (I have watched both screens to test this) I want my WINDOWS machine to open its GUI for me to log in. There's no point to remote in if I can't use the Windows 1Password.
1password input focus lag with lots of inputs
I'm running into an issue where 1password seems to significantly slow down interaction with the webpage I'm working on. There's a ton of input fields of which most are hidden, I cannot lower the amount of inputs, in fact I have to increase the amount of inputs due to how the system works. Every time I click on an input, the focus is delayed by ~200ms or so. The next time I select the same input field it's instant. 1password seems to do something that slows down the focus event. I made a performance recording in firefox. I selected 3 inputs and after the 3rd on selected the same 3 in the same order with no slowdown. I've tried adding data-1p-ignore and autocomplete="off" but it didn't solve anything.February 2026 at 1Password: Benchmarking AI security & helping developers access secrets everywhere
February was all about AI agent security and developer workflows. From benchmarking model behavior to expanding programmatic access in 1Password Environments and SDK authentication, we continued strengthening how teams build and secure with 1Password. In case you missed it An ongoing conversation on OpenClaw and AI agents OpenClaw exploded in popularity this month, sparking curiosity across AI and tech circles. In short, OpenClaw is an AI agent that runs locally and performs personal assistant-style tasks such as managing your calendar, checking your email, or prioritizing tasks in your GitHub repository. From making reservations to building custom integrations, users have been quick to push the boundaries of OpenClaw. But with the excitement has also come concern. Agent gateways, such as OpenClaw, have access to the systems where they’re installed, making them a prime target for malicious actors. Since the beginning of the year, we’ve already seen skills that secretly instruct AI agents to deliver malware. As the use of tools like OpenClaw expands, it’s increasingly important to understand how to use them securely, and where the potential threats lie. Interested in the whole story? Our VP of Product, Jason Meller, has penned two recent write-ups on the topic: It’s incredible. It’s terrifying. It’s OpenClaw From magic to malware: How OpenClaw's agent skills become an attack surface Security Comprehension and Awareness Measure benchmark You might know how to spot and avoid phishing attacks, but can AI agents navigate the same scenarios? In our testing, even the most capable AI models were susceptible to common phishing strategies. As AI agents take on more tasks for us, and begin to act like employees, how they handle phishing is becoming a significant security concern. That’s why we built the Security Comprehension and Awareness Measure (SCAM). It’s a benchmark that tests how AI models handle phishing attacks when performing tasks like scanning your inbox or filling credentials. Security Comprehension and Awareness Measure (SCAM) Demo Alongside the benchmark, we also created a security skill. that serves as a phishing crash course for AI models. Introducing this skill improved the likelihood that each model we tested would detect and avoid a phishing test by as much as 59.9%. Programmatic access to 1Password Environments beta and desktop SDK authentication general access Building on last year’s introduction of 1Password Environments, we’re now adding programmatic read-only access. This release allows you to programmatically fetch secrets via CLI and SDKs when those secrets are needed, and only for the time that they are needed. Secure your secrets at runtime with the 1Password CLI and Environments With many thanks to our developer community for testing and feedback, we’re also introducing an update to 1Password SDKs. SDK integrations can now authenticate through the 1Password desktop app with a biometric, or password prompt. This supports workflows such as vault management, vault permissions, and batch item operations. Secure your desktop apps with 1Password SDKs Read the full launch post Evolving our partner ecosystem The 1Password Partner Program enables MSPs and other partners to help their customers adopt the familiar security solutions we provide. This program includes access to sales and technical training, as well as go-to-market resources to support onboarding and growth. We’re now focusing on simplicity, transparency, and consistency to best serve our mutual customers, and help partners scale their businesses. If you’re interested in becoming a partner, or learning more about the program you can read more in our blog post, or check out our partner program site. Random but Memorable February marks the start of a new season for Random but Memorable, our award-winning cybersecurity podcast! In this month’s episodes you can learn about practical security for the people you care about most, as well as guiding children to securely adopt AI tools. How security professionals actually protect their own families AI security tips for modern families with Childnet Release note highlights 1Password in the Browser 1Password items are now immediately cleared from the browser extension when a user is suspended. We’ve fixed an issue where 1Password could get stuck in a loop of repeatedly unlocking in Safari. We now correctly detect GitHub redirect URLs in the “Sign in with” flow. We’ve fixed an issue where 1Password could unexpectedly reload on a new tab in Firefox. Mac, Windows, and Linux We’ve fixed an issue where a prompt to turn on two-factor authentication couldn’t be selected. We’ve fixed an issue where the multi-factor authentication prompt could be missing when trying to unlock the app. We’ve added a new developer setting to enable SDK integrations, so you can authenticate SDKs with authorization prompts from the 1Password desktop app. If you load an empty .env file in Developer > Environments, it will now show a message saying no variables were found. [Windows only]: 1Password now supports a wider set of custom trusted browsers. [Windows only]: We’ve fixed an issue where the Windows Hello prompt could appear behind other windows or seem unresponsive. [Linux only]: We’ve updated our Flatpak Freedesktop dependencies to version 25.08. iOS, and Android [iOS only]: We’ve fixed an issue where Secure Note text would be cut off. [iOS only]: We’ve fixed an issue where exporting through Credential Exchange could fail for items with empty or incomplete website addresses. [iOS only]: We’ve fixed an issue where fields were intermittently visible when switching apps on iOS 26 if “Lock on Exit” was set to “Immediately”. [iOS only]: When a file attachment preview screen is dismissed in search results, it no longer re-appears automatically.
