Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Follow-up from 1Password article on Clawdbot/OpenClaw
hello there, Long-time 1Password customer here. Product is so good there was NO NEED for me to join this forum. I would argue it still is, and this discussion/question is more to understand how to use 1Password with OpenClaw or any AI agent in general. https://1password.com/blog/its-openclaw here mentioned about; a dedicated Mac mini with its own email address and its own 1Password account Any guide/pointer on how can I follow to set up the "its own 1Password account"? I have to figure out how to create own email address for Mac Mini (I already have an M1 Mac Mini from way back sitting idle). Thank you
CLI Slow Performance
I have the 1Password desktop app installed and up to date on my macBook Pro, the `op` CLI is also installed, up to date, and working properly. All expected CLI queries work but they are surprisingly slow. After a bunch of trial and error, it seems that it is making a round-trip online as part of every single CLI query. I added the --debug flag and I can see cache hits, but the round trip online is still occurring. Disabling the network interface causes all queries to fail. Is it possible to get the 1Password CLI working fully offline to avoid all of this unnecessary round-trip business? Surely with the desktop app installed and CLI integration turned on, there has to be a way to make efficient (and offline) use of my 1Password vaults. Otherwise automation tasks that require secrets are simply too cumbersome to handle with 1Password, and I will require a secondary solution. And in that case, I may as well give up on 1Password.1password locks within 10 seconds on High Performance or Dynamic resolution screen share on macOS
As the subject notes, I've noticed 1password locks itself within about 10 seconds regardless of what I've set the auto-lock setting to. This makes copying and grabbing passwords, otp codes etc very difficult as I need to do it within 10 seconds of opening 1password. This has been happening for quite some time (6+ months at least) when I run screen shares with a remote macOS host via the screen share app using High Performance or Dynamic Resolution. The issue does not occur if I change from High Performance to standard in the macOS screen share app. High Performance is useful as it adjusts the remote display to match the display I'm using on my local machine. Which makes needing to switch back to standard - not ideal. The remote machine display does not scale nicely if in standard screen share type mode. I was wondering if anyone else has seen this issue? Remote Mac is running MacOS 15.6.1 1password ver. 8.11.6
SSH Agent does not respect ssh-keys order
Hey! After latest Production 1Password update (1Password for Mac 8.12.0 (81200013)) something is off with SSH Agent. SSH agent does not respect ssh-keys order set in TOML file anymore. It doesn't matter if you set any keys in TOML file or you leave this file empty, command ssh-agent -l prints ssh-keys in random order. Example, my TOML file: [[ssh-keys]] item = "SSH Private Key" vault = "Personal" [[ssh-keys]] item = "Magento Cloud GDPR" vault = "Employee" [[ssh-keys]] item = "AWS EKS Node" vault = "Employee" [[ssh-keys]] item = "AWS Key" vault = "DevOps" And two results of ssh-add -l command: SSH_AUTH_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock ssh-add -l 4096 SHA256:N4XGsjxtiMBWRpHvwh16fTciJL1aaTc0wuGXMlePQuY Magento Cloud GDPR (RSA) 4096 SHA256:2LqQtMd7YdPMGXg4W+zODedaHi1oz4CxC0k/hl0V+PQ AWS EKS Node (RSA) 2048 SHA256:4uE+nbs+twoNih01hiveiXFjy3bIh+NPkVyBNyqRyYg AWS Key (RSA) 256 SHA256:QKMLArxXXvAcYzmSCqV766DsOAyxnkuA28TwneIsvTI SSH Private Key (ED25519) SSH_AUTH_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock ssh-add -l 256 SHA256:QKMLArxXXvAcYzmSCqV766DsOAyxnkuA28TwneIsvTI SSH Private Key (ED25519) 4096 SHA256:N4XGsjxtiMBWRpHvwh16fTciJL1aaTc0wuGXMlePQuY Magento Cloud GDPR (RSA) 4096 SHA256:2LqQtMd7YdPMGXg4W+zODedaHi1oz4CxC0k/hl0V+PQ AWS EKS Node (RSA) 2048 SHA256:4uE+nbs+twoNih01hiveiXFjy3bIh+NPkVyBNyqRyYg AWS Key (RSA)
AWS Shell plugin is not providing session token
Hello, I tried to set up AWS shell plugin in a way that it'll provide me short lived tokens. I need these for our internal tools that use AWS SDK and is able to work with these temporary credentials, so 1Password doesn't see this to be something originating from `aws` cli. I'm trying to understand how can I use 1Password to only hand out temporary credentials so that the application doesn't have to deal with getting the tokens itself. According to Shell plugin docs (https://developer.1password.com/docs/cli/shell-plugins/aws/#optional-set-up-multi-factor-authentication) there should be session token set up, but I don't see it. I don't understand how it should get there and when should it be available. It's currently set up in this manner and aws plugin seems to be able to use MFA: op % op item get xyz ID: xyz Title: AWS Vault: Employee (abc) Created: 2 years ago Updated: 20 minutes ago by [me] Favorite: false Tags: XXX Version: 42 Category: LOGIN Fields: username: [username] password: [use 'op item get xyz --reveal' to reveal] access key id: [access-key] secret access key: [use 'op item get xyz --reveal' to reveal] one-time password: 123456 mfa serial: arn:aws:iam::[rest] Default region: [region] Account ID: [account-id] URLs: website: https://us-east-1.console.aws.amazon.com/iam/...
1Password Oddities
These have been issues for a while, but re-testing them today, I'm using "1Password for Mac 8.11.22 (81122027)", Google Chrome "144.0.7559.59", and 1Password extension "8.11.27.2". --- Is there a reason why I have to use my mouse and keyboard on web-pages that use XHTML? https://craig.dev/misc/1Password/2023-12-12-xml/ If I select either the username or password field (I'm using autofocus on the username field, but this isn't necessary)... the 1Password icon appears (good), but if I click on it with the mouse, then it just disappears... so now I need to use the [down arrow] button on my keyboard to show the 1Password account selection menu... but, if I press the [down arrow] a second time (i.e. to make a selection), then the 1Password select menu disappears, so I need to go back to using my mouse to select the account I want. This seems to be due to the use of `Content-Type: application/xhtml+xml`, you can change back to normal (error tolerant) HTML with the "change" link on this page. --- Also, because I have a `Permissions-Policy` header on my websites, where I set `ch-ua-high-entropy-values=()` to disable the getHighEntropyValues API, I get this error in the Google Chrome Developer tools: Permissions policy violation: Collection of high-entropy user-agent client hints is disabled for this document https://craig.dev/misc/1Password/2026-01-11-high-entropy/ --- Also, on either of these pages, you can see the scrolling issue... as in, when you try to scroll the page, the 1Password button remains fixed in position relative to the browsers window (not keeping track of the username/password field location): I suspect it's related to the setButtonStyles() function in "injected.js", which is using `button.style.position = "fixed"`... I'm not sure on the details, but if I was looking into this, I'd start by considering the use of position absolute. --- Also, every time I select a username/password field, and then use the down arrow so 1Password opens the select field, I get a warning in the Google Chrome Developer tools: Added non-passive event listener to a scroll-blocking 'wheel' event. Consider marking event handler as 'passive' to make the page more responsive. --- And finally, following on with the SMS verification codes discussion, what HTML should I be using on my SMS one-time-code fields, so I can tell 1Password to ignore this field (i.e. so the browser can offer the value from the SMS message)? I'm currently using: <input name="code" id="sms_code" required="required" autofocus="autofocus" autocomplete="one-time-code" type="text" inputmode="numeric" size="9" maxlength="7" value="">
CLI created text fields lose multiline support in UI edit mode
Hi, I’ve run into an inconsistency between the 1Password UI and the CLI regarding multiline text fields. When I create a Text field directly from the UI, it fully supports multiline values and retains them correctly when viewing, editing, and re-saving the item. However, when I create a similar field via the CLI, the behavior is different: The multiline value is displayed correctly in the UI (line breaks are visible). But as soon as I edit the item in the UI, the multiline formatting is lost, because the field is treated as a single-line field. After that, retrieving the value from the CLI is no longer formatted. This makes CLI-created items effectively read-only for multiline content, which is problematic for some internal CI use cases we rely on. I’m aware that using notesPlain is a possible workaround, but it does not fit our requirements. Since the UI clearly supports true multiline “Text” fields, it’s confusing and frustrating that the CLI cannot create the same type of field. Here’s a minimal reproduction: echo '{"title": "test", "category":"SECURE_NOTE","fields":[{"label":"test","value":"test\\ntest"}]}' | op item create --vault="MyVault" - Is this a known limitation of the CLI schema, or a bug? Would it be possible for someone on the development team to look into exposing proper multiline text field support in the CLI? Thanks in advance for your help.Feature Request: Disable SSH Agent via macOS Menu Bar
It would be great to add an option 'Disable SSH Agent' to the 1Password Menu Bar Item on macOS. There's already an option to 'Disable Snippet Expansion' which is helpful. The 'Disable SSH Agent' would work the same. This would be helpful in scenarios where you are connecting to a system via SSH that doesn't have any of your 1Password-managed SSH keys. When I have the agent enabled, I often get `Too many authentication failures` for those systems. The ability to quickly disable and re-enable afterwards would be helpful. The current solution is to open the app, go to Settings > Developer, and toggle it there - which is cumbersome: To avoid confusing non-developer users with the option, it could only show up when the 1Password Developer experience was activated, or when the SSH Agent was enabled at least once. Thanks!op run fails with "deleted or archived" error when resolving item by name, but op item get works
1Password CLI Version: 2.32.0 OS: macOS (Darwin 25.1.0) Shell: zsh Problem: When using op run with an env file that references items by name, it fails with: [ERROR] could not find item GitLab in vault Employee, because it has been deleted or archived However, the item exists and can be accessed by name with other commands: # This works fine: op item get "GitLab" --vault Employee --fields token # This also confirms the item exists: op item list --vault Employee | grep GitLab # Returns: qf...bq GitLab Employee 3 weeks ago Reproduction: 1. Create secrets.env: GITLAB_TOKEN=op://Employee/GitLab/token 2. Run: op run --env-file=secrets.env -- env | grep GITLAB 3. Error occurs despite the item being accessible via op item get. Workaround: Using the item ID instead of the name works: GITLAB_TOKEN=op://Employee/qf...hq/token Expected: op run should resolve items by name the same way op item get does.
