Protect what matters – even after you're gone. Make a plan for your digital legacy today.
"Installation stopped. 1Password is already installed on this device" Notification
Good morning, Multiple users, including myself, are receiving this error: After clicking, "Yes" the pop-up will come back sometime later. We are deploying 1Password via Intune (Windows Store App). How can I get this pop-up to go away?
Interferes with Microsoft Company Portal Passkeys
1Password extension interferes with the passkey flow for Microsoft Entra / Company Portal. This flow integrates with the system passkey dialogue, which 1Password attempts to subvert. Depending on the exact scenario one of three things seems happen: When fully logged out and logging into a generic Microsoft login form (such as logging into accounts.microsoft.com, 1Password always attempts to replace the Company Portal passkey flow When logged in but re-verifying, and 1Password is locked then it still attempts to replace the Company Portal passkey flow When logged in but re-verifying, and 1Password is unlocked then it sees that there's no matching passkey and doesn't interfere Please either fix these issues or switch to the system passkey prompt on Mac which doesn't have this issue.
User unable to log in with SSO
I have a user who we have been unable to sign in no matter what we attempt. signing in, password recovery, all of it seems to fail. the user's email address was changed a few months ago and 1password was working just fine, but the moment we attempted to sign into a new device everything seemed to stop working, and now it even broke on the original device. In attempting account recovery, the user receives errors. there seems to be nothing we can do to get into this account, anyone have ideas? This is an existing user with a large password vault. Attempted Account Recovery but it fails Attempted to update "Primary email address" field for the user on the Identity provider and that did not help Attempted to recreate the original user account username, and that also fails Support is unresponsiveWhat’s new in 1Password Enterprise Password Manager (Q4 2025)
Hey everyone! 👋 We’ve been working closely with customers across industries this past year to understand where they need more flexibility, clarity, and control. That feedback shaped a new round of improvements that help teams deploy faster, manage more consistently, and stay secure without slowing anyone down. Here’s a quick rundown of what’s new: Security without friction New App Unlock presets give admins more flexibility in how people unlock 1Password. Organizations can align unlock behavior with their existing device policies, like allowing 1Password to unlock when the device unlocks while still enforcing auto-lock where needed. Teams can decide which presets are available, override them where required, or let users choose the option that fits their workflow. Vaults remain protected by device-level encryption – this simply changes when 1Password unlocks, not how it’s secured. Get teams set up in less time A couple of updates make it easier for new users to get started confidently: The new Browser Extension policy helps guide new users to install the 1Password browser extension during setup. Guided Setup now introduces people to the essentials of using 1Password in their environment and adapts to each organization’s configuration. Together, these reduce confusion during onboarding, minimize IT overhead, and help people start saving and filling credentials right away. New policies provide more control As organizations scale, admins often need fine-grained control over how credentials are saved and submitted. New policy options now allow admins to configure: Autosave: Choose which item types (Logins, Credit Cards, Addresses, 2FA) are saved automatically. Autosubmit: Turn off automatic form submission. Sign-in Attempts: Define how many failed login attempts are allowed before an IP address is temporarily locked for that user, helping safeguard against brute-force attacks. These updates help standardize behavior across the organization while still giving teams the right amount of flexibility. Set up your 1Password instance to reflect how your organization operates Multi-tenancy introduces a new account model designed for scale that brings more clarity and consistency to large or distributed organizations. Linked Accounts let you connect a parent account to any number of child accounts within the same data region, organized by geography, department, or business unit. Policy Templates make governance easier by letting the parent account create reusable templates, decide what child accounts can override, and apply standards instantly. It’s a flexible way to maintain consistent security while letting teams operate independently when they need to. Coming in 2026 A couple of updates already in motion: Automated Provisioning hosted by 1Password connects directly to Okta and Entra ID, eliminating the need for self-hosted SCIM bridges so teams can deploy faster with less infrastructure to maintain. A redesigned Audit Log that brings all user and admin activity into a unified, human-readable view, making investigations and compliance reviews much easier. These improvements are all steps toward making enterprise deployment smoother, governance clearer, and day-to-day work less of a lift for admins and teams alike. If you’d like a closer look (including screenshots and examples) you can find the full breakdown in our latest blog post.
Deprecated exe won't uninstall via Intune
We originally packaged the 1PasswordSetup-8.4.1.2.exe installer as an Win32App and deployed via Intune. Some of the settings used were, Install command 1PasswordSetup-8.4.1.2.exe --silent Uninstall command "%LocalAppData%\1Password\app\8\1Password.exe" --uninstall With detection set to be File %LocalAppData%\1Password\app\8\ 1Password.exe File or Folder Exists With the the deprecation, we've been attempting to uninstall and have set Assignments to a test group for uninstall. However, the uninstall seems to be failing with "The system cannot find the file specified. (0x80070002)" error. We've tweaked the detection rules to no avail. Running the '"%LocalAppData%\1Password\app\8\1Password.exe" --uninstall' does work. Anyone else run into this issue or have an idea how to ensure it triggers?Eliminated Entra user keeps stuck in 1password
A user removed from a group in EntraID is still active in 1Password with an active license. What can I do to remove them directly from the 1Password console? I've tried adding them back to the group, removing them from the group, and they're still there. Please help.
Autofill for longer url prefix
Feature request: Add new Autofill behavior option to "Fill on this exact url prefix". The story: I need to login to a lot of different Microsoft Azure tenants as part of my work. Most of the tenants use the same host login.microsoftonline.com followed by tenant id or name (e.g. login.microsoftonline.com/3b84bdc6-a81a-4f39-bbb4-b18b54fe06dc or login.microsoftonline.com/hkdev.onmicrosoft.com). To make matters worse, most of the tenants also require TOTP, but each have their own TOTP seed and the 2FA pages are otherwise exactly the same. So when I open the Azure portal for the first time each day, I'm greeted with the login screen to a "random" (basically the last used one) tenant and I don't now which one... But Autofill only supports "Only fill on this exact host", which suggests all tenants at once and due to the obscure tenant IDs I never know which tenant I need to use. It would be great if I could add the full tenant prefix url to the Autofill and it filtered by that :)
Improve speed of login - Feature Request
Howdy all, As someone that has multiple SSO accounts on my machine (for various different purposes) one thing that has always added an extra step for my team, myself, and various users across our business, is that they have to click to select which SSO account they wish to log in with after clicking to SSO. We particularly use Entra SSO (so unsure if there is something similar for other providers) but would love to see 1Password leverage the login_hint parameter as described here https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-sso This would mean that when you press to SSO with Microsoft, it would pass the login_hint parameter with the SSO username over, so if you have multiple logged in accounts, it will auto-pick the correct one. In theory a REALLY simple fix, but would save an extra click for every SSO sign in for affected users. Looks with big round puppydog eyes. Cheers, Stuart
