It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Feature Request - Support Certificates
I know that 1Password supports SSH keys, but that only supports storing private keys. Plus, copying the public key copies the ssh public key. I would like a way to store certificate chains. If am encrypting things with my own certs, I need a way to securely store certs, and keys, often together. I would like a way to store as many certs and keys as possible inside of one item. Or maybe, Just one public.crt and private.pem. Either way, This would be super helpful as currently the only other way to store these is in ssh keys for private certs, and secure documents for the public certs. Not very elegant. Also the fact that the secure documents only allow for one doc is not ideal either.
New Firefox Tab shows No Passwords
In the latest version of 1pass for Firefox, if I click on a new tab, then click on my 1Pass extension, normally, I expect to be able to look through all my sites and choose open and fill. However, now, if I do this, no pages, links, passwords show up, even if I try searching for one, because it is looking for passwords for a blank page. It is really annoying. The only way to work around it is to select 1Pass while on another page. Can this be fixed?
"Sign In With" Provider Not Available
When I add a "Sign in with" option to a login, I can't select any of my existing logins as the correct credentials. I seem to only be offered providers such as Google, Facebook, Twitter/X, etc. For example, Shop (shop.app, also known as Shopify?) is a provider that is linked to many, many stores ... at least in Australia. It's great that I can just sign in with Shop when I'm on a new site and checking out, but I'd like to remember that's how I logged in and 1PW just doesn't allow it. I see this has been raised before and there's a thank you message from the support staff along with these "ref" numbers, such as: ref: PB-48105670 ref: PB-48105687 What are these numbers? How can we use them to check up on the status of a request? Google only finds the one specific thread where this number was posted before the conversation was locked so it seems to perhaps just be a number to make people think something is being done when really the request is thrown onto a pile that is never really looked at? Any information on how to follow up on these would be helpful, the "Sign in with" feature has been out for a while and people have been requesting this a lot so if it's not even turned up in a beta build, I'm concerned at 1PW's turnaround time for adding an easy feature to their software; even if it's rolled out in two phases where the first is just cosmetic until the second phase actually introduces functions like auto-forwarding and selecting the provider for login etc. Thanks team.Feature Request - Secure Vault
Dear 1Password Support Team, I’m a dedicated 1Password user and value its robust security features. However, I’d like to propose a new feature inspired by Microsoft OneDrive’s Personal Vault to enhance protection for critical, rarely accessed items in 1Password, balancing convenience for daily use with heightened security for sensitive data. I suggest implementing a Secure Vault feature within 1Password, where users can designate specific items or a dedicated vault as requiring multi-factor authentication (MFA) for access, even when the main vault is unlocked. Similar to OneDrive’s Personal Vault, which uses MFA (e.g., a push notification via the Microsoft Authenticator app, SMS code, or biometric verification) to unlock a protected folder, this Secure Vault would prompt for a one-time MFA verification—such as a push notification to a registered device, a code from an authenticator app, or an SMS—each carcass each time the user attempts to view or edit these items. Additionally, the Secure Vault could auto-lock after a short period of inactivity (e.g., 5–20 minutes, configurable by the user), requiring re-authentication for subsequent access, mirroring OneDrive’s automatic locking mechanism. This feature would allow users to keep day-to-day items (e.g., website logins) easily accessible during a session while ensuring sensitive data (e.g., banking credentials or legal documents) remains protected behind an additional authentication layer. For example, a user could tag items as “High Security” or move them to a Secure Vault, which would remain locked until MFA is completed, even if the main 1Password app is open. This would mitigate risks if a device is compromised or left unattended while unlocked. Key Aspects of the Proposed Feature MFA Integration: Support multiple MFA methods, such as push notifications to the 1Password mobile app, TOTP codes from authenticator apps, or SMS/email codes, to verify identity for Secure Vault access. One-Time Access: Each access attempt requires fresh MFA, preventing prolonged exposure of sensitive data. Auto-Lock: The Secure Vault locks automatically after a user-defined inactivity period, requiring MFA to reopen. User Flexibility: Allow users to choose which items or vaults require this extra protection, preserving convenience for less sensitive data. I believe this Secure Vault feature would appeal to users managing both routine and highly sensitive information, offering peace of mind for personal and professional use. If similar functionality is under consideration or if there are existing workarounds to achieve this, I’d appreciate any guidance. For inspiration, Microsoft’s OneDrive Personal Vault demonstrates how MFA and auto-locking can effectively secure a subset of cloud-stored data. Thank you for considering this request. I’m excited about the potential for 1Password to incorporate such a feature and would love to hear your thoughts or join the 1Password Community to discuss further.
Vault and user permissions
I would like to see the 1Password manager work as follows: For a shared vault, I would like to see it work where whichever member of the shared vault added an item to the shared vault that they can make that item have permissions where the other members cannot move the item out of the shared vault. I know that the shared vault can have the permissions of all those that are shared in it to be set for 'Allow viewing' but then that would not allow them to create new items for the share (and I assume to not be allowed to move one of their items to the shared vault). I would like to see a shared vault be accessible by everyone who is allowed to see it, and in some cases, be able to edit some items but maybe not all the items. So having a vault wide permission does not satisfy this need, it needs to also have item permissions as well, at least when inside a shared vault. I am looking to be able to have the items have separate permissions from the vault so that whoever moves an item to the shared vault can make it viewable but not movable. I would like to see a shared vault act like every item in it is owned (controlled) by the user that moved it there. This would prevent an issue where if someone wanted to move an item that doesn't belong to them out of the shared vault and into their own private vault, effectively stealing the item from everyone else. So, in a sense, whoever moves an item into the vault would be the only one (besides the accounts admin) allowed to move it out of the shared vault. I cannot see any way to prevent this at this time unless I am missing something because as I stated, if I give a user view only permissions, they cannot add (move) items into the shared vault, correct?
