Running 1Password on GrapheneOS (Android 11)

Hello @ugb I'm glad I could help get the ball rolling for you!

Hi 1P_Timothy, disabling 2FA temporarily did the job. Thank you so far.

Just for the entusiasts, thats exactly what I did:

First I went to apkpure.com and went back to the first version in version history that worked (with 2FA) because i did not know better. This was in my case v7.7.7. After 1P_Timothy gave me that 2FA hint, I disabled 2FA on my Family account via web interface, Installed v7.9.2 via anonymous Aurora Store Profile. This actually updated the already installed and working v7.7.7 to v7.9.2. v7.9.2 did work without any issues after that update. After the update to v7.9.2 I turned on 2FA in my Family account via web interface. v7.9.2 on GrapheneOS on my Pixel 6 Pro was asking me then for my second Factor (the OTP), I typed it in and it just worked. So I am happy.

Thanks a lot.

Hello @ugb thanks for your question.

You can try disabling 2FA for your account on the 1Password website then signing in to 1Password for Android. After signing in to 1Password for Android you can try re-enabling 2FA and authenticating.

The latest 1Password version working for me on a Google Pixel 6 Pro with GrapheneOS 12 is 1Password v7.7.7. Neither 7.8.x nor 7.9.x is working. I am using 2FA with an OTP (Google Authenticator). Any ideas?

The issue I face is: After I log in with 2FA I see the successfull login to 1Password and then it disapears.

If you could me point to the rigth direction or let me know how to debug it that would be great.

Hi @queuedoutselldisturb. Thanks for sharing your feedback. We have an issue opened internally regarding this error for our development team to review. I'll share your feedback with them as well. ref: dev/android/onepassword-android#1229

With the latest version (March 6th, 2022) of GrapheneOS and 1Password (7.9.2) from the Aurora Store, I cannot log in to my account if I have a security key as another 2FA method. 1Password will display a misleading error saying that Google Play is required. After removing all security keys from my account, I could enter my TOTP code and successfully sign in.

To avoid confusion that will surely lead other users of GrapheneOS down a rabbit hole (and hopefully to this thread), I hope you can make the error message more descriptive.

Thanks for sharing, @mightyuser!

GrapheneOS is capable of FIDO2.
1Password runs fine on GrapheneOS 12 with Play Services installed.
However there is a AOSP 12 bug in the browser regarding FIDO2 and Play Services.
Waits to be fixed in 2022.

I created a separate user account for the Play Services.
After the first login into 1Password, the browser shows up for FIDO2 authentication.
Instead using my yubikey I used TOTP.

Thank you for the update @p28340!

Sorry for the late post. I solved the issue for me. It was having a security key registered for mfa. FIDO security keys are not supported in GrapheneOS. I removed the security key from my account and was able to use OTP. Appears there needs to be better detection of Fido support. Just happy I got it working.