Hi there, posting this as its own thread, as I got no reply in a related one.
I was in my browser, and I pulled up 1Password for Chrome, which then pulled up 1Password for Windows (because of the integration). I logged in, and then I logged into the website I was at.
After that, I have received an email that somebody has logged into my 1Password account. The IP address was mine, and when I went into the settings, it registered as my computer. However, I was logged in, the 1Pass Windows application was authorized, I just entered my password.
Is this safe? Any idea why this would happen? Thanks!
1Password Version: 7.9.828
Extension Version: 2.2.1
OS Version: Windows 11
Thanks for bringing this up here. As 1Password in the browser acts as a separate "device" from 1Password for Windows, it may have triggered an additional sign in notification. To test this, logging into my.1Password.com in a private or incognito tab will show the same behavior. Even though 1Password for Windows is authorized, you'll still receive a notification for the new sign in. Let me know if that helps, or if you'd still like me to dig in a bit further with you!
Hey @jack.platten, but if the browser extension was also authorized beforehand, is it also ok?
Are you saying that it was just a sign-in request because the tokens have expired and 1Pass logged in under the hood to refresh them (if that's even the mechanism you use, I'm just thinking standard websites)?
Hey @jack.platten, do you maybe have any further info on this for me?
Thanks for following up on this, that would be accurate yes. Be sure to get in touch if you need anything in the future! :smile:
Thank you for the reply, Jack! Good to know.
Have a nice day!