W11 TPM only works for 1-3 reboots
Hello,
my machine uses TPM for login purposes and it works flawlessly every time.
I started setting up 1P to use it as well. It works nicely, but only for one to three reboots, after that I have to type in my password again (after which my Hello PIN is asked). The error message is either simply that I need to input my password to be able to use the app or that the Hello configuration has been reset (which it hasn't) - roughly translated from German.
If I then proceed to untick all Hello options in the settings (Unlock with Hello in "Security" and the two Hello options in "Advanced"), close the app, reboot the machine, tick all three boxes again, Hello unlock will work again (method I found here in the forums).
Once I put in my password and my Hello PIN, I can lock the vault as I please, and use the PIN to unlock. It is only after rebooting that I need to put in my password again.
Any help please? :)
1Password Version: 8.7.2.
Extension Version: Not Provided
OS Version: Windows 11
Comments
-
Hi @ZyroBlue, thanks for reaching out to us. I'm sorry to hear of the troubles you've been encountering with Enhanced Windows Hello after a few reboots.
It works nicely, but only for one to three reboots, after that I have to type in my password again (after which my Hello PIN is asked).
When you are in this state, after you enter your account password, and subsequently your Windows Hello PIN, does restarting 1Password 8 after fully quitting the app from the icon in the system notification tray, resume this functionality?
We're aware of some customers who have been experiencing similar issues with Enhanced Windows Hello and one thing that Microsoft had mentioned could be a factor in invalidating the TPM state is using the fast startup option on your computer. You can see if this is the case by disabling the feature following the steps found here: Disable Fast Startup
If this continues to be an issue, can you send a 1Password diagnostics report via email to support+windows@1Password.com so we can help to investigate? Please do not post these details in the forums.
Can you also include a link to this thread in your email, along with your forum handle so that we can "connect the dots" when we see your report in our inbox. Thank you!
0 -
Hello,
yes. Once the PIN is unlocked, I can lock (or completely close) the app just fine, and unlock it with the PIN - as long as I don't reboot.
Fast Startup did not help. I'll get that diagnostics report going and send it off. Thanks for your help!
0 -
I am confused here. What does the TPM have to do with 1Password? As far as I know they have nothing directly to do with each other,
0 -
Hello @crkinard, thanks for your question.
Until the Trusted Platform Module (TPM) functionally is enabled, unlocking 1Password requires your account password the first time, with Windows Hello being available on all subsequent unlocks until the app is completely terminated or the device is reboots.
A device with a hardware backed TPM 2.0, allows storage of the encrypted secret in the TPM, instead of your computer’s memory. This allows the use of Windows Hello with 1Password 8 to be persistent after completely closing the app or after reboots of the device. Since we do not want you to forget your account password, it will still be required to unlock 1Password once ever two weeks.
I've included our guide here to help with managing this setting in the 1Password 8 app: Manage your settings
Have a great day!
0