Recovering a user should reset his client

Lu1502
Lu1502
Community Member

We realized that recovering a user isn't as straight forward as it should be.

When recovering a user a new secret key is generated. After setting a new password, the user wants to log into his desktop client but the new password gets rejected due it not matching the account that's setup in the client with the old secret key.

This means they have to setup a new account in their client from the start, with URL, Secret Key and Master Password.
The problem is that this menu to manage accounts is only available, if there is no account configured in your client or you are already logged into an account.

This means that either the user has to log into his account in the browser and deauthorize his client or we have to manually delete the 1password.sqlite in %LocalAppData%
Both ways feel very unintuitive and I would expect that you just have to enter your new master password into the already configured account. I can see that it's necessary to also enter your new secret key. In my opinion the client sould be able to check for this setup and ask for the secret key once before unlocking after a password reset.

Is there any easier way to handle recoveries or is there anything planned to make this process more intuitive?


1Password Version: 8.7.3
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • ag_max
    edited July 2022

    Hi @Lu1502,

    That's correct that when a team member performs the recovery steps and is provided with new sign-in details, in most cases, the 1Password app where they were signed in will contain invalidated details. This will reject their account password and prevent them from being able to sign in with their new details; they'll first need to reset the local database of the app and return it to a factory-new state. Then will it be possible to sign in with the new information on their devices. This is covered in our support article on the subject:

    Recover accounts for family or team members

    Essentially, the suggested workflow is:

    1. Perform the recovery steps for a team member or guest.
    2. Attempt to unlock 1Password on all devices and sign in again.
    3. On the devices where unlocking 1Password isn't possible, reset the app and then sign in.

    I can definitely see how this process can feel unintuitive. While I'm not aware of any active plans in the works, I'll go ahead and pass on your comments to our development team for consideration. I hope the above helps in the meantime, and thanks for sharing your feedback.

    ref: IDEA-I-1336

This discussion has been closed.