Deauthorizing iOS devices - still able to access vault afterwords
I am still able to access my 1Password vault from iOS and iPadOS after de-authorizing iPhone (today) and iPad (week ago)
In the case of the iPad, I have done a password reset since de-authorizing - but I am still able to access the vault with the old password.
In the case of the iPhone, I had also just regenerated the Secret Key. When I entered my password, the SignIn window popped up - but I discovered that by clicking on Cancel, the re-authorization got bypassed - and my vault opened and I was able to navigate.
What makes this so disturbing is that I can no longer see activity from these devices on my Profile because 1Password is no longer tracking them - because they were deauthorized.
Basically, the deauthorization does not seem to work. And any subsequent changes made with Secret Key or Password do not register.
This is scary!!!!
1Password Version: 1Password8
Extension Version: Not Provided
OS Version: iOS16, iPadOS16
Browser:_ Not Provided
Comments
-
Hello @s3690! 👋
I see that you've written in to our support team via email with the same questions and I recommend continuing the conversation there since I don't have access to your account information here on the forums. They'll be able to get more information about what you're seeing on your end and provide an explanation of how the deauthorize feature works in detail. I've asked the team to send you a reply as soon as possible.
To prevent duplication of effort I'm closing this thread.
-Dave
ref: GSH-92244-724
0