1Password on Mastodon

After master password change on other device, able to view vault before reauthenticating on app

TurnerBurnTurnerBurn
Community Member

First time 1Password user after jumping ship from LastPass. Sorry if this has been posted before but I couldn't find anything and didn't have a lot of time to keep digging so here goes:

Setup 1Password doing the trial with a temporary master PW. Installed the desktop and Android app and using it for the past week or so. Decided to commit to 1Password, so changed my master password on the 1password website via my Windows machine--no problems there.

Go to my Android phone and open the app get prompted to re-enter my secret key and new PW which is good but, if I "arrow back" I'm able to still see my vault. Shouldn't 1Password prevent me from seeing/accessing my vault if it senses (which it did) that my master PW changed and ask me for updating things before letting me see my vault? That would seem far more secure. If, God forbid, I lost my phone and changed my 1Password master PW on another device I would hope that the app would be invalidating any access until new creds are entered. Yes, I do have a pin and bio data set on my phone to make it harder but it just seems like a bad idea to let me see my vault before entering the updated password. Even LastPass in all of their irresponsibility doesn't allow for that to happen. I really like 1Password but am I missing something?


1Password Version: 8.9.13
Extension Version: Not Provided
OS Version: Win 10 and Android 10.0.15
Browser:_ Chrome

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file