Unexpected Safari Extension "New Sign-In" Email Alert

OAW

So I'm at work and suddenly receive Safari Extension "New Sign-In" email alert. This was unexpected because I'd been using the 1PW desktop app and Safari Extension all day and I certainly didn't logout and log back in to my 1PW account. I immediately logged into my 1PW account in my browser to see the list of authorized devices. The most recent device to login listed the "Safari Extension" with the public IP address of my laptop on my employer's internet connection. It's also listed as the my current device. The odd thing about this besides the unexpected "New Sign-In" email alert is that the Safari Extension says it's on macOS 10.5.7 when I'm actually running maOS 14.3 Beta. Every time I open the Safari Extension and reload the My Profile page in my browser I see Last Access field update to the current time so I'm fairly confident it's my own machine. But the OS discrepancy is also concerning. What's this all about?

OAW

---

1Password Version: 1Password for Mac 8.10.24 (81024006)
Extension Version: 2.18.2 21800201
OS Version: 14.3 Beta (23D5033f)
Browser: Safari

OAW

steph.giles

Hey @OAW,

The incorrect macOS version that you see being reported on 1Password.com is due to a decision that browser manufacturers made in how they report the macOS version number. Browsers broadcast something called a UserAgent which tells websites certain information about your Mac. Certain browsers have decided to limit their UserAgent to declare that all users of that browser are running macOS 10.15.7 regardless of which macOS version they're actually running. If you check the user agent of your browser you'll see the macOS version of your Mac being reported like this: Mac OS X 10.15.7

Since your browser is reporting that you're running macOS 10.15.7 that's what 1Password.com lists when you check your Authorized Devices since we're relying on the browser for your macOS version. Since the 1Password for Mac app doesn't rely on the browser UserAgent but can check for the macOS version itself it will show the correct macOS version on 1Password.com. Our developers are aware of the issue with the browser extension and are looking to see if we can improve this in the future.

I hope this helps to clear things up, let us know if you have any questions!

OAW

@steph.giles Ah that makes sense about the macOS version. Any explanation for the unexpected new sign in email alert?

Dave_1P

@OAW

I'm happy that Steph was able to help. 🙂

Any explanation for the unexpected new sign in email alert?

Did you happen to clear Safari's history/cache recently? Or do you have the "Remove history items" setting configured for a short time? You can find the setting here: Safari > Settings > General.

I look forward to hearing from you.

-Dave

ref: dev/core/core#10342

OAW

@Dave_1P I didn't clear history recently. And the Remove History Items setting is set to "After one month". I currently have history going back to December 8.

Dave_1P

@OAW

Thank you for the reply. It sounds like you're affected by a known issue where 1Password may send an unexpected sign-in email for an existing device when using 1Password for Safari on either a Mac, iPhone, or iPad.

Our developers are investigating and I've added you to the internal work item open for the issue. I'm sorry for the confusion.

-Dave

ref: dev/core/core#10342

OAW

@Dave_1P Thanks for the info. I'm glad to hear that you are aware of the issue.

Dave_1P

Thanks again for reporting the issue. 🙂

-Dave

nNfEfRtqUHrmDWYdocjh

I am seeing this as well, but only after clearing history or when using private browser mode? Is there a way preventing such notifications? I know, this is supposed to be a security feature, but can 1Password Browser extension not verify a existing „connection“ to the browser or device with a different way then relying on session cookies?

ag_tommy

@nNfEfRtqUHrmDWYdocjh

Thanks for letting us know this affects you too. I've added your report to our internal notes. I'm hoping the team can work some magic here. O apologize for the trouble.

ref: dev/core/core#10342

tdube

Good Morning -I found this thread - it seems I've been getting email notifications on the Safari extension for a few weeks - see the image attached. How can I stop these emails?

ag_tommy

@tdube

It's not possible to stop the emails. Are you using iOS 17.4 beta? Or something earlier? The team is looking into why they are happing on a more frequent basis. One thought is a recent change to iCloud Private Relay. Do you use it?

tdube

Hey @ag_tommy - I'm on 17.4 beta yes.. and was earlier. and NO I don't use relay at all. LMK happy to help diagnose.

kevin.li

Hi @tdube,

Thanks for letting us know that you use iOS 17.4 beta. It sounds like you're experiencing the same issue that my colleague @Dave_1P motioned above.

I've added you to the reporting list and our devs will investigate further. I apologize for the confusion and appreciate your patience while waiting for the fix.

For now, you can workaround the issue by turning off the extension for Safari on your iPhone or iPad and using AutoFill instead:

1. Open the Settings app.
2. Tap Safari.
3. Tap Extensions.
4. Tap 1Password.
5. Turn off "Allow Extension".

Then setup and use iOS AutoFill: Use 1Password to save logins and sign in to apps and websites on your iPhone and iPad

-Kevin

ref: dev/core/core#10342

tdube

TY! understand - I've turned it off for now (I will MISS THIS)

Dave_1P

Thanks again for reporting the issue. Hopefully we can get this resolved soon in a future update.

-Dave