Trusted Browser Support - Windows

Dave_1P · November 2024

We don't have a public timeline and we tend to keep things pretty close to the chest so that we avoid disappointing folks if certain features are delayed or cancelled. This specific feature is yet to be built for Windows; the team hopes to bring additional trusted browsers to other platforms in the future.

-Dave

ldinino · November 2024

+1'ing this.

This feature has been available on macOS for quite a while. I get security posturing, but this really needs to be in Windows and Linux sooner rather than later.

I don't like using stock Firefox, I feel that there are a lot of missing features. I'm trying to leave behind all chromium forks. Currently, Zen is looking to be a winner.

This feature has been promised for a long time; it's a little frustrating that 1Password is one of the more expensive password manager products out there, while managing to fail to deliver this feature.

It's making me think twice about my family renewal, there are a lot of players out there that do this for the same price.

Dave_1P · November 2024

@ldinino

Password for Linux has a custom_allowed_browsers file that should allow you to enable app integration with unsupported browsers, you can find instructions on how to use this file here.

Thank you for the feature request regarding additional trusted browsers for Windows, I've filed the request with our Product team.

-Dave

ref: PB-44759635

mwsmws22 · December 2024

Just made a Community account for the express purpose of +1'ing this thread. I am a user of Thorium browser, which doesn't work with 1Password desktop app integration. Driving me bananas having to type in my password every time via the extension when the desktop app is already signed in. Regular Chrome works so well... Very suprised to learn the "Trusted Browsers" feature is already implemented for Mac, just not Windows. I really hope with all the community voices here that this request is looked at soon. Thanks!

Dave_1P · December 2024

@mwsmws22

Thank you for the request, I've filed a feature request on your behalf with the team as well. 🙂

-Dave

ref: PB-44922061

xd003 · December 2024

Its pretty weird that even after like 18 months since this feature got introduced on Mac, we still don't have it on Windows yet. We are not even asking for a new feature, this is literally just a request for feature parity. I don't understand why is it still not being prioritized. Typically, projects don't work on anything else except very critical bug/security fixes until feature parity is achieved which is clearly not happening here. This feature has been neglected on Windows since too long, something needs to happen very soon.

david.m_1P · December 2024

@xd003

Thank you for sharing that feedback! I'm sorry that we're unable to provide an exact timeline for feature parity for trusted browsers. I can see that you've been in touch regarding this feature before, so I've made sure that your concerns are passed along to the team.

-David

RedPandaKFC · January 1

+1ing this as well (I also made a community account JUST to request this feature). This is kinda ridiculous that y'all still will not give any firm commitments, despite Mac and Linux having this capability for over a year and a half. Plus this comment thread plus related threads requesting additional browsers (Floorp and Zen being two I found easily) on Windows being some of the most viewed should clue your team in that this is clearly a important feature for windows users.

chris115379 · January 1

Also it's not that we are asking for full fledged support like in macOS everybody here would be OK with an "unofficial" way via some config file like it is in Linux.
At least for now. I can understand that this feature might not have the highest priority because it might be tough to properly support it while only affecting a small user-base.
But please consider some hacky solution that is somewhat hidden by only being accessible through some instruction in this thread so only people that really need and look for it can find it.
This way you make a few of your users very happy without committing to a feature fully down the backlog.

samwdp · January 15

+1 on this too. Since this feature for Mac was tested out over a year ago and the earliest Linux discussion was in 2021 this not being in Windows is a bit strange. At minimum, there has been over a year to think about this. Clearly its a priority for other platforms but not for Windows. Is there something technical that is stopping this, because from the logs all I can see is it is checking the signature of the exe against, probably, an internal allow list.2:INFO 2025-01-15T12:30:41.966+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src\browser_verification\windows.rs:62] Verifying browser "C:\Program Files\Zen Twilight\zen.exe" for Zen and 2:INFO 2025-01-15T13:34:29.227+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src\browser_verification\windows.rs:62] Verifying browser "C:\Program Files\Ablaze Floorp\floorp.exe" for Floorp.

   1   │ INFO  2025-01-13T14:43:35.431+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src/main.rs:255] Starting 1Password-BrowserSupport 8.10.56 production build no. 81056028.
   2   │ INFO  2025-01-13T14:43:35.460+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src\browser_verification\windows.rs:62] Verifying browser "C:\Program Files\Zen Twilight\zen.exe"
   3   │ ERROR 2025-01-13T14:43:35.467+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src\browser_verification\windows.rs:71] WinApi(Error Win32(0x00002009): The directory service evaluated group memberships locally.)
   4   │ INFO  2025-01-13T14:43:35.467+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src\browser_verification\windows.rs:81] name: zen, publisher: Unknown Publisher, pid: 46376, version: 134.0.0.3
   5   │ WARN  2025-01-13T14:43:35.474+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src\browser_verification\windows.rs:50] Failed to verify process parent. ParentVerificationFail(WinApi(Error HRESULT(0x800B0100): No signature was present in the subject.))
   6   │ ERROR 2025-01-13T14:43:35.475+00:00 main(ThreadId(1)) [1P:native-messaging\op-browser-support\src/main.rs:288] Browser support error: ProcessVerification, happened in: native-messaging\op-browser-support\src\browser_verification\windows.rs:126
   7   │     Additional error context: Process is not cmd.exe

Since I don't run chromium based browsers I would guess its the same for them. For those who want to find the logs its in AppData/Local/1Password/logs/BrowserSupport. Surely you can just have a toml file (since this is written in rust) that defines the exe's I am happy with not checking the signature of and just jump over the signature check since the 1Password extension and the app are already communicating

Dave_1P · January 17

Thank you for the requests and for the feedback! The team hopes to build a secure way to use unsupported browsers with the 1Password for Windows desktop app and I'll update this thread once there's more news to share.

-Dave

ref: PB-45604812
ref: PB-45604816
ref: PB-45604844

RKOpatryx · January 18

Thank you, @Dave_1P - hope it's appropriate to mention you there and indicate I am looking for this feature. Additional info in case it's useful for your tickets, teams, etc. (I understand it may not be):

This is an accessibility feature for me. I have cognitive disabilities that mean a break in my "flow" every time I need to "connect" the login will be disruptive. (I also want to say that, in contrast, when the "unlock with desktop app" functionality was first introduced, it was extremely exciting and helpful, so: good job!)
The lack of ability to trust additional browsers has, because of the previous concern, stopped my migration from one browser (Edge or Arc) to another (Floorp) twice in the past six months or so. Floorp is still my current browser of choice, if not for the missing "trust' link.

Thank you!

Trusted Browser Support - Windows

Comments