Can't access vault from ISP
This started about a week ago (I think, I only noticed when I needed to add a new login). I'm guessing it's limited to my ISP (Cable One) or it would have been addressed by now, but I don't have much to go on.
When I navigate to the vault - https://my.1password.com/home - I get a security error in my browser. The browser extension and the Android application also do not sync, even though I can log in. Switching to cellular data/hotspot resolves the problem - I can navigate to the vault and the local versions start syncing again.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @Treebark! 👋
I'm sorry that you're unable to access 1Password.com using Firefox. I don't see reports from other users of the same issue. Can you tell me what kind of device you're using and what version of Firefox is installed?
Are you able to reproduce the issue using a Private window and copying and pasting the following specific URL into the address bar:
https://my.1password.com/signinCan you also tell me if you recognize
pptcomeup.com? I see it in the error message. That isn't one of 1Password's websites, do you recognize it?I look forward to hearing from you.
-Dave
0 -
Hi Dave,
I've tried this via browsers on two different versions of Android, as well as Linux. Firefox (126.0 64-bit) fails in incognito as well. The error message is different on Android with Brave browser and Linux with Chromium (125.0.6422.60 64-bit) - "ERR_CERT_COMMON_NAME_INVALID".
The cert is also different on Android/chromium-based browsers, the CN targeting "*.asynctester.com" instead. I'm guessing that's a browser difference in how it handles whatever is breaking in the SSL setup.
Using the Android app (7.9.4) - it starts "Begin sync..." then fails with an error "[AUTH] Failed to connect [javax.net.ssl.SSLPeerUnverifiedException] retr.." after presumably timing out, the message isn't very helpful and is truncated by the OS.
I do not recognize the domain for either "pptcomeup.com" or "asynctester.com". WHOIS doesn't turn up anything useful for either. I'd guess something's been compromised except it's only this very specific part of your domain that I've noticed any issues, and I would expect a malicious actor to use consistent domains.
As I said above, getting off of my ISP resolves the problem on all of my devices/browsers so I sincerely doubt the software is the problem. This appears to be between me and your systems, I'm just not sure where to start solving the issue. I haven't changed anything with my local setup since this started.
0 -
I hardcoded y'alls IP and that resolves the issue. Apparently I have a stale or malicious DNS record specific to this domain somewhere in the stack. Traceroute puts it outside my network, so it's probably my garbage ISP. Hopefully no one else has the issue. Either way, doesn't seem to be something ya'll can fix. Thanks.
0 -
More digging. I believe it was my local router's DNS cache. I thought the DNS requests were going all the way out but it appears I was just wrong. Rebooting my router to clear the cache resolved the issue. My guess is you changed your IPs for this specific part of the site and my hardware never got the message. Thanks.
0 -
I'm happy that you were able to resolve the issue. Our IP addresses are subject to change over time, you can find the list of ports and domains that 1Password uses here: 1Password ports and domains
Let me know if there's anything else that I can help you with. 🙂
-Dave
0
