Chrome and Safari listed as "Authorized Devices"
When I log into my 1Password.com account online, "My Profile" incorrectly lists both Chrome and Safari as "authorized devices". There actually are only two authorized devices, my MacBook Pro and my Samsung phone. On each separate occasion that I go online with 1Password.com, it lists my browser as an "authorized device". So, currently, I have 14 "authorized" devices, my two actual devices plus the 12 times I have gone online with either Safari or "Chrome".
Also, "Chrome" is shown as the browser that I am using even though the real browser ( i.e. "device") is my Samsung Internet application.
I am afraid to delete the Safari and Chrome listings as"authorized devices" for fear that I will not be able then to access 1Password from my browsers. Suggestions?
1Password Version: 7.1.2
Extension Version: Not Provided
OS Version: 10.13.6
Sync Type: 1Password.com
Comments
-
If you’re clearing the local database from Safari and Chrome between each login then they will be listed as a new authorized device each time you log in with them. The Samsung Internet application is essentially rebranded Chrome. My suggestion would be to not clear the local cache for 1Password.com from your browsers.
Ben
0 -
Ben, sorry, I do not understand. I am not clearing out any cache after using 1Password. This behavior is a bug, I think. I checked on my husband's phone and iPad, and the same behavior occurs when logging into the 1Password.com account from any browser and appears under "My Profile".
Would a screenshot help? I can post one that does not reveal any personal account information.0 -
@glindsey: If you just mean that devices/browsers are being misidentified, that's certainly possible. We'll see what we can do to improve it, but we can only go based on the information the device gives us, and that is not always accurate. To be clear, there is no harm in deauthorizing devices if you've forgotten what they are. When you do that, you can simply sign in again if needed, no harm done. It may be worth paying attention to the device authorization email though, as you'll receive one each time you sign into your account on a new device. So long as that corresponds to your actual sign in attempt, you're good to go. :)
0 -
Brenty, a couple of things are going on here. I am fully awake now, so perhaps my explanation will be more coherant. :)
Not only are browsers being misidentified as "devices", but every single time that I go online to 1password.com with the same browser, it creates a new "authorized" device under "My Profile." Now, most of the time, I have no reason to go to the app online since I can add and make changes to my data within my local copy of 1Password on whatever device that I happen to be using. But if I should want to check billing or how many days I have left in my trial subscription etc., I have to do those things online and it just seems odd that the same browser that I have been using over and over again, usually Safari, gets labeled as a "new" authorized "device" every time that I do.
A better approach, I think, would be to have just my phone and Macbook Pro be listed as devices. What browser I use should be irrelevant, or so it would seem. I mean, since there is a security risk with a hacker logging into my account, I don't mind the email notifications that someone in my city has accessed my account using the Chrome browser etc. But it does seem redundant and unnecessary to list each time my account is accessed as an authorized device online. And shouldn't there be a way to turn off these notifications when it is obvious that they originate from the same user using the same browser and usually sitting at the same chair within my own house?
0 -
Hey @glindsey, I'm sorry for the trouble this is causing! I totally understand how annoying this is. Let me try to clarify things.
So first off, we do list browsers that accessed your 1Password account under "Devices". I agree that this term is a little confusing, and we've discussed splitting them out into a separate "Browsers" section, but I can't make any promises if that will happen. At least for now know that it is intentional for browsers to show up there.
That being said, you should definitely not see a new browser show up in the list every time you sign in. We store a unique device identifier in the browser local cache so that the next time you sign in it is recognized and doesn't add a new device or send a new email. The intention there is that the list of authorized devices would include all the apps or browser that you signed in with, but only one listing for each browser - not one every time you sign in.
As Ben alluded to, the only way that a new device would be listed every time you sign in from a browser is if that unique identifier is somehow getting cleared from your browser's local cache - your account doesn't recognize it anymore and errs on the safe side of treating it as a new device (and notifying you about it over email). What this means is somehow the browser's local storage is getting cleared. Now, there are a few ways this can happen:
- You can manually clear the cache - it sounds like this isn't what's happening in this case.
- If you sign in with a "Private" or "Incognito" window, then nothing from that session is cached, so each time you sign in it would be treated as a new device.
- The browsers settings could be set to automatically clear out the cache after each browsing session.
Regarding the Samsung Internet Application, as Ben mentioned, it is just a rebranded version of Chrome - that's why it is showing up as Chrome in your list of devices. I'm not totally sure, but I wonder if it doesn't save the browser cache there perhaps - that would cause it to be listed as a new device each time.
As Brenty mentioned, you can definitely remove all the browsers from your Authorized Devices. It won't prevent you from signing in - it will only cause the next signin to be listed as a new device (which it looks like is happening anyways, so it won't be any different).
I'd recommend checking your browsers settings to see if it is automatically clearing the cache by any chance. Let us know what you find!
0 -
Hey Meek, whenever I log into my 1Password account, it is from a login created by the account itself using 1Password's own browser. So, is 1Password automatically clearing the browser cache, perhaps for security reasons? Would that explain why each login is treated as a separate entity?
Btw, I like your idea of separating out devices from browsers. It just makes more sense. This issue is certainly no dealbreaker; just a minor inconvenience in the whole scheme of things.
0 -
Hey Meek, whenever I log into my 1Password account, it is from a login created by the account itself using 1Password's own browser. So, is 1Password automatically clearing the browser cache, perhaps for security reasons? Would that explain why each login is treated as a separate entity?
@glindsey: Can you clarify? What are the exact steps you're taking. It isn't possible for websites, 1Password.com or otherwise, to delete browser data. That would be terrifying. So there's something else going on here.
Btw, I like your idea of separating out devices from browsers. It just makes more sense. This issue is certainly no dealbreaker; just a minor inconvenience in the whole scheme of things.
Honestly, the problem is just of semantics. There isn't a better word than "devices" for you being signed into a 1Password app — and they're all 1Password apps, either native, or running in the browser as web app. Well...I guess maybe "authorized sessions" might be a better catch all, but I think that would be much more confusion to more people. Ultimately, we're just giving the user a list of places where they've signed in so that they can see a list of everything and deauthorize if necessary.
0
