Authorized Devices - My iPhone shows suspicious location (I have the phone with me)
While on the my1password.com site I checked to see my authorized devices. It shows 5 devices; This mac I am on, my iPad which I used last night to access through the app, and safari which I used from the mac this morning. I am ok with these but have a question if this shows differently if I use the app on my mac or go through safari?
Two other items I have questions about. One is another safari entry showing use from March 4 from another state (SC) I own a home in. It is very possible I was using my iPad there and on the website instead of the app. Would this be represented this way? What happens if I delete that safari entry from March 4? The second and most concerning is the entry that shows my iPhone pro. It shows use of 1PW yesterday at 1:38 out of state in MD and I am in VA and have not been to MD. This morning while signing on to 1PW I got a note that it could not be used because my data was being used at another location or something like that.
I am concerned about the location and of course have I been compromised some how? I tried to paste a screen shot of my approved devices in here below but it does not appear to work. I can send if I get an email to send it to.
[image removed; this is a public forum]
1Password Version: 7.4.3
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:device showing out of area
Comments
-
Greetings from SC. :)
I want to try and address some of the ISP stuff. I would also like to say I am not a professional at this ISP stuff. I am only relaying my personal experiences. I live in the upstate, and when I connect sometimes my location is not always accurate. This has nothing to do with 1Password. I can be at home, and I have been reported as being in VA (rare), Hickory (NC) frequent, Columbia (SC) less frequent. Charleston (SC) once. As the years go by, I find some of the Geo-location data is pretty scary, being down to merely a few hundred feet from me. 98% of the time now I am reported as being in Simpsonville SC. Which incidentally is still a considerable distance from me but its still close.
Data is returned based upon things like Geo-location, frequently ISP's route their data through a central location, and from there, it goes out to the internet, which explains my Hickory location above. The VA entry appears when I am using Verizon Wireless. As too Columbia and Charleston, that's still a question for me. I assume it's ISP related. Think guest wifi at say the hospital. It could be the location service determined SC and then gave up trying to resolve it further. Often time if a lookup fails, it may default to Kansas. Yup, I have seen that happen.
For example, on January 14th at 5:50 PM, I am listed as logging in via Safari in NewYork, NY. From 5:30 - 8:00 PM, I was at the Apple store attending a Design Lab: Drawing Treehouses with my two children. I was on the Apple store wifi and opened 1Password to find details I needed to purchase an item.
My point is a lot of this has to do with ISP's and services that report Geo-location data. I am not saying you shouldn't be cautious. I certainly am. I would encourage you to be cautious; after all, it's our digital life we are talking about.
"This morning while signing on to 1PW I got a note that it could not be used because my data was being used at another location or something like that."
It sounds like you may have left a browser session open.
If in doubt, you can always disassociate/disconnect the devices. The most that would be required would be to authenticate on the device to reestablish communication. If I unlink my install I get this message. To reestablish communication I would need to authenticate again.
My only caveat to you is to make sure you have a copy of the Secret Key, if you remove all linkings and you do not have access to the Secret Key you will not be able to access your data. You would be locked out of the data forever. Please always make sure you have a backup copy I keep a copy in a fire proof safe (local) and safety deposit box (off site).
I hope some of this helps being one user to another user.
0 -
Thank you so much for your response. It is line with what I believed may be going on and you explained it perfectly. I do have my secret key stored as you do and may try and disconnect and reconnect my devices. Curious...my wife has the 1PW app other phone so when she uses it it should appear in my list of authorized devices as well correct?
0
