1Password Shared vaults not syncing

jonathancohlmeyer
jonathancohlmeyer
Community Member
edited October 2022 in Business and Teams

I added items to shared vaults on 1Password 8 on Mac and my team member is not seeing them on 1Password 7 for Mac.

I have had him try quitting 1Password 7 completely and re-opening but the passwords still do not show up.


1Password Version: 7&8
Extension Version: Not Provided
OS Version: macOS
Browser:_ Not Provided
Referrer: forum-search:sync not working mac

Comments

  • Hello @jonathancohlmeyer! 👋

    I'm sorry to hear that your team member isn't seeing the new items that you added to a shared vault on his Mac. Is he able to see the shared vault itself in 1Password 7 on his device? If he adds an item to the shared vault himself then do you see it on your device?

    Can you also tell me if he's able to see the new items that you added when he logs in to his 1Password account on 1Password.com (in the browser, not the app)?

    I look forward to hearing from you. 🙂

  • jonathancohlmeyer
    jonathancohlmeyer
    Community Member

    Hey, @Dave_1P, I figured out the issue; it is an annoying UI issue with 1Password 8.

    In short, the machine where my copy of 1Password 8 was running had its public IP address changed. This resulted in the firewall on 1Password blocking sync for my vault. That is all fine and good. However, the warning message about this error flashes up on the bottom of 1Password so subtly that I did not see it, nor was I looking for it.

    I thought all was fine as I continued to use 1Password like usual, unaware that it was no longer logged in and syncing back to 1Password.com.

    When I did add the IP address to the allow list in the firewall, my changes still did not sync, and I had to move the item out of the shared valut and back into the shared vault to trigger a sync. This is quite annoying, and I am not sure I remember all the changes when syncing was blocked.

    However, the more significant issue here is that if a 1Password account somehow goes to an IP address that is not allowed by the firewall, the app should be logged out and locked immediately. The situation where this could be an issue is if someone gets your computer and can log in; if they do so from an IP address that is not in the firewall, they should not be able to see existing synced items from 1Password, even if they can somehow arrange to get your password for the 1Password App.

  • Hi @jonathancohlmeyer,

    I'm glad to hear you were able to figure out the issue, and appreciate you sharing your feedback with me.

    When I did add the IP address to the allow list in the firewall, my changes still did not sync, and I had to move the item out of the shared valut and back into the shared vault to trigger a sync. This is quite annoying, and I am not sure I remember all the changes when syncing was blocked.

    With regard to your data being in sync, 1Password shouldn't require you to edit each item that was created while you were offline. Instead, any action you take within an account, such as creating a new item, editing an item, moving an item, or locking and unlocking 1Password will cause it to try and sync with our servers. If you are online, any changes made in that account should now be synchronized. If you have multiple accounts, ensure they are all unlocked in the 1Password app, then lock and unlock again to force them all to sync up.

    If you have any reason to suspect differently, it would be best for us to troubleshoot this privately over email. See the end of this message for information on doing that.

    However, the more significant issue here is that if a 1Password account somehow goes to an IP address that is not allowed by the firewall, the app should be logged out and locked immediately.

    Your understanding of the firewall feature in 1Password business is correct, and I can see why the behavior is confusing. At this time, 1Password is designed to work even if you are offline, by keeping a local cache of your data stored on your device. The data is encrypted by your account password and Secret Key, plus any other device level protection you have. This is great if you find yourself in an internet dead zone, or on an airplane with overpriced wifi, but complicates matters with the firewall and blocked IP addresses. As far as the 1Password apps can tell, you are offline and unable to reach our servers, and there is no backdoor mechanism telling the 1Password app to wipe your data from your device.

    The situation where this could be an issue is if someone gets your computer and can log in; if they do so from an IP address that is not in the firewall, they should not be able to see existing synced items from 1Password, even if they can somehow arrange to get your password for the 1Password App.

    I'd like to learn more about your use case for traveling with 1Password and connecting from areas that are blocked by the account firewall. The team is always interested in learning new use cases we might not have considered, and about the security measures you'd like to have in place. For example, do you think its enough to block 1Password from working offline, but still keep the local cache of data? Would you prefer there be a mechanism to detect when a client is blocked by the 1Password firewall have the local cache self destruct?

    If you'd prefer to discuss either of these topics over email, send a message to support@1password.com and mention this forum thread, or reply here and let me know to email you. For security purposes, don't post your email address on our community site.

This discussion has been closed.