1Password chrome extension keeps getting locked because an update is available

2

Comments

  • Dieulot
    Dieulot
    Community Member

    Ended up on that topic while googling what’s causing this behavior.

    Here’s a different piece of feedback: I actually like that 1Password alerts me that my browser has an update, which generally means that the version I’m using has publicly-known security holes. It’s a nice little bonus feature.

  • Thanks @Dieulot, it's great that you are staying up to date with modern technology and security practices.

  • valeriec0
    valeriec0
    Community Member

    Hello @steph.giles I'm having the same issue as the OP and @pluhin could you please link to the fix that you published for the issue where 1Password couldn't connect to the browser? Thank you!

  • Hey @valeriec0,

    Can you start by confirming which version of 1Password and 1Password in your browser you have installed?

    If you are on the latest versions then you could be running into a different issue. Are you seeing an error message at all?

    Any information on the behaviour you're experiencing would be really useful.

  • valeriec0
    valeriec0
    Community Member

    Thank you @steph.giles !
    I'm using a macbook pro and I have 1Password for Mac 8.9.13 (80913040) installed. I'm using Google Chrome Version 109.0.5414.87 and 1Password extension Version 2.5.1

    When trying to use the extension in my chrome browser, I see a message that I need to update Chrome. Even though I've already updated Chrome and restarted Chrome to install the update. This happens whether I'm logged into the desktop app or not.

    I use 1Password for personal passwords and have an account I use for work, and when this happens, I have to log into both separately every hour or so to use passwords and it becomes frustrating. It looks like I don't have the option to open the browser extension with my fingerprint since the update and I can't find how to turn that back on since I've updated it.

    Here is the message I see when wanting to log into the browser extension:

  • Thanks for getting back to me @valeriec0,

    I'm sorry for the trouble, I think at this point it would be useful if we could take a closer look at some logs and what may be going wrong.

    I'd like to ask you to send over a console log from your browser as well as a diagnostics report:

    Please attach the reports to an email message addressed to support+forum@1password.com with a link to this thread.

    You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here. Thanks very much!

  • valeriec0
    valeriec0
    Community Member

    Thank you @steph.giles ! The support ID is [#GVR-62554-779]

  • paul.m_1p
    paul.m_1p
    1Password Alumni
    edited January 2023

    Thanks for posting that ID @valeriec0 - I can see we have an open conversation with our support, so we can continue the conversation there. 🙂

    ref: GVR-62554-779

  • scottbuscemi
    scottbuscemi
    Community Member

    Adding my +1 to this -- really would love the dev team to find a new solution to this. Chrome seems to update every few days.

  • Hey @scottbuscemi,

    If you are also running into this frequently could you please follow the steps above to send in a console log and a diagnostics report so our team can further investigate?

    Please attach the reports to an email message addressed to support+forum@1password.com with a link to this thread. Thank you!

  • dportela
    dportela
    Community Member
    edited April 2023

    This is still an issue for me. Latest Brave, latest 1Password, no Chrome installed, macOS. Chrome error appears when unlocking from browser and extension locks frequently.

  • Hey @dportela,

    I'm sorry for the disruption.

    I'd be interested to take a closer look, can you also please send the following:

    Please attach the reports to an email message addressed to support+forum@1password.com with a link to this thread.

  • jamesbull
    jamesbull
    Community Member

    I would also like to share my frustration. Chrome stable build updates seem to be happening more often than the two week schedule and its incredibly frustrating to be locked out of 1password as soon as an update becomes available. Can 1password please explore a workaround?

  • laffingleigh
    laffingleigh
    Community Member

    I would also like to say I'm having this same issue. It's happening enough now that I searched to find this thread. My browser does not show needing to be updated, but I'm getting that message: "Chrome has an update available. Restart Chrome to install the update and reconnect with 1Password."

    _Possible clue: _I have noticed that the browser eventually seems to need to be updated later, but it seems to require a password before Chrome lets me know to update.

  • GabeBrady
    GabeBrady
    Community Member
    edited May 2023

    Adding my frustration to this pile. The whole value prop of 1Password is that it's actually easier to use 1Password than stick post-it notes around your monitor screen with your passwords on them. There comes a point where it's a tradeoff between hardened security against exceptionally advanced threat actors and pushing people to shadow IT with a terrible UX making them vulnerable to more frequent but less sophisticated attacks. It's not an easy trade off and I understand the security rationale here but something needs to be done about the UX or admins are just going to find 1Password stops solving the shadow IT problem. It's a tough balancing act but 1Password has the best people in the world when it comes to brains to solve this problem. Here's to hoping you do better on this one. Successful admin requires carrots and sticks.

    Sincerely, an admin at an ~80 person company.

    NB: for anyone struggling with this 'chrome://restart' is a very useful command!

  • Hey @jamesbull, @laffingleigh, @GabeBrady,

    I'm so sorry for the delayed response.

    Just so I can try to better understand what may be happening can you let me know are you leaving your Chrome browser open for extended periods of time? As you say a restart improves things it would be good to try and pinpoint exactly when things go wrong.

    If you experience the behaviour again can you send over the logs as requested here

    Apologies for the disruption!

  • jamesbull
    jamesbull
    Community Member

    @steph.giles I don't think there is anything going "wrong", per se. It's just a crummy user experience that we have to manually enter our 1Password password every time we need a website password once chrome requires an update.

  • Thanks for getting back to me @jamesbull, the reason your password is required is because when this happens the connection between 1Password in your browser and your 1Password app is lost.

    This shouldn't be happening frequently though and a simple restart should get things back on track. If this is proving to be really troublesome I'd be happy to take a look to see if there is a deeper issue.

  • jamesbull
    jamesbull
    Community Member
    edited May 2023

    Yes. I've read the thread and understand why it works that way. It still doesn't change the fact that its a terrible user experience.

    When you say "frequently", what do you mean by that? Chrome pushes an update every two weeks. That's frequent to me.

    Here's my scenario:

    I have hundreds of browser tabs open, spread across 12+ browser groups in 12+ browser windows. Restarting Chrome is a time consuming and fragile process, as Chrome doesn't always restore the tabs back properly. Therefore, I delay updating Chrome until I have 30+ minutes in my day to make sure my browser is back the way it needs to be.

    Sometimes this means that I delay restarting Chrome. Unknowingly to me, that delay might be only 2 days before another Chrome update gets pushed. Therefore, the frequency of having to restart chrome because of an update, because of 1Password's dependency, could be within days of each other. Again, that's frequent to me, and incredibly disruptive to my day, and to my work.

    I would kindly ask that the 1Password dev's explore alternative solutions. It's painful.

  • GabeBrady
    GabeBrady
    Community Member
    edited May 2023

    @steph.giles @jamesbull has nailed the issue. Restarting Chrome is an ordeal. As an agency many of our customers are providing Google Accounts for our employees. The easiest way to manage these multiple Google Workspace accounts is to use multiple Chrome profiles. Users will frequently keep Chrome open for 3-4 weeks at a time with 5-6 Chrome profiles with 5-6 windows per profile with 20-30 tabs per window (yes, the machines are beefy and people are using tab suspension) and only restart when an OS Chrome when an OS update is pushed.

    People even take this a step further by using multiple virtual machines and then facing this problem with multiple instances of Chrome running on virtual machines all on one physical machine... Yes, this is probably not a common use case but you'd be surprised with software devs... Also, it would be almost impossible to measure if people are doing this, it's just going to look like one account being used on many machines...

    Additionally, people are using 5-6 1Password instances due to being given accounts on client 1Password instances. This experience has gotten way better so props on that 1Password. Still not there yet though... I'd still like to see an experience like Slack Connect for 1Password to make working with external businesses easier but I imagine that'd be amazingly difficult to do with a secure architecture... And it would lead to a significant reduction in paid user accounts for 1Password. Our employees can basically have 6 accounts, one paid for by us and 5 by clients....

    It's still painful using multiple 1Password instances though where those instances have unique passwords, I know 1Password will unlock all instances if they share the same master password and that because of the unique architecture of the 1Password Master Password password reuse doesn't have the same negative implications it does elsewhere... That still breaks most users brains though "oh, don't reuse passwords anywhere, it's really bad... Oh except the most important password you have, your 1Password Master Password, it's fine to reuse that... But remember, only as a Master Password on other 1Password instances...

    The irony (whilst technically sound) of 1Password deploying password reuse to solve a UX problem does not seem to have been lost on the community and was thoroughly discussed here: https://1password.community/discussion/comment/608291/#Comment_608291

    Realistically one should close out their browser and update it quickly to be as secure as possible. That's best practice. It's just not always realistic if it needs to be done weekly or daily.

    The current user experience feels like 1Password is getting opinionated about what people's update habits should be around other apps beyond 1Password. That feels like overreach and and a holier-than-thou attitude. It just leaves a bad taste.

    I don't think that's actually what's happening here, I think it is a genuine architecture of the browser extension/desktop app relationship but that won't matter to a user who doesn't care to understand the nuances of the architecture. They just see 1Password having opinions about how up to date their browser is and see functionality being restricted in order to force behaviour change and not monthly or quarterly, sometimes weekly or daily depending on how frequently Chrome updates rollout (which is not to their stated fortnightly schedule btw, that's an aspiration, it usually whenever something urgent needs patching).

    Imagine if Chrome started restricting access to Google Products if the browser was out of date and this happened daily or weekly... Yeah nah.

    1Password is a critical tool that gets used hundreds of time per day by our users.

    Using that power to force people to reboot other applications by restricting access to that tool and doing that multiple times per week (even if unintentionally) feels like negligence at best and abuse of power at worst.

    This is part of a broader issue for the tech industry (Google is going to face it with Chrome and their 'traffic light's update system in Chrome) which is that users will revolt if core applications start needing full restarts daily or multiple times per day. There is going to need to be a concerted architecture effort by most applications to enable live patching wherever possible and keep the requirements for full restarts to the absolute bare minimum.

    Applications that manage this engineering challenge will inherit the users of applications that choose to prioritise engineering ease over UX.

    What I'm saying is that 1Password have made architecture tradeoffs that cause a poor user experience, that's fine but I imagine 1Password is flying close to the sun on this and is getting to the point where they're crossing the line of what they can force users to do... I mean only 1Password have access to user churn data but if I had to guess, this sort of thing would be driving it up.

    It feels like a Steve Jobs moment is required where he comes in, says that he doesn't like the way the bounce animation works on iPhone scroll and holds the entire iPhone project until the bounce animation feels just right.

    Yeah it's a good damn engineering pain in the backside but it's what makes for iPhone level UX driven success.

    If 1Password wants that level of success, keep prioritising the UX. Keep refusing to ship product with a solid engineering solution but a bad UX.

    Don't ship until the engineering is genius and the UX is best in class.

    There are plenty of other password managers out there...

    Don't mess up your USP.

  • laffingleigh
    laffingleigh
    Community Member

    @steph.giles I've attached to this a screenshot that shows the issue. Chrome is not saying an update is required at this time, yet 1Password requires a password each time.

  • tomstock
    tomstock
    Community Member

    I've started encountering this issue today, for the first time ever.
    1Password for Desktop 8.10.8 NIGHTLY 81008004
    1Password for Chrome 2.11.1 BETA 21100100

  • laffingleigh
    laffingleigh
    Community Member

    @steph.giles Happening again today. No Chrome update visible, but requiring me to manually enter password.

  • Hey @laffingleigh, @tomstock,

    Please can you send over the following so our team can dig deeper and further assist with the issue at hand:

    Please attach the reports to an email message addressed to support+forum@1password.com with a link to this thread. Thank you!

  • tomstock
    tomstock
    Community Member

    This was resolved in one of the last few nightly builds. I'm not encountering this any more.

  • Thanks for the update @tomstock, let us know if there's anything else we can help with.

  • laffingleigh
    laffingleigh
    Community Member

    Happening right now. Just sent the email.

  • Do you have a support ID you can share @laffingleigh?

  • laffingleigh
    laffingleigh
    Community Member

    @steph.giles How do I find that out?

  • laffingleigh
    laffingleigh
    Community Member

    @steph.giles Still waiting on your response.

    It's happening right now again. Chrome doesn't say it needs an update but 1Password does. (Chrome does need an update when you dig into it, but I am just underlining the irritation we're all pointing out:

    Chrome has pushed out an update, hasn't alerted it's users, but still works as browser.
    1Password has identified an update, alerted it's users, but breaks immediately.

    Not a good user experience.