Account recovery issue - deauthorised device blocking account recovery

Options
ClarionDPO
ClarionDPO
Community Member
edited April 4 in Business and Teams

We have a user that we have had to recover their account as they have a new PC and did not know their secret key.

When we went through the recovery process we got to the point where the admin confirmed the recovery and the user went to log in from the link in the confirmation email.

They got the login page where the secret key was present and they put in their password but when they submitted the page (rather than take them to the MFA setup stage) refreshed to a new login page but asked for the secret key (which we did not have access to) and gave a error saying...

"This device was deauthorised. You will need to re-enter your secret key and sign in again"

Obviously this is not possible as we dont have their secret key and this is a new device so should not be deauthorised anyway!

How do we fix this? and why is it happening to only one user?

We have cleared all browser cookies in edge and chrome and tried the process in both browsers and had the same outcome.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • ag_tommy
    ag_tommy
    Options

    @ClarionDPO

    To avoid sharing your account information here, can you send us an email to support@1password.com from your account's registered email address, so we can continue the conversation there? We're unable to access those details here in the community.

  • ClarionDPO
    ClarionDPO
    Community Member
    Options

    I have submitted a ticket

  • ag_tommy
    ag_tommy
    Options

    Thank you very much. Someone from the team will be in touch as soon as possible.

    ref: QND-63493-581

  • ClarionDPO
    ClarionDPO
    Community Member
    Options

    Solution: For anyone experiencing this same problem the issue seemed to be with the user's corporate security settings in the browser (which one I've not worked out) that was basically trashing the cookie with the secret key as soon as you press login.

    We got around this by using the private browser tab, copying the start recovery link from the first email into the private browser and going on from there.

    Making sure the desktop app was installed and authorised before closing the private browser meant that ongoing access to the security key was now possible via the desktop app.

  • ag_tommy
    ag_tommy
    Options

    @ClarionDPO

    Thank you for sharing with the community.