Windows Hello prompt comes up every time I unlock the vault using a password

Do the staff not answer in this forum ?

I have been having the same problem since 24h2 and it is driving me nuts - surely it should be fixed by now?

I'm also occasionally seeing cases where I have unlocked the browser plugin with windows hello and after a period of time when I return to 1password for windows, it is locked but expecting me to put the password in again (not showing the windows hello option to unlock).

Any chance this is being worked on, yet? There have been a few releases since Support confirmed the issue and it's still broken. I'm reminded every single time that I unlock the vault.

Thanks Dave, the links are helpful. They help illustrate the overlooked use case:

The authorization model for the 1Password SSH agent is built on the idea that you should be able to control which processes are allowed to use which private keys.

Alternatively, you should be able to control which applications are allowed to use which private keys, so that you don't have to re-auth every time you re-use the same application, as long as the vault is unlocked. If the vault is unlocked, the fact that I authorized the application to use the key Monday should be well enough for the application to re-use that same key Friday without reprompting me, even if I've rebooted the computer in between.

Here's the relevant part of the developer settings page:

The "Remember key approval" dropdown is missing a "forever" option.

Dunecat

Thank you for the reply. You can adjust your authorization options for SSH by using these steps: Get started with 1Password for SSH Developer - Adjust your authorization options

We have an explanation of the authorization model for the SSH agent here: About 1Password SSH Agent security Developer

-Dave

Hi again, and happy holidays.

Having to unlock again to use an SSH key at all, via any method, is an unnecessary hurdle and just makes life harder. Especially when a specific app is already approved to use them. E.g. I use VS Code and SSH keys to push to GitLab and yet 1Password treats it as a totally suspicious activity every single time. Bizarre. At least when I'm opening VS Code I'm sitting at a computer, whereas when 1Password is auto-launching I might be getting a cup of coffee and not sitting in front of the computer.

Dunecat

Thanks again for reporting the issue, when it's resolved you'll see it noted in our release notes: 1Password Releases

I want to use password to unlock the vault, except for when I'm using SSH keys, in which case I want to use Hello.

Out of curiosity, why don't you want to unlock 1Password using Windows Hello aside from when you use a SSH key?

-Dave

Thank you for the update, 1P_Dave ! I'm looking forward to the fix because I want to use password to unlock the vault, except for when I'm using SSH keys, in which case I want to use Hello. Unlocking with the password shouldn't trigger any change to the Windows Hello state, so it's frustrating in its current state, and I'm very happy to hear it will be fixed.

Dunecat

Thank you for the screenshot, I confirm that you're running into the known issue and I've added your report to the work item open for the issue. Hopefully this can be fixed in a future update to 1Password soon.

-Dave

ref: dev/core/core#33895

Hello Dunecat! 👋

I'm sorry that you're being prompted by Windows Hello after unlocking 1Password using your account password. It sounds like you're running into a known issue that our development team is aware of. So that I can confirm this, could you post a screenshot of the Windows Hello prompt that you see after unlocking 1Password using your account password?

I look forward to hearing from you. 🙂

-Dave

ref: dev/core/core#33895