Outgoing TCP connections by 1PasswordThumbs

edited February 2012 in 1Password 3 – 6 for Mac
I just upgraded to 3.8.15 (build 31267) and a background process called 1PasswordThumbs is now repeatedly trying to make outbound TCP connections to li134-36.members.linode.com and ips-208-67-212-187.ipslink.com. What are these for?

This did not happen with previous versions as far as I can recall.


  • khadkhad Social Choreographer

    Team Member
    edited February 2012
    Welcome to the forums, mwg. That's a good question. So good, in fact, that we took the time to include the answer in the User Guide. :D

    From the "Why is my outbound firewall reporting a connection from 1Password?" section:

    1Password for Mac does not ‘phone home’ to check on you. It does however make outbound connections for things you’ve asked it to do, and that are enabled by default.


    1Password can build helpful icons for quick recognition of web sites, and generate previews of the entire page for your saved Logins items. This can be controlled via the 1Password > Preferences Logins pane.

    The 1PasswordAgent is a background process for 1Password that kicks off another process called 1PasswordThumbs. It’s 1PasswordThumbs’ job to create a miniature thumbnail preview picture of the screen as you yourself would see it of any web page that you have saved as a Login in 1Password, including any backgrounds, images, etc. This thumbnail capability can be turned off in 1Password’s Preferences, but it’s perfectly expected that the 1PasswordAgent or 1PasswordThumbs process may “get the attention” of any outbound connection firewall software.

    The web page that you have saved a Login for also may refer to other in-line images. So for instance, when you go to http://agilebits.com...ducts/1Password the header image is pulled from http://aws.cachefly....header-v3-3.png and the thumbnail process will attempt to load that image also while building the thumbnail for the agilebits.com page.

    Your actual Login credentials are not being provided to generate these previews – they are as if you just visited the web page for the first time in a browser.

    The icons available in 1Password’s Shelves layout (View > Layout > Shelves) are also obtained through this same 1PasswordThumbs process.


    The most likely reason you did not see this in the previous version was that there was an issue with icon and thumbnail downloading which is now fixed in the current version. This behavior has been in 1Password for years, though, so I suspect you only recently started using 1Password since the issue that prevented downloading of these items was only recently introduced. As I said, it is now fixed (and enabled by default), but if you prefer to disable it, you can do so as described above. :)

    If we can be of further assistance, please let us know. We are always here to help!
  • Thank you!
  • khadkhad Social Choreographer

    Team Member
    No problem at all. :)

    Enjoy the rest of your weekend!
  • Follow up question. 1PasswordThumbs wants to connect to api.demandbase.com and ajax.googleapis.com. What are these for?
  • khadkhad Social Choreographer

    Team Member
    Welcome to the forums, Andrew. Please [re]read my post above and the section of the User Guide to which I linked:

    Why is my outbound firewall reporting a connection from 1Password?

    The thumbnail downloader just loads the URL that you saved in the Login item. It is the same as loading the page in your web browser and then taking a screenshot. It is just done in an automated fashion by 1Password if you have thumbnail previews enabled.

    DemandBase looks like some kind of marketing site loaded by the login page of a site for which you saved a Login in 1Password.

    The Google domain hosts AJAX APIs provided to developers by Google.

    Again, 1Password has nothing to do with those servers. They are just loaded because you saved a Login for a site which uses those services. You will need to contact the site directly for more details.
This discussion has been closed.