Account key is not remembered when logging into 1PW with Firefox

A single user is continuously prompted for her email address, account key, and master password when logging into 1PW. She is only using Firefox (the latest version). She's also an admin. The site she is logging into is abramowitz.1password.com. She is able to login using other devices (ipad, other workstations, etc.) without being repeatedly prompted for her account key.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Windows 7
Sync Type: Not Provided
Referrer: forum-search:account key

Comments

  • Sounds like the browser is not caching (cookies not set) for that website.

  • nmottnmott 1Password Alumni

    @dcrooks I suspect that dixie_Tech is correct. Is Firefox set not to remember any information about the sign-in page? Did she by any chance check the box next to "This is a public or shared computer" when she signed on?

  • That's what I thought as well. I have checked Firefox but don't see anything to not retain temp files, cache, cookies, etc. "This is a public or shared computer" is not checked. I forget to inform you that this is being used within a Citrix environment. Other users within the environment don't have the same problem. I still plan to do some more digging within the Citrix environment. The main reason for the ticket was to see if there was anything within 1PW that I missed that would cause this issue. If the account key is simply cached by the browser then it's most likely something on my end.

  • khadkhad Social Choreographer

    Team Member

    @dcrooks,

    Yeah, it is stored locally. If the environment is reset every time, perhaps it is getting deleted…? Do let us know what you uncover. I'm curious what the cause ends up being.

  • I have the same problem with 1PW individual account using Safari. If i clear history, my account no longer recognizes that Safari is
    an authorized device. I then have to use the account key to sign in. In my profile it then shows another incidence of Safari as an
    authorized device. So are we expected to keep managing all these duplicate authorizations. Do they hold the IP address as the authorization. And why does this authorization information have to be kept in cookies?

    There are many valid security reasons for clearing history such as after accessing bank accounts, brokerage accounts mutual fund
    accounts etc. Additionally, most browsers will delete history after some time period.

    Why can't that authorization within the 1PW individual account recognize when an authorized device is accessing it?

  • JacobJacob

    Team Member

    Hi @teed! I actually responded to you via email this morning, so we'll keep the conversation going there for now. :)

    ref: QNR-55587-183

This discussion has been closed.