To protect your privacy: email us with billing or account questions instead of posting here.

Is there a way to check if someone tried to access my 1password account over the internet?

josehime
josehime
Community Member

Dear sir/madam. Since one of my apps account was hacked last weekend, I am deeply concerned about my passwords security. One of my concerns is about someone trying to access my 1Password account using a browser (with my actual password or using brute force). So, I want to know if there is an access log to check who tried to access my 1Password account, when, from where, success/no success etc. Is it possible to get this info?

Sincerely yours,
José Luís


1Password Version: 7.2.4
Extension Version: 7.2.4
OS Version: OSX 10.13.6
Sync Type: Membership
Referrer: forum-search:Is there a way to check if someone tried to access my 1password account over the internet?

Comments

  • Hello @josehime,

    When you log into your account on my.1password.com you can see devices that have accessed your account on your profile page.

    From there you can determine if any of these are not your devices and deauthorize the device.

    Hopefully that helps. Please let us know if you need more info.

  • danco
    danco
    Volunteer Moderator

    I would add that access to your 1password account requires both the Secret Key and the Master Password. The Secret Key is long and random and is created for you when you set up the account. Anyone trying to access your account from anywhere other than you own devices would need both, which makes intruder access to your account extremely unlikely unlikely

  • josehime
    josehime
    Community Member

    Dear jin_dhaliwal and Danco, thank you for you prompt responses. Actually, I am currently running in "paranoic mode", so I want to ensure my data is safe. Both answers together make me feel much more comfortable, thank you! Regards.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Glad that helped! Also keep in mind that you'll receive an email notification for any new sign ins. But as others have noted, someone would need all of your account credentials -- some of which are unguessable -- in order to sign in, just as you do on a new device. Cheers! :)

  • josehime
    josehime
    Community Member

    The email notification is a very important feature. If someone gets access to my credentials - unlikely, but possible - that feature will be the track no one can hide. Great!

  • AGAlumB
    AGAlumB
    1Password Alumni

    Absolutely! :chuffed: :+1:

    And if you do ever lose control of your account credentials, you can change the Master Password, Secret Key, or both from your account's Profile page:

    https://start.1password.com/profile

    :sunglasses:

  • XIII
    XIII
    Community Member

    Since that email might be overlooked (or seen too late) I would appreciate a push notification in the mobile Apps (and maybe even make that a full 2FA implementation like Apple does for iCloud).

    For now I worked around that by forwarding these kinds of emails to Pushover to get a push notification anyway.

  • Thanks for the suggestion @XIII.

    Ben

  • DenalB
    DenalB
    Community Member
    edited January 2019

    "I would add that access to your 1password account requires both the Secret Key and the Master Password."
    May be you should activate additional 2FA for your 1PW account. So on new devices you have to enter the Master Password, the Secret Key and the number which is displayed in 3rd party 2FA app. I like all that stuff and that makes me feel more secure. :)

    "The email notification is a very important feature. If someone gets access to my credentials - unlikely, but possible - that feature will be the track no one can hide. Great!"
    Yes, that's a really great feature and number 4 after Master PW, Secret Key and 2FA. Very great!! ;)

  • Further information on what DenalB is talking about is available here:

    Turn on two-factor authentication for your 1Password account

    Ben

  • DenalB
    DenalB
    Community Member

    Thx @Ben ! :)

  • :+1:

    Ben

This discussion has been closed.