1Password works everywhere you do. Easily sign in to sites, use suggested passwords, and find what you need. Everything is available at your fingertips.
I made this video to show how to enable 2fa on your GitLab account using 1Password.It also highlights a bug with the 1Password browser extension that prevent. 1Password is available for iOS and Android, and you can download a desktop version as well. 1Password provides two methods for adding an account. This process is called enrollment and we enroll a device for an account. We can either scan a QR code or enter a secret manually.
Get 1Password for:
If you’re using Safari, get to know 1Password for Safari.
Save a login
To save a login, enter your username and password. Then choose Save in 1Password.
To update an incorrect or incomplete login, make your changes, then choose Save in 1Password and click Update.
Fill logins and other items
To fill an item, click and choose it.
If 1Password suggests more than one item, you can use the arrow keys to select the one you want.
Or start typing to find it.
Use a suggested password
1Password suggests strong passwords when you’re changing a password or signing up for a new account.
To use a suggested password, click in a password field and choose Use Suggested Password.
Create a custom password
You can use the 1Password pop-up to create custom passwords. To open the pop-up, click in your browser’s toolbar.
To create a custom password, click and choose Password Generator.
Adjust the settings for your new password, then copy it to the clipboard or fill it on the page.
To see all the passwords you’ve created, click Generator History below the password generator.
Search 1Password
Searching is the fastest way to find what you need in 1Password.
To search in 1Password, open the pop-up and start typing.
To cancel the current search, clickor press Esc.
View and edit items
To view an item’s details, click it. Or use the arrow keys to select it.
To mark an item as a favorite, click .
To copy any field, click it.
To open the pop-up in a new window, click .
To show a field in large type, click to the right of it, then click Large.
To reveal a password, click to the right of it, then click Reveal. Or press Control-Option (or Ctrl + Alt) to reveal all passwords in the item details.
1password Authenticator App
To edit an item, click Edit. The item will open in a new tab, where you can add tags or custom fields, move it, or delete it.
Use drag and drop to fill in apps
To fill in an app, drag your login details from 1Password to it. For example, drag your password to the password field in the app.
You can also use drag and drop in your browser. Fill answers to security questions, membership numbers, and more.
Fill two-factor authentication codes
You can use 1Password as an authenticator for a site that supports two-factor authentication. First, find the site on 2fa.directory and follow the instructions to turn on two-factor authentication for the site.
When you see a QR code for 1Password to scan, click to scan it.
Switch accounts and vaults
To see a list of your accounts and vaults, click > Vaults.
To see everything, click All Vaults. To see only the items for a specific account or vault, click it.
To set which vaults are included when you view All Vaults, click next to All Vaults, then adjust the vaults under Accounts and Vaults.
Use Watchtower
Watchtower tells you about password breaches and other security problems on the websites you have saved in 1Password.
If any of your items require action, you’ll see an alert banner with more information at the top of the item in 1Password.
To get alerted when a website you have an account for is added to Watchtower, click > Settings. Then turn on “Watchtower alerts”.
Lock 1Password
When you’re done using 1Password in your browser, you can lock it. To lock 1Password, click > Lock 1Password.
1Password will automatically lock when:
- you quit the browser
- you don’t use your computer for a certain amount of time
- your computer sleeps
Manage your settings
To manage your settings, click > Settings. You’ll be able to:
- Change your auto-lock settings
- Check for vulnerable passwords
- Change the language
- Adjust the toolbar button appearance
- Change which item list 1Password opens with
- Allow notifications
- Set a keyboard shortcut to open the pop-up
- Adjust how 1Password behaves on web pages
- Add and remove accounts; adjust All Vaults
- Make 1Password the default password manager
Get help
If you don’t see the 1Password icon in your browser’s toolbar
If the 1Password icon is missing from your browser toolbar, you can customize the toolbar to make it visible.
1password Authenticator
If your browser’s built-in password manager is interfering with 1Password
If your browser’s built-in password manager is interfering with 1Password, you can turn it off. Click in your browser’s toolbar, then click > Settings, and turn on “Make 1Password the default password manager”.
If you use different passwords for additional 1Password accounts
When you unlock 1Password in your browser, only accounts using the same password are unlocked. To unlock an account that has a different password, lock 1Password, then unlock it using the password for that account.
To make sure you always have access to your 1Password accounts, use the same password for all of them. If you signed up for accounts with different passwords, you can change them.
Learn more
Besides using long, random passwords (and using a password manager to help you remember those passwords), one of the best ways is to secure your account with Two Factor Authentication (2FA).
Two factor authentication uses something you know (like a password) and something you uniquely have (like your iPhone). In most cases, when you use 2FA, after you log in, the site will send a six digit code to your cellphone. This code must be entered into the site before you can completely log into your account. Apple makes this easy by looking for these codes in Messages, and letting you quickly paste them into the field.
There’s two problems with this. The first, it assumes your cellphone number is uniquely yours and no one else will ever have it. Hackers have been known to trick cellphone carriers into moving your phone number to a device they control. Suddenly, they can use your phone number to take over various accounts.
The second is that it makes accounts hard to share. My bank uses 2FA, but my wife and I have to share the same account. When she logs in, she had to text me to get the 2FA code that’s sent to my phone.
There’s another and more secure way of using 2FA, this uses a time based algorithm to generate that 2FA code. In the old days, you would have a physical 2FA key that would display a new six digit code every 60 seconds. The algorithm used in this device was also used in the server. Thus, both you and the server knew the code. You would have the password (something you knew) and the physical key (something you have).
These physical keys are still around, but programs like Google Authenticator can now emulate these physical devices. If you download Google Authenticator, you can use 2FA without relying on SMS text messages.
I’ve been using 1Password almost since it came out. A few revisions ago, 1Password got the capability to be a 2FA key generator. One of the things I now notice is that 1Password warns me if a site uses 2FA, and I don’t have it setup. Sort of pushing me. It also has a type of field called One Use Password that I found out is for 2FA.
However, I didn’t use 1Password or app based 2FA because I worried it would be too complex, and I might end up locking myself out of my accounts. After all, Apple’s use of copying and pasting the SMS 2FA codes made using SMS based 2FA simple. I also worried I might lock myself out of my account if my 2FA didn’t work. Besides, these sites tell me I can use Google Authenticator. Can I use 1Password too?
It turns out that the algorithm to generate the 2FA time based codes is open source. You can use hundreds of authenticator apps. Plus, there was my bank account where my wife has to text me whenever she logs in.
I decided to try 1Password with its built in 2FA, and found an account that uses 2FA (according to 1Password), but isn’t that important.
I went into Security Settings and selected to enable 2FA. Immediately, I ran into an issue: I was supposed to scan in the barcode. How do I scan a barcode that is displayed on my iPhone with my iPhone. Do I need to do setups via my Mac, and then scan them into my iPhone?
Fear not! Below the QR Code was Can’t scan the barcode. Clicking there gave me a URL to paste into 1Password. I created a One-Time Password field, and pasted it in. Saving the entry in 1Password gave me a six digit countdown code that changed every 30 seconds.
The site asked me for this code, so it verified that it worked before setting 2FA on my account. Entering this code and my 2FA was setup. It was fairly simple. The most comple part of the process was determining where 2FA is set.
Using time based 2FA can’t be easier. When I am using Safari, 1Password automatically pastes the 2FA code into the correct field. 1Password also copies the 2FA code into the clipboard in case it wasn’t automatically pasted in to the field. And if all else fails, it’s not hard to bring up 1Password in the share sheet, and copy the 2FA code.
My only regret is that I didn’t do this earlier. Using 1Password with time based 2FA codes is easy to do and simple to implement. It adds extra security to your accounts without a lot of additional hassle. The hardest part of the process was trying to find the setting to setup 2FA for a particular site in the first place.
It’s actually even easier on the Mac. 1Password brings up a scanning screen for those QR Codes. When you create a One-Time Password field, a translucent window comes up, you place it over the QR Code, and 1Password automatically pastes it in for you.
2fa With 1password
If you’re not using 2FA, go to 1Password and look for all entries with a 2FA tag and set them up. This is especially true if this is a financial site.