Teams and Businesses

Monitor sign-in attempts in 1Password Business

Learn how to use Advanced Protection to review recently reported, blocked, and failed sign-in attempts.

With 1Password Business, you can use Advanced Protection to monitor sign-in attempts, so you can analyze the effect of your security policies and take any action required to protect your team.

You can use Advanced Protection if you’re an owner, administrator, or part of a group with the Manage Settings permission.

To review sign-in attempts, sign in to your account on, click Reports in the sidebar, then click “View report” in the “Sign-in attempts” section. The report shows sign-in attempts from the past 60 days if they:

  • Are blocked or reported by firewall rules
  • Failed because the 1Password app is outdated
  • Failed due to an incorrect 1Password account password, Secret Key, or second factor

Failed unlock attempts performed on-device aren’t reported.

View sign-in activity

To view sign-in activity from a specific location, pan and zoom the map so you can see it.

To view the details of a specific event, select it from the timeline.

Each event shows why a sign-in attempt was blocked, reported, or otherwise failed, and includes:

  • The date and time
  • The email address for the account
  • The operating system of the device
  • The IP address and location
The sign-in attempts report showing that two-factor authentication failed

Adjust your security policies

If a sign-in attempt looks suspicious, you can block it until you have time to investigate. Click Edit Access next to the location or IP address, then click Deny. You’ll see a new entry in your firewall rules.

If your security policies prevent your team members from signing in, you may need to adjust your firewall rules, two-factor authentication settings, or modern app requirements.

Learn more

Still need help?

If this article didn't answer your question, contact 1Password Support.