With 1Password Business, you can use Advanced Protection to monitor sign-in attempts, so you can analyze the effect of your security policies and take any action required to protect your team.
You can use Advanced Protection if you’re an owner, administrator, or part of a group with the Manage Settings permission.

To review sign-in attempts, sign in to your account on 1Password.com, click Reports in the sidebar, then click “View report” in the “Sign-in attempts” section. The report shows sign-in attempts from the past 60 days if they:
- Are blocked or reported by firewall rules
- Failed because the 1Password app is outdated
- Failed due to an incorrect 1Password account password, Secret Key, or second factor
Failed unlock attempts performed on-device aren’t reported.
View sign-in activity
To view sign-in activity from a specific location, pan and zoom the map so you can see it.
To view the details of a specific event, select it from the timeline.
Each event shows why a sign-in attempt was blocked, reported, or otherwise failed, and includes:
- The date and time
- The email address for the account
- The operating system of the device
- The IP address and location

Adjust your security policies
If a sign-in attempt looks suspicious, you can block it until you have time to investigate. Click next to the location or IP address, then click Deny. You’ll see a new entry in your firewall rules.
If your security policies prevent your team members from signing in, you may need to adjust your firewall rules, two-factor authentication settings, or modern app requirements.