Teams and Businesses

Monitor sign-in attempts in 1Password Business

Learn how to review recently reported, blocked, and failed sign-in attempts.

With 1Password Business, you can use reports to monitor sign-in attempts, so you can analyze the effect of your security policies and take any action required to protect your team.

You can view reports if you’re an owner, administrator, or part of a group with the Manage Settings permission.

To review sign-in attempts, sign in to your account on 1Password.com, click Reports in the sidebar, and choose View report on the “Sign-in attempts” section under “Account activity”. The report shows sign-in attempts from the past 60 days if they:

  • Are blocked or reported by firewall rules.
  • Failed because the 1Password app is outdated.
  • Failed due to an incorrect 1Password account password, Secret Key, or second factor.

Failed unlock attempts in the 1Password apps aren’t reported.

View sign-in activity

To view sign-in activity from a specific location, pan and zoom the map so you can see it.

To view the details of a specific event, select it from the timeline.

Each event shows why a sign-in attempt was blocked, reported, or otherwise failed, and includes:

  • The date and time
  • The email address for the account
  • The operating system of the device
  • The IP address and location
The sign-in attempts report showing that two-factor authentication failed

Adjust your team policies

If a sign-in attempt looks suspicious, you can block it until you have time to investigate. Click Edit Access next to the location or IP address, then click Deny. You’ll see a new entry in your firewall rules.

If your team policies prevent your team members from signing in, you may need to adjust your firewall rules, two-factor authentication settings, or modern app requirements.

Learn more

Still need help?

If this article didn't answer your question, contact 1Password Support.

Published: