Risks of disabling auto-lock?

TooSlimSam
TooSlimSam
Community Member

I have all auto-lock options disabled for 1Password on our Mac, and would like to understand better what risks this might involve. 1Password may be unlocked for an extended period when the Mac is sleeping, or when my wife has switched to her account, and I only need to enter my master password when logging in for the first time after a reboot. I'm trusting these precautions to protect me:

  • A strong login password
  • File Vault
  • Screen lock enabled on sleep or after a short idle time

What risks might might I be overlooking? In particular, would locking 1Password more frequently provide some protection if our Mac were infected with malware?

I use similar auto-lock settings on my iPhone, perhaps with similar risks.

Thanks in advance for any insights.


1Password Version: 7.8
Extension Version: 7.8
OS Version: MacOS 10.15.7
Sync Type: 1Password for Families

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @TooSlimSam!

    I think locking 1Password a bit more often would indeed help in case of malware: when 1Password is unlocked, your 1Password data is decrypted until it is unlocked. If you lock it, your data is encrypted again, so this would protect you a bit in case you had malware on the machine.

  • TooSlimSam
    TooSlimSam
    Community Member

    Thanks, I was think along the same lines. But on the other hand, I'm wondering how much difference this is likely to make in practice, and if it's worth the extra trouble of frequently unlocking 1Password. Is malware likely to do more mischief if 1Password is unlocked for 24 hours rather than just 30 minutes?

  • ag_ana
    ag_ana
    1Password Alumni

    @TooSlimSam:

    That is probably something subjective, and something only you can decide. I have my 1Password set to lock often because at the end of the day with biometric unlock, it doesn't take long to unlock the app for me, so I prefer to remove a worry altogether :)

  • TooSlimSam
    TooSlimSam
    Community Member

    Thank you, that makes sense.

  • ag_ana
    ag_ana
    1Password Alumni

    You are welcome :)

This discussion has been closed.