iPhone PIN after Face ID failure
Hello,
when I am on a website, 1Password suggests me to add directly my data using Face ID. I find this very good!
My problem here and it is also a weakness in security is that if my face is not recognized, the PIN code of my iPhone is requested and not the maser password. With other apps like online banking, if I fail, it is the PIN of the banking app that is requested and not the PIN code of the iPhone.
Since my iPhone PIN does not contain 16+ characters due to convenience, this is bad and someone who has my iPhone could get my passwords.
Can you change this?
1Password Version: 7.7.7
Extension Version: Not Provided
OS Version: iOS 14.7.1
Comments
-
Hi @ag_ana
I am not asked for the iPhone PIN in the 1Password app, but on websites where I click the option to have the username and password field automatically filled in by 1Password. Here 1Password asks for my Face ID. But if it fails, we are not asked for the maser password, but for my iPhone PIN.
Otherwise I have the PIN code option off in the settings.
0 -
If you open your iOS Settings app > Passwords > AutoFill Passwords, is 1Password the only entry enabled in that list?
Yes.
0 -
Hi @element
This is a consequence of using Apple's interface for Password AutoFill instead of our own. You can switch to the 1Password interface for Password AutoFill by selecting 1Password > Settings > Advanced > Security > "Always show lock screen for Password AutoFill" (enable this option). I hope that helps!
Ben
ref: dev/apple/issues#3345
0
