Feature request: Secondary 1Password login

I'd like to put in a request to have a second way of logging into a separate vault from the 1Password login screen. Slightly similar to the "fake master password" suggestion, but not. I'll explain my use..

So at the moment, my absolute worst case scenario would be, being away from home / local area and losing all devices. No access to encrypted backups on usb drives or emergency kits. I could be on holiday and could be subject to a mugging, theft, missing luggage, device damage, whatever the reason that results having no trusted device on my person. At the moment I have a free bit warden account which has a fast mail alias as the username, not used anywhere else, and a separate master password to 1Password. In that account I have my 1Password secret key, emergency contacts and a payment method. The idea being, I could go to any public computer, access bit warden, note down on the old pen and paper my 1Password secret key (master password is committed to memory) and payment method, take that to a store and purchase a new trusted device. I can then safely login into 1Password using the new trusted device, and regain access to my entire digital life.

My 1Password wouldn't be at risk from the public computer use as, at most, a bad actor would only have my secret key, not my 1password email or 1Password master password. And the most they could do with the payment method is spend on the card and I would log it as fraud.

The setup I have now is absolutely fine, but it would be great if it could all be under the umbrella of 1Password. At the 1Password web login screen you would only have to enter your email and separate master password and it would bring up a vault with the information needed to buy and setup a new trusted device. No secret key required. Its similar concept to how Apple allow you to login to iCloud.com without 2FA in order to access "Find my".

An added extra would be great. Email and/ or app notification anytime the vault is accessed whether it's a trusted device or not. Which would allow you to change your 1Password secret key and secondary master password.

Maybe I'm going too deep, but you have to plan for the absolute worst case scenario right?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • Hey @chris55:

    Great question! While I can't promise anything, I have added your input as a feature request. In the meantime however, our recommendation would be to store an Emergency Kit, or even just your secret key, in a secure place, and using that to regain access to your 1Password account in the event you lost all of your devices in a situation like that.

    Thanks for your feedback here, and be sure to get in touch if you need anything in the future!

    Jack

    ref: IDEA-I-253

  • Ryan Parman
    Ryan Parman
    Community Member

    For me, this was what I used iCloud syncing for. Get a new phone, sign-in to iCloud, install 1P from the app store, and load-up my initial vault which only contained credentials for my 1P.com account.

  • I suppose a very similar thing to that could be accomplished by storing the Emergency Kit in iCloud Drive. 🙂

    Ben

  • Ryan Parman
    Ryan Parman
    Community Member

    I'm extremely salty about the removal of iCloud syncing (and I say that as a happy multi-year subscriber of 1Password for Families). The staunch unwillingness of the company to reconsider this regression in the face of widespread customer feedback to the contrary is very frustrating to me as a user who is adept at technology changes.

    If this regression is going to persist, then the Emergency Kit PDF stored in iCloud drive is probably the best alternate-but-not-as-good solution for getting back into an existing account on a new device.

    Now, for the next problem on this topic — the human mind.

    The human mind is the wrong tool to use for generating and/or storing passwords. In this day and age, security on the internet requires lots of randomness and uniqueness, while the human mind is far more comfortable with patterns and coalescing similar things together. As such, the only way to become reliably secure online is to remove the human mind from as much of the authentication equation as possible.

    I used to be able to have a simpler password for getting into local devices (something I was required to remember; “minimum viable memory”) and a dramatically more complex password for the web-facing 1Password.com (long, complex, unique). Now that they have to be the same (because of the removal of non-1P.com vaults), I've had to find a mid-way spot between the two levels of complexity with something that I can remember + is sufficiently complex.

    While Mac-based Touch ID and Apple Watch integration help with local authentication, they're not perfect (e.g., when Apple Watch goes into sleep focus after 10pm). While it's solvable by re-typing the password manually by memory, or using a static password stored on a YubiKey, it's still one more thing that makes the lack of non-1P.com vaults that much more frustrating to use.

    But it's easy to talk about myself, a person who is highly technical and experienced in cybersecurity. What's much more difficult is teaching my children, spouse, friends, and family how to take advantage of this product successfully without having my mom set her (now, web-facing) password to "hamburg3r" because it's the only thing she can manage to remember. Or my daughter with autism who also has limits in the complexity of passwords that she's capable of remembering for the one password she needs to be able to remember.

    Whereas the cybersecurity industry at-large has failed spectacularly at educating multiple generations of internet users, I'm asking you guys (who provide the best credential management software out there) to help some of us succeed in teaching and educating non-savvy users, so that we can help elevate their security posture that much more. Allow us to leverage a quality product, paired with UX psychology, applied with better education for the next (and perhaps some of the current) generations of internet users. Bring back some of the things that were removed in 1P8. Please. Empower me to be as successful in teaching others better password/authentication habits for the internet in 2022 with 1P8 as I was with 1P7.

    P.S.: Insight into the psychological angle of user-experience design, as it pertains to this specific issue:

  • Hey, @Ryan Parman. Thanks for sharing 1Password with your friends and loved ones. Folks like you play a huge role in helping non-technical users stay safe online.

    My understanding of your concern is that you expect your non-technical friends and family to use simple passwords like hamburg3r to unlock 1Password, rather than strong passwords like a generated passphrase. And so you set them up with a standalone vault in iCloud that they can unlock with that password, which then gives them access to their 1Password accounts. The risk of a weaker password is reduced because their iCloud vault is not publicly available on the web so someone would need to actually access their device to compromise their account. Is that summary correct?

    Assuming it is, I have what I think is good news for you, in multiple parts.

    First, we designed 1Password.com with this kind of concern in mind. We didn't want attackers to be able to just launch a password guessing attempt at anyone's account from the sign-in screen. That's part of the reason the Secret Key exists. It has essentially the same effect as your standalone iCloud vault: it's only available from your devices and it's required to sign in. Even if your account password was hamburg3r, no one who knew or guessed that would be able to access your account without having your Secret Key.

    Of course, if they could access your device, they could get a copy of your Secret Key, but they could also unlock your standalone iCloud vault. So these approaches are essentially equivalent.

    The second part to the good news is that 1Password actually does still sync with iCloud. It doesn't save a local vault there, but it does save a list of account information (including your Secret Key but not including your account password) you've used to sign in before. So when you go to set up a new device, 1Password will show you a list of the accounts saved in iCloud and let you sign in with just your account password, no Emergency Kit needed. Here's a screenshot of this in action with one of my test accounts:

    image

    This makes setting up a new device an absolute breeze. As long as you've signed in to iCloud, these accounts will be available to sign in with just your password. And this too is essentially the same security model as your standalone iCloud vault. The Secret Key is required to sign in so only someone with access to your iCloud account can sign in using your password.

    While we still recommend folks choose a strong unique password to protect their 1Password account, you can rest easy knowing that if someone chooses not to do so, their data is still just as secure as with standalone vaults.

    I hope that helps!

  • Ryan Parman
    Ryan Parman
    Community Member

    I'm still very salty about this removal. I'll book the flights and do the rounds to re-educate my family members who look to me for support.

    While we still recommend folks choose a strong unique password to protect their 1Password account, you can rest easy knowing that if someone chooses not to do so, their data is still just as secure as with standalone vaults.

    Saying "choose" in this case is like a movie where the bad guy says "you can choose to sign this contract, or I can shoot you in the face." It's not really a choice, even though it pretends to be one.

    It literally comes down (in a few cases) to impaired cognitive ability, and my work to help them bridge that gap. Yes, the secret key is entropy from a cryptographic perspective, but it's re-learning a new process for people who don't re-learn very well.

    The response from the company is not good enough, but it's probably the best I'm going to get. I'll have to make do.

  • It literally comes down (in a few cases) to impaired cognitive ability

    I'm very sorry to have implied that they should "just do better". I understand that there are many folks who are faced with "do this complex thing to stay secure" or "no security for you". I hope you can see that we're trying to narrow that gap with the changes we're making.

    Landing on a setup screen that offers people choices like iCloud, Dropbox, and WLAN sync is much more confusing than a screen that says "Here's an account you've signed in to before. Would you like to sign in to that account?" I've personally supported customers here for years (as well as my family members 🙂), so I understand the pain on both sides when tech is confusing. Given our dedication to customer support, making things more confusing would not be in our best interest. Rather we've found that this simplification has made our customers' lives much easier in the end, even if it created a road bump along the way.

    That said, we're not done, and we'll continue to work on making it even simpler for folks to up their security, and we're always looking for new ideas.

    it's re-learning a new process for people who don't re-learn very well

    I'm afraid I'm not following at this point. The only difference we've been talking about is when setting up the app for the first time. Once that's done, you can continue unlocking 1Password the same way as before. There's no new process day to day.

    The response from the company is not good enough, but it's probably the best I'm going to get. I'll have to make do.

    I'm sorry I wasn't able to brighten your day. ❤️ If there's anything else I can do to help, let me know.

  • Ryan Parman
    Ryan Parman
    Community Member

    I appreciate your attempts to improve this experience. Genuinely.

  • ❤️

This discussion has been closed.