To protect your privacy: email us with billing or account questions instead of posting here.

Feature request: Deny devices from accessing your account based on its MAC address

Paulbgillen
Paulbgillen
Community Member
edited November 2023 in Memberships

Hi,

This is my first feature request and I think it's a pretty good one ☺️ It would be great to have the ability to have a 'whitelist' & 'blacklist' of devices based on its MAC address or S/Ns. Like for instance, you could have your main devices (laptop, phone & tablet, for example), as so-called 'trusted devices' and then if a new device tries to log into your 1Password account, it'll get denied and you'd have to log into one of those trusted devices to add the new devices to either a blacklist or whitelist.

I thought of this feature because I was thinking of port security on Cisco routers.... Specifically, so-called sticky MAC addresses.

I hope my feature request gets implemented, in a future update.

Thank you,
Paul

1Password Version: 8
Extension Version: Not Provided
OS Version: Android
Browser: Not Provided

Comments

  • 9elsen
    9elsen
    Community Member

    Is this not already solved, this is what the login and access features does?

  • ajh0912
    ajh0912
    Community Member

    I don't think 1Password would implement this, specifically due to the fact that MAC addresses are not guaranteed to be unique, are very easy to find if you are on the same network as a device, and are specifically a L2 concept in networking. Once passed through a L3 router, MAC addresses of the original devices are stripped. So visiting 1Password.com to sign in there, they would not know the MAC address of your device, because that does not get sent over the internet. And your browser does not give out the MAC address of your device to websites. Same goes for serial numbers, a website cannot ask your device for its serial number.

    (In addition, devices have multiple MAC addresses - WiFi, ethernet, bluetooth, USB to ethernet adapters, docks)

    Now for the native applications for each platform, it would be possible (although maybe not for iOS?) for it to query your device for that information.

    I think the best option to implement something with a similar goal, would be to have an 'account registration approval lock'. Once this feature is enabled, no further new account sign-ins can occur until the new session is approved by a device that is already signed into your 1Password account. This would be an alternative to the existing 2FA process, or in addition to it. But I doubt this would be implemented as the existing 2FA process should already provide enough security.

This discussion has been closed.