Two-Step authentication? [see post #4 followup]

Options
VxD
VxD
Community Member
edited June 2014 in Mac

Hi there,

I was wondering if there are plans in the future to introduce some kind of 2-step authentication process in case my 1Password database falls into the wrong hands.
Let's imagine the (unlikely) event where someone gets access to my iCloud account and manages to sync my vault, there is currently nothing which prevents her from bruteforcing my master password in the 1Password UI (or is there?)

Perhaps we could have a notion of "trusted devices", whose hash is stored inside the vault. If you try to open your vault on a trusted device, the password only is enough. If you try to open the vault on a new device, you will need to approve the device from another device which can already open the vault (a bit like Wi Fi Sync)
1Password could generate a fallback password to be printed by the user when activating 2-step authentication for the first time. When registering a new device, and no other device is available to validate the new device, the user could fallback to entering this password. You would only have 3 tries to enter this password, after that the device is blacklisted, a security alert is sent by mail, or some other clever mechanism to deactivate unauthorized access.

What do you think?

Comments

  • hawkmoth
    hawkmoth
    Community Member
    edited June 2014
    Options

    You might find this AgileBits blog post of interest. There is other discussion in the forums, but I'm not finding it at the moment.

  • VxD
    VxD
    Community Member
    Options

    Thanks, this blog post makes a lot of sense.

  • Jasper
    Jasper
    edited June 2014
    Options

    I'm glad to hear that the blog post helped! If you're interested in further information, please see this discussion:

    Multifactor Authentication

    Please let us know if you have any other questions. :)

This discussion has been closed.