Cannot use PIN code on device without passcode after upgrading to iOS 8
I'm trying to improve the security for someone who has been using simple identical passwords for multiple sites. I bought 1Password 4 on iOS 7 for this person and set it up to use a pincode and never ask for the 1Password vault password. This worked fine on an iPad without a passcode. I understand that this is not the best security, but I think it is an improvement to the old situation, similar to the advice of security experts that say that using and writing down all unique & complicated passwords on a piece of paper at home is safer than reusing a single simple password online.
However, now that I upgraded the iPad to iOS 8 this no longer works. 1Password requires a device passcode to enable a PIN code in 1Password. I guess this has to do with the improved "WhenUnlocked" security for storing the 1Password vault password in the iOS keychain. I understand that this is best security (for the majority of 1Password users), but I'm certain that a device passcode is too cumbersome for this person. 1Password will most likely not be used then...
Any chance of allowing a 1Password PIN code without a device passcode in a future update? (perhaps after confirming the consequences)
Comments
-
I am experiencing the same issue after updating both iOS and 1Password. It's very inconvenient to have to enter my whole master password, which is quite long. In iOS 7, I had no issue authenticating with only the pin code on my phone. I'm using an iPhone 5.
0 -
My iPhone 5s has a passcode but the PIN is not available to me (not even in the security settings).
0 -
Apparently, devices that have Touch ID available don't get an option to use a PIN. The fingerprint is more secure, of course, but perhaps you want to be able to give the PIN to someone else? That would the only reason I could think of to prefer a PIN over Touch ID. But that's just me. I can't speak for the developers' choice on this.
0 -
In my case it's an iPad, so no Touch ID (yet?).
0 -
Weird. I have a PIN set on my iPad.
0 -
I'm going to ask @jpgoldberg to chime in here on the hypothetical security implications of using a 1Password PIN without a device PIN. Thanks!
0 -
bwoodruff - I think you are missing the point. In my case I have a passod set on my iPhone but I don not get the PIN option in the settings menu. Is this how it is supposed to be or is this a bug?
Thanks0 -
First of all, XIII - thanks so much for trying to improve the security of those around you!
At this time, you do need to have a device passcode enabled on your device in order to have access to the PIN code or TouchID. This is done as a security precaution: If you do not have a device passcode set and wish to use the PIN code for example, that would mean anyone who got access to your device was just 4 digits away from your 1Password data. And 4 digits is just not that secure.
That being said, I'd be more than happy to pass your thoughts along to our developers. Security is always a process, not a destination, and settings can always be changed. :)
Hi @jebr,
There are instructions on how to set up TouchID in our User Guide. If you do not have TouchID on your device, you should see an option for a PIN code instead. Are you seeing something different on your device?
0 -
I am using a device password. I could try removing my device password and re-applying it, I guess. 1Password needs to be explicit that it won't work as expected for PIN codes unless the device itself is secured by a password.
Also, I have found that changing the "demand password" timeout from 30 days to 48 hours temporarily kept it from asking for my password unnecessarily.
Also, the PIN entry screen that resembles the one on the lock screen is wrong...the button press highlighting and fading animations are wrong. They're much shorter than the lock screen. If it has to be the full screen pin entry, please fix the animation. If it were my choice, I would want the keypad that comes up, for instance, when adding a phone number to a contact in Contacts.
0 -
Hi Megan, yes, please pass my thoughts along. I think the "write all unique passwords down" analogy is why I still prefer this option for that person.
In fact 4 digits is still better than a piece of paper with no protection... (as the iPad almost never leaves the house, like that piece of paper)
0 -
Hi @Rikki,
Please see the link in my comment above about setting up TouchID. I'm wondering if you and XIII might be talking about different things here, since he is hoping to access 1Password via a PIN without a device passcode, and you do have a device passcode enabled. You may also want to have a read-through of our TouchID FAQ. It is important to note that you will need to enable the 'Use iOS keychain' option in Settings > Advanced in order to get a reliable experience out of your PIN code/TouchID.
Hi @XIII,
Consider your thoughts passed on. :) You're certainly right - 4 digits trumps a piece of paper indeed.
0 -
Thanks.
0 -
I use iPad without touchid but still prompted for master password each time despite having pin code activated. I do not want to use master password each time, what's wrong?
0 -
Hi @JonasB,
We'll need to know a little bit more about your settings to know what's going wrong. :) Please do check out the the TouchID FAQ and the guide on how to set up TouchID ... although they both have 'TouchID' in the title, the same settings will apply for your PIN code as well.
I hope this helps, but if you're still not seeing the behaviour you expect, please give us a bit more detail on what you are seeing and we'll go from there! :)
0 -
I had the same problem after updating to iOS 8 and 1Password 5.
PIN enabled on my iOS device, Master password setup to be requested after 30 days, Request PIN After 2 minutes, "Use iOS Keychain" in advanced settings set to On.
Exact same settings on iPad and iPhone, but when opening 1Password on iPhone I always had to enter both PIN and Master password (this was not the case on iPad, where I only had to enter PIN).
Solved by removing 1Password on iPhone and re-installing from App Store. PS. don't forget to do a backup of your vault if you remove 1Password. I didn't have to do this because I sync with Dropbox, but better safe than sorry...
Sorry if my english is not that good, from Sweden...
off-topic, just found out about share button in Safari where you get access to 1Password and automatic login, amazing!! :)
0 -
Thanks so much for sharing your fix steps here! Your English is a lot better than my Swedish ;)
I'm also thrilled that you're enjoying the 1Password extension in Safari - that's one of my favourite new features too.
0
