Secondary password after Touch ID
Not sure where to ask AgileBits but is there any plans on adding a secondary (short) password after Touch ID such as a PIN?
This way, it makes accessing 1password with Touch ID faster than entering the entire long password but with the peace of mind that someone can't access it by using your thumb while you're asleep etc.
Sorry if this was already asked elsewhere. Hope this can be a feature in an upcoming release.
Comments
-
Hi @chumtarou,
Thanks for the feedback! :) Our developers may bring back the PIN Code option in 1Password on devices with Touch ID, but I believe it would be an alternative to unlocking the app with Touch ID, not in addition to it. Are you asking to be able to use both Touch ID and a PIN to unlock 1Password? In your example, it seems like just the PIN code option alone would prevent someone from using your thumb while you're asleep.
0 -
Hi Drew, Thanks for your feedback. I was thinking of it as an addition to Touch ID and required after the touch id was accepted. This way, I have security where the device requires my personal input (touch id) as well as to know the pin code. I imagine 3 stages: x minutes and touch is only required. y minutes and touch + pin is required. z minutes and full password is required.
0 -
Hi @chumtarou, thanks for clarifying! I can't make any promises, but I can certainly let our developers know about your request.
If you need anything else, please let us know. :)
0 -
Thanks Drew, Appreciate the opportunity in presenting the request and thanks for reading.
Really hope to avoid incidents like this: http://www.tapscape.com/touch-id-hacked-daddy-slept/
The timed password requirement is great, but having an option to always require a PIN at all/most times gives me that extra confidence with all my passwords.
I've felt Apple would add something like this in their next version once people get used to Touch ID. Otherwise, more stories like this is bound to tarnish the Touch ID feature.
0 -
Hi @chumtarou,
I've noticed a few other customers have also mentioned articles like that, so you're certainly not alone. Hopefully we'll be able to bring back the PIN code option on Touch ID devices sometime soon.
In the meantime, something that might be helpful for you is the "Lock Now" option in 1Password (under Settings > Security). Even if Touch ID is enabled, the "Lock Now" option locks 1Password and requires the Master Password the next time you unlock it. Similarly, if you open 1Password and tap Cancel instead of unlocking with Touch ID, it will require the Master Password. If you do that before going to sleep, you won't need to worry about someone else using your finger to unlock 1Password.
0 -
If you do that before going to sleep, you won't need to worry about someone else using your finger to unlock 1Password.
Hi, Drew_AG, thank you for your reply. The problem I see with your quote above is that typically one does not know in advance that their phone will be "borrowed" by some else. And if one clicks Cancel every time, the Touch ID (or PIN) might as well not be used at all.
I would like to see user selectable time period for Touch ID / PIN timeout, after which Master Password must be entered, similar to the way it was done in earlier version.
The scenario described in another threat seems very easy to follow:
Observe Device PIN (specially simple 4 digit one).
Borrow the device without owner's knowledge.
Use known PIN to add your fingerprint to the Device.
Use this to unlock 1P5 on the first attempt.
Alternatively, try to use same Device PIN on 1P5.
Another option, if 1P5 has access to that information, is to require each new fingerprint to enter Master Password the first time it is used. But I believe I read elsewhere that 1P5 only gets Yes/No answer form iOS and does not handle the fingerprints directly. So this might not be possible.
Thank you
0 -
Hi @Fairgame,
Thanks for your feedback! To address a few of your concerns:
The problem I see with your quote above is that typically one does not know in advance that their phone will be "borrowed" by some else.
My advice in that message was specifically to prevent someone from using your thumb to unlock 1Password while you sleep. Having your device stolen is a different scenario.
And if one clicks Cancel every time, the Touch ID (or PIN) might as well not be used at all.
I'm not sure why you would tap Cancel every time? My advice was to do that before going to sleep, if you're worried someone would try to use your thumb to unlock it during that time.
I would like to see user selectable time period for Touch ID / PIN timeout, after which Master Password must be entered, similar to the way it was done in earlier version.
I can certainly send your feedback to our developers. Thanks!
The scenario described in another threat seems very easy to follow:
Observe Device PIN (specially simple 4 digit one).
Borrow the device without owner's knowledge.
Use known PIN to add your fingerprint to the Device.
To prevent that, don't use a simple 4-digit device PIN code. In the Settings app, go to the Passcode Lock settings and turn off the option for Simple Passcode. You can choose a more complex alpha-numeric passcode instead.
Another option, if 1P5 has access to that information, is to require each new fingerprint to enter Master Password the first time it is used. But I believe I read elsewhere that 1P5 only gets Yes/No answer form iOS and does not handle the fingerprints directly. So this might not be possible.
That's correct.
For more information, you may want to take a look at Apple's article on Touch ID security. We have some information about the Touch ID option in 1Password in our own Touch ID FAQ.
If you need anything else, we're here for you! :)
0 -
1P5 only gets Yes/No answer form iOS and does not handle the fingerprints directly.
That was my understanding also.
0 -
Thanks Drew, I agree, I extrapolated your advise from while sleeping to protect the phone when stolen. Sorry about that and thank you for the Touch ID article.
Also, I grew to like PIN and/or Touch ID to unlock 1P5. Very easy to use, and fairly secure in combination with your suggestions for PIN code.
However, I believe I would still use second timeout for PIN/Touch ID if it became available.
Regards
0 -
Thanks for the feedback. :)
0 -
I, too, would like to see a return of the separate Master Password timeout that was present at the initial release of version 5--especially after the recent Virginia ruling that one can be compelled to unlock a fingerprint lock. Passwords (for now) seem to have more legal protection at this time. I realize that disabling TouchID completely on the phone is the obvious solution, but having the secondary timeout gains a lot convenience.
0 -
Unfortunately we were never able to make that option work reliably, but if things change it is certainly something we can re-evaluate.
0 -
I absolutely agree with chumtarou here!
I would also be very happy to have the option to configure a second step e.g. 4-digit PIN that will be prompted after successfully authenticating myself using TouchID. Call me crazy, but if someone really pulls my print from the phone and manages to bypass TouchID - the last thing I would want him to be able to do, is just opening 1Password and gaining access to every single online account I use!
I am actually a bit surprised that this feature wasn't considered a must-have-feature by your product design team. At first I thought that this was a oversight, maybe because the 5.0 release was rushed out the door, but since a lot of time has passed since 5.0, I really think I'll have to help convincing you here! ;)
Of course this PIN code step should only allow a maximum number of tries before reverting to master-password-only mode.
Maybe this feature isn't even that important for people like myself, but you should also think about higher-value targets like celebs, CEOs or any other high-profile public figures. Opting-out of TouchID just because this feature isn't there, should not be considered a valid solution. In the end, this might actually just lead people to change their master-password to one, that is easier to enter using the iPhone keyboard, which doesn't contribute to a better level of security either.
So - long story short: Please just add this feature and I'll be happy!
0 -
Hi Drew,
Similarly, if you open 1Password and tap Cancel instead of unlocking with Touch ID, it will require the Master Password. If you do that before going to sleep, you won't need to worry about someone else using your finger to unlock 1Password.
It appears that hitting cancel now crashes 1Password and does not allow me to remove the remembered touch id. When relaunching 1password, it still allows me to enter touchid after the crash. The only way to removed the last touch is to either restart or go into 1password settings > security > and hit 'lock now. Quitting 1passord (with double tap of home and swiping up) does not reset the touch id request.
(This means that if I were to share my phone (for whatever reason) and wanted to secure 1password completely, I need to restart my phone or go into the settings of 1password - at least for me at the moment...)
I'm wondering if you have progressed further on securing passwords while using touchid.
A pin after touch id (imho) may be the only way to secure your data from (lack of a better way of saying it...) unauthorized use of your fingerprint...
Keeping fingers crossed that your team can come up with a solution.
I would hate for someone's 1password to be broken into which, at the moment, touchid would be the Achilles heel to the entire security of 1password.
Why stop short of Apple's consumer level security when I believe 1password should be much higher than that for professional purposes.
UPDATE:
By tapping "enter password" it reverses touch id. This appears to work well for me to replace the 'cancel' button. Hope this helps others...
(edited above procedure on how to lock 1password manually in settings)
0 -
Pressing cancel doesn't actually crash 1Password. It closes the application, just as you'd most likely expect when you issue a cancel command. You're canceling your login attempt. As you say, if you want to force entering the master password, you tap that option. I'm reasonably sure that the format of that Toucj ID screen is controlled by iOS, not by 1Password.
The wording of that Apple Touch ID screen clearly causes some confusion!
0 -
Hi @chumtarou,
@hawkmoth is spot on with his response here. I believe it used to be that selecting the Cancel option in the Touch ID window (which is completely under Apple's control, we just make a request Touch ID request) would purge the encrypted Master Password from the iOS keychain which you shouldn't confuse with the iCloud Keychain. Now while we can't affect the Touch ID window at all, the behaviour of 1Password based on each of those options is under our control. The current behaviour was to better align with what we believe cancel was meant to mean. We were treating cancel as a Touch ID failure and it was argued that wasn't correct.
I wonder if this might be worth taking into the Lounge as more of a discussion over what represents the strongest way of securing a vault in a variety of situations.
0 -
Hi Hawkmoth and Littlebobbytables
Thanks for clarifying and defining the current use of the cancel button. And glad it's not a crash. Makes sense.
My comment was purely a response to Drew's earlier suggestion of using the cancel button to reset TouchID, which, as you pointed out has now changed.
I'm good now with the updated method of resetting touchid by pressing "enter password" instead - so it's good to know we can still lock 1password quickly without going into the settings when we need to quickly secure our phones.
Thanks for suggesting the lounge. I'll be sure to check that out.
UPDATE: I should add that tapping "enter password" to reset TouchID only works properly when done while opening the actual app. If you tap "enter password" while in Safari, TouchID is still remembered in the App.
0 -
Hi @chumtarou,
Now that does seem like a bug. Thank you for reporting that discovery. Forcing the use of the Master Password in the main app seems to force the extension but not vice versa. Unlocking the main app with Touch ID after telling the extension to demand the Master Password resets the extension to bring it in line with the main app. I'll make a report of this behaviour to pass onto the devs.
ref: OPI-2340
0
