Lockout after several unsuccessful master password attempts
Hi
I'm considering purchasing 1Password for my iPad/iPhone and am of course concerned about security. Just wondering if there has ever been any thought about further protecting data on lost/stolen devices by incorporating a measure whereby 1Password locks - either permanently, or until a license renewal or new sync - after a specified number of unsuccessful master password entries, say 3 or 5 or 7 or so failed attempts. Seems to me like that would be a good feature to build in and provide as an update option for existing 1Password licenses. Feedback appreciated.
Comments
-
It's been thought about but rejected. Too many risks of losing all one's data.
If you have more than one device, Find My iPhone will enable you to lock (or even erase) the whole device if it is stolen.
0 -
Hi @jim250,
danco is correct. The risk of people getting locked out of their data is significant. And if you use a good master password, the risk of someone brute forcing their way in is miniscule. Simply put, if someone uses the app to try to guess your password, there simply wouldn't be enough time to try all the combinations. And if they had your vault file, they could use their own tool that wouldn't apply any locks. It's better to choose a good master password and allow the secure design of the vault format to protect your data.
Tips on choosing a good master password can be found here.
I don't know your level of security knowledge, but information on the security used in our vault can be found here.
0
