Safety
Will there be an option in the future to erase all data if anyone will try to open the program with a wrong password (Lets say after three attempts)?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @stefan_knudsen,
I could certainly place such a feature request but I would be hesitant. Please let me explain why.
We use standard encryption algorithms for securing the vault, whether it's the SQLite database file locally stored when you're a 1Password 4/5 Mac/iOS user or if it's a .agilekeychain or OPVault used for syncing or in 1Password for Windows.
This means anybody can write a small script to try and decipher the file, bypassing anything we might include in the actual 1Password application. This is why all the security surrounding your vault is in our choice of encryption algorithm and the parameters used to encrypt. The decisions are based on the worst case scenario where somebody has your vault and is attempting to bruteforce the Master Password using an automated script.
Unless you can ensure that it isn't possible to copy data and that the data is only accessible via a single location i.e. our application then my fear is such a feature would lead to a false sense of security. I would always argue against creating that situation because of the potential harm to your security. This is just my personal belief and you may disagree of course :smile:
0
