Closed thread "1Password Unlock in Secure Desktop Unstable" from April is exactly my problem
...but I do not understand the response or solution, or know what is needed to fix it.
I am using Windows 8 on a laptop, Windows 7 with dual monitors on another. Checking "Unlock on Secure Desktop" causes inability to enter master password after reboot unless I do it within a second or two (which I can by pasting), I have since unchecked the option, but it would be nice to bypass the master password if Windows knows the computer is secure. Is that the purpose of this checkbox? If so, it isn't working properly. If not, what IS the purpose.
1Password Version: 4.6.0.592
Extension Version: 4.4.3.90
OS Version: Windows 7, 8
Sync Type: Dropbox
Referrer: forum-search:unlock on secure desktop
Comments
-
@BobKistler: Unfortunately we can't 'fix' Secure Desktop, as this is built into Windows. However, we have made some improvements in the latest betas of 1Password for Windows that can help work around some issues if you'd like to try that to see if it helps your particular case. The problem is often that 3rd party 'security' software interferes.
The purpose of Secure Desktop is to isolate 1Password when you enter your Master Password, blocking all but known 1Password and Windows processes to prevent other apps from capturing your Master Password.
I hope this helps. Let me know what you find! :)
0 -
No luck. I also tried disabling Secure Desktop. Same results. I'll just log in when I need to.
0 -
Hi @BobKistler,
Ok, it sounds like we're not on the same page because if you disabled Secure Desktop and it is still giving your problems then it is not related to Secure Desktop.
Let me repeat what I'm understanding based on your posts:
- You reboot your computer
- You open the main 1Password program but you cannot type anything in the master password field
If you wait a little while later, it lets you type in or can you tell more on what is happening in step 2?
0 -
The closed April discussion named "1Password Unlock in Secure Desktop Unstable" describes the issue exactly. It has nothing to do with rebooting or inability to type. It happens to me on Windows 8 and I would swear on a stack of bibles that it happened to me on Windows 7, but I can't duplicate it, so the only issue I have now is on Windows 8, but I am going to get rid of that annoying OS soon, so I am not concerned any more. I know now (and think the original post member believed) that we misunderstood the term "secure desktop". I thought it meant the user has successfully responded to his screensaver password and now the desktop is "secure". I realize now it has nothing to do with that, but rather involves the UAC. What I was looking for (and probably the original post member also) was a way to avoid entering the 1Password master password to a system (Windows or iOS) which has already been "secured" with a screen-saver password or log-in password or iPhone Touch ID. Do you know if such a feature is available or in the works?
0 -
Hi @BobKistler,
I'm looking at this thread you're referring to: https://discussions.agilebits.com/discussion/40170/1password-unlock-in-secure-desktop-unstable
We closed it because we moved it to the email support. I've worked with the customer in that thread via emails and the issue was that he had a security program that prevented Secure Desktop from working and he knew what Secure Desktop was. As soon as he disabled it, it works fine. That's why his issue is not related here.
What I was looking for (and probably the original post member also) was a way to avoid entering the 1Password master password to a system (Windows or iOS) which has already been "secured" with a screen-saver password or log-in password or iPhone Touch ID. Do you know if such a feature is available or in the works?
Touch ID works because there's a secure component on the Apple's CPU (aka Secure Enclave) where we can store your 1Password master password and your fingerprint unlocks that master password to be passed to 1Password for unlocking right away.
Windows can do almost the same with the TPM (Trusted Platform Module) chip but not all computers have it and we do not want to do this because we have no way of knowing if it can be secure on all PCs. Microsoft is working on perfecting the system with Windows' Hello and Passport features to allow programs to offer this authentication method only and only if the hardware supports it. Intel is also working on offering secure memory protection for programs to use but it is not yet available. All of this will eventually require new hardware, so it is not something that can be added to today's computers.
When that happens first, we might be able to look into supporting it.
For now, there is no way to avoid entering the master password on any platform 1Password is on, your 1Password master password encrypts the data. The only way to decrypt the data is to give it the master password. To avoid entering the master password, you have to store it somewhere and put it behind something else, your Windows password is not strong enough and can be bypassed.
0 -
Thanks for the explanation and education.
0 -
You're welcome and if there's anything else we can help you with, please let us know.
0
