Can you use biometric authentication on the phone to autofill passwords on the computer?
Hello.
Given that Touch ID has been around for several years now, I figure that this idea must’ve been floated around already, but I thought I’d throw it out there just in case. Can a feature be added to 1Password that allows you to have your login credentials entered on any website in a desktop browser by using fingerprint authentication on a mobile device on the same wireless network?
I feel like I should not be required to enter a password anywhere now. In fact—though this is outside the scope of 1Password—I would love for my Android phone to throw up a prompt of some kind when I’m staring at the main login screen on my Mac and use fingerprint authentication there to sign me in on my desktop.
Is any of this possible? If not, what are the issues that would prevent the implementation of this functionality? Network latency, security concerns?
Thanks for your time.
1Password Version: 6.0.1
Extension Version: 4.5.3.90
OS Version: OS X El Capitan 10.11.3
Sync Type: Dropbox
Comments
-
Hi, @aryayush! Thanks for your post. Touch ID has certainly been a revelation for me on iOS. Whenever I have to actually type a password on iOS, I'm actually a little indignant. :blush:
There are a few things that could in theory make this possible, but I honestly think that it would cause quite a bit of trouble and not actually add that much in the way of convenience.
For instance, I see you're using Chrome. Chrome does have some Bluetooth APIs that we could theoretically use to talk to 1Password on iOS or Android. But, these APIs are very specific to Chrome, so they wouldn't work for Safari or Firefox, and we would have to do a ton of investigation to make sure of the security implications of using such an API to avoid eavesdroppers and other possibilities.
iOS also has Handoff, but even if it were a viable channel for 1Password unlocking (I'm not sure if it is.), in my experience, Handoff is hardly reliable enough to pin my 1Password workflow to.
Second, I think there is a workflow issue to consider. Using fingerprint on the phone would require that the app be active on your phone when you're trying to use your browser on your Mac. Personally, this isn't how I use my phone. I keep my phone on my desk next to me, but I bounce between Messages, Tweetbot, Mail, and Slack. I jump into 1Password when I need to look something up, but as a rule, 1Password isn't really running on my phone enough for it to serve as a central hub for unlocking on my Mac.
In summary, while there are a couple of things that could theoretically make what you describe possible, given the real world ways people use their devices, I don't think the benefits are as compelling as they might first appear. That being said, maybe Apple will give us new MacBook Pros soon with Touch ID. Then we'd have something truly amazing to sink our teeth into. :chuffed:
I hope that helps!
--
Jamie Phelps
Code Wrangler @ AgileBits0 -
I'm not sure how you might implement this technically, but at least for Android, I figured you could have a service running in the background that would maintain communication with any computer on the same wireless network that has 1Password installed. Whenever the user encounters a login on the computer, you could perhaps throw up a prompt on the phone requesting the user to provide fingerprint authentication.
Say, you navigate to your bank's login page on the desktop. If you have your phone on the same wireless network, 1Password could show an icon inside the username form field that you can click on to have your phone ask for fingerprint authentication. Or it could be a keyboard shortcut, perhaps even the same one that we currently use for filling in the password. The difference would be that it would work even if 1Password was locked, both on your desktop and your phone.
It'd be pretty handy, I imagine—not to mention more secure (because you'd avoid having to keep 1Password unlocked on your desktop). But I'll leave it up to you guys to mull it over. Keep up the good work.
0 -
Thanks, @aryayush. In the perfect scenario, this sounds like it would be wonderful. I'm not so sure about it when we start reaching the edge cases of various network configurations and other such gremlin-prone situations. :smile:
But, I love that you're thinking about this stuff. One of the reasons that we love our users so much (on all the platforms) is because you guys come up with new and interesting ideas for 1Password all the time and that pushes us to be better every single day. So, thank you, and keep the ideas coming.
0
