Enable pin unlock on touch id capable devices.
My touch ID doesn't work consistently on my iPhone, but I would still like to be able to quickly unlock my vault. Please enable pin unlock on touch ID capable devices. Pin unlock is wonderful on my other devices.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:pin unlock
Comments
-
@jnmorgan: I'm sorry to hear that your Touch ID doesn't work correctly! Perhaps that's something Apple could help with. We can consider making a PIN an option on Touch ID devices in the future...but I'm not sure that's useful for others not in your unfortunate situation. :(
0 -
The feature would be useful for others who ARE in @jnmorgan's unfortunate situation. Like, for example, my father.
It's also a feature that ANY security-conscious user might want to activate at, e.g., airports. And let me generalize this. For most users in most circumstances, Touch ID is more secure than a PIN. But not all users and all circumstances. It all depends on the threat model, and the threat model can change depending on the situation.
What exactly is the problem with offering users this option?
I actually think there ought to be a third option, and it shouldn't be hard to implement. There are times when 1Password prompts me for my master password but there is a fingerprint icon that i can press to use Touch ID instead. If the user has set a PIN, [optionally] put a PINpad icon there as well. Easy-peasy, no?
0 -
Doesn't 1Password already ask for the Master Password with TouchID enabled after a set number of days? Perhaps the x (time allowed) can be configurable?
0 -
It is unlikely that we'll offer a PIN option on Touch ID enabled devices.
What exactly is the problem with offering users this option?
Complexity. More options makes for more places for things to go wrong, more edge cases, more support, more documentation, and a less manageable code base. That isn't to say that options are always a bad thing, but it is important that they are carefully scrutinized. This thread was started back in July 2016, and you can see how much demand for this there has been.
Just one thing to think about:
What happens when someone makes a backup from after we (theoretically) add this option, then restores it to a device with a version of 1Password older than the option? We already occasionally run into a problem like this when people restore a backup of a PIN protected 1Password file onto a Touch ID enabled device.I actually think there ought to be a third option, and it shouldn't be hard to implement.
Difficulty to implement isn't the only factor to consider.
There are times when 1Password prompts me for my master password but there is a fingerprint icon that i can press to use Touch ID instead.
This should happen when your device reboots if you've selected "never" for 1Password > Settings > Advanced > Security > Require Master Password (the default).
If the user has set a PIN, [optionally] put a PINpad icon there as well. Easy-peasy, no?
I'm not a developer so I don't presume to know how easy or difficult their jobs are. ;) But I can say that there as been resistance to adding additional complexity to the lock/unlock system.
Likewise I'm not a mechanic so I never assume their jobs are easy. Changing a spark plug seems like it should be an easy task, until you consider you may have to tear half the engine apart to get at it. ;)
Doesn't 1Password already ask for the Master Password with TouchID enabled after a set number of days? Perhaps the x (time allowed) can be configurable?
It is. The path to the setting is outlined above.
I understand that it is frustrating when developers don't add features you've requested, especially when they seem easy to implement. But we have to look at the big picture too, and see if what is being requested fits.
Ben
0 -
So 1Password is designed to house everyones passwords and information in one database requiring one password to access it all...hence the name 1Password. So here are my quick thoughts. When using the fingerprint to log in, someone could simply place your thumb on your phone and log into the app and gain access to EVERYTHING. Such as crazy girlfriends or whatever it may be. I have a simple request, add an option in the settings where once I place my finger on the fingerprint scanner, a 4-digit required pin pops up so i can quickly put that in. It's faster than having to type in my lengthy master password, which i feel more secure doing but it takes more time. whereas i can use my fingerprint then quickly enter that 4-digit pin and not have to worry about someone getting access to everything with just my fingerprint.
Thank you1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided0 -
Hi @hancawk,
I hope you don't mind, but I've merged your post with another forum thread about the same topic.
Thanks for taking the time to send us your request! We don't have current plans to add a PIN code option on devices with Touch ID, but it's an interesting idea. For some more information about this, please take a look at the other posts in this discussion (especially Ben's reply above).
We appreciate your feedback, so if you have more suggestions (or questions, or need help with 1Password), please don't hesitate to let us know. Have a great weekend! :)
0 -
Well yeah kinda I wanted my own discussion about it because it a GREAT idea. Why wouldn't you add it? Does no one think that someone can easily place your thumb on the touchID in your sleep and suddenly gain access to EVERYTHING? Shouldn't this app protect yourself from friends and family and anyone else.
0 -
You need to be considering ALL possibilities if you want to be the worlds leadig password vault app and if you want to ensure security for all its users.
0 -
Hi @hancawk,
I wanted my own discussion about it because it a GREAT idea.
It sounds like you saw this existing discussion before opening a new thread? There's really no need to have a separate discussion about this since there was a recent thread about the exact same topic. We'll see your post either way. ;)
Why wouldn't you add it?
Did you read Ben's post from yesterday? I think that should help to answer your question. We're not saying we'll never add a PIN code option on Touch ID devices, but we don't currently have plans to do that, and Ben's response goes into more detail to explain why.
I'm sorry that's not the answer you want to hear! Please let us know if you need anything else or have more questions about that. Cheers! :)
0 -
Just saying it probably should have been incorporated a long time ago into the app and am confused as to why it is even a topic for debate. But hey I don't work there and don't know what's going on. I'm not the only one who thinks it's a good idea
0 -
Hi @hancawk,
There doesn't seem to be much demand for this, but you're right - there are definitely other customers who are interested and think it's a good idea. At the very least, there are a couple who also requested it earlier in this discussion (although I'm sure there are others).
But even if you and other customers think it's a good idea, that doesn't mean we'll add it. We receive a lot of different feature requests from customers every day, and those features are all really important to the people who request them. And even though we truly want to make our customers happy, the reality is that we can't add all of the features they ask for, regardless of how good an idea it might be or how long they've been requesting it. As Ben mentioned, there are a lot of factors to consider.
Now, I know you consider this to be a security issue because it's possible for someone to put your thumb on the fingerprint scanner while you're asleep. If that's a concern for you, I highly recommend turning off the Touch ID option so your master password will be required to unlock 1Password. It takes more time to type your master password of course, but that's an issue of convenience, not one of security.
Also, if you're worried about someone using your fingerprint while you're asleep, iOS gives you the option to use a PIN code to unlock your device instead of Touch ID. In the Settings app, go to Touch ID & Passcode and turn off the option for iPhone Unlock. You can still choose to unlock the 1Password app with Touch ID, but unlocking the phone will require a PIN code, so no one will be able to unlock your phone or 1Password while you're sleeping.
Again, we really appreciate you sharing your thoughts with us. Have a great weekend! :)
0 -
I solved my father's problem by turning off Touch ID on his iPhone. He wasn't able to unlock the phone with it reliably anyway so it's no great loss. And I guess this is a general workaround for all users unless and until you decide to make PINs available within the app whether or not Touch ID is active.
I don't think that @Ben's response really addressed my concerns; he just offered some countervailing considerations. Developers would have to weigh in on the complexity / maintenance issues, but I don't find @Ben's POV persuasive a priori. You already have a complex situation because users can toggle Touch ID from on to off or vice versa while 1P/iOS is running as well as when it is not running. It seems plausible to me that having PINs work consistently irrespective of Touch ID status could well simplify the code logic.
—Other Ben
0 -
You already have a complex situation because users can toggle Touch ID from on to off or vice versa while 1P/iOS is running as well as when it is not running. It seems plausible to me that having PINs work consistently irrespective of Touch ID status could well simplify the code logic.
@benfdc: Indeed, there are already a lot of moving parts here, so we'd rather not make things even more complex if we can avoid it, especially when we're talking about something that wouldn't increase security. Even if it were less code, it's another opportunity for users confusion...and frankly many would use the PIN option when they could get more security and convenience just because that's such a familiar thing. Some people have legitimate reasons to use PINs instead of Touch ID, but I still encounter folks with Touch ID devices who are using 4 digit PINs to unlock instead, simply because they set it up that way on their first iPhone and have done so ever since.
0 -
I think your argument, stripped to its essence, is that it's best to deny users a choice when most users would make a less secure choice. Because most of the time, for most users, a fingerprint is a safer way to unlock a vault than is a four-digit PIN.
It's not a frivolous point, but there is a reason for the "Security" page accessible via the "Advanced" page in Settings. That's a reasonable place IMO to stow options which require a certain amount of sophistication in order to use properly.
0