I previously was able to use a pin on my iphone 7 but now it's Touch ID or master passwords.

Homerj222
Homerj222
Community Member

I previously was able to use a pin on my iphone 7 but now it's Touch ID or master passwords. Touch ID has always been and still is something that only works 2/3 of the time. And yes I have re-did my one thumb print several times. My master password is long and tedious so a pin would work better. I wish I would not have tried Touch ID again. It's seems that's why the option is gone even though it should be my choice.


1Password Version: Lastest iOS version
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:I previously was able to use a pin on my iphone 7 but now it's Touch ID or master passwords.

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Homerj222: Thanks for reaching out. I’m sorry to hear that you're having trouble with Touch ID! It isn't possible to use a PIN on a Touch ID device. However, you may be able to use Touch ID by registering the same finger multiple times. I know this has worked for others. But if you're still having trouble with Touch ID, be sure to contact Apple, as they'll likely be able to better assist you. Let me know how it turns out!

  • Homerj222
    Homerj222
    Community Member

    Yes it will work a lot of the time. But when it doesn't it usually an inconvenient time to enter master. I guess I'll be ok.
    And I just figured out how to get pin back. Delete my finger print in Touch ID. 1Password defaults back to pin code.
    Thanks for help

  • AGAlumB
    AGAlumB
    1Password Alumni

    I'd argue that any time Touch ID doesn't work is a bit inconvenient! But yes, if you're okay with not using Touch ID at all, you can just disable it. Thanks for following up! :)

  • sfobrian
    sfobrian
    Community Member

    I'd like to add a +1 on the feature request to enable the option using a PIN code to log into 1Password on iOS on devices with TouchID. Fingerprint authentication's shortcomings have long-since been documented and I'd rather lock my 1Password vault with what I know (with an option for convenient knowledge), not based on a body part.

    In the meantime, @Homerj222's workaround works.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Just keep in mind that a PIN, though "something you know", is always going to be easier to crack than Touch ID. That's why if Touch ID is available 1Password will use it instead of a PIN. You can always disable the feature in 1Password to ensure that your (hopefully long, strong, and unique) Master Password is required. But if Touch ID doesn't work for you at all, it doesn't make any sense to have it enabled in iOS in the first place. And disabling it completely will force 1Password to fall back on the legacy PIN option. Cheers! :)

  • GeniusRedacted
    GeniusRedacted
    Community Member

    I would like to chime in again for my support of PIN codes in the iOS version of 1Password. Apple has gone from Touch ID to Face ID with the iPhone X. Who knows what they will switch to next? I like the consistency that a pin code provides through all of my iOS devices. ("1PINcode"?)

  • Hi @GeniusRedacted

    Thank you for the feedback. We do not currently have plans to support unlocking 1Password via a PIN code on Touch ID / Face ID enabled devices, but we do appreciate the suggestion. For now if you'd like to use a PIN with 1Password you can completely disable Touch ID / Face ID on the device.

    Thanks.

    Ben

    P.S. It isn't necessary to post about the same issue in multiple spots. I've removed your other posts on this subject.

  • jackCA
    jackCA
    Community Member

    Great posts everybody, but this issue has been discussed by 1Password before.

    TL;DR users aren't intelligent enough (they'd be "confused" apparently) to be given the option to choose a PIN over TouchID

    Full discussion here.

    Two excellent posts which sum it up:

    Commentator #1

    On devices with no TouchID, the password for unlocking the phone is different from the password or PIN code to unlock 1Password data (or at least it should be set up that way). With TouchID set-up, both passwords are virtually the same: my fingerprint. Meaning when a hacker has access to my phone (for example with a fake fingerprint, cut-off finger or just carefully with me sleeping), he or she automatically has access to all my passwords. In a way, the device without TouchID is more secure.

    The only solution is turning TouchID off. This can be done in three ways:

    • Turn it for for unlocking but leave it on for 1Password. This is of course ridiculous cause a user needs to unlock his phone a lot more times a day than enter a password.
    • Turn it off for 1Password but leave it for unlocking. This forces the user to type in the master password every. single. time. he wants to look up a password.
    • Turn TouchID it off completely. Keep entering PIN codes for unlocking the iPhone like it’s 2007 again to enjoy the convenience of PIN codes again in 1Password.

    Basically what you’re telling a user of a Touch ID enabled device is: you can have the convenience of Touch ID everywhere (with the above, imo pretty big security-tradeoff), or you can have it nowhere at all.

    I would argue that the best option is missing: the combination of protecting the iPhone with TouchID that requires a physical part of me (fingerprint) as well as a part of my knowledge (for the 1Password PIN code). This would imo by far be the safest way to go, and still be incredibly convenient in day to day use.

    Wouldn’t you agree?

    Lastly, I don’t really see how this would make the application significantly more difficult to use or more complicated to set-up. The toggle to enable (and set up) a PIN code could just appear under the ‘Use TouchID’ toggle in the Security settings if the latter is disabled. Authenticator app Authy has implemented a choice for users in a similar way, and it works fine and easy.

    Commentator #2

    The new phones do look amazing guys but I’m worried. I know iOS 11 has the ‘tap 5 times’ panic feature but let’s run with my thoughts on this.

    I have a strong alphanumeric unlock password for my iPhone (augmented with TouchID for convenienece), example:

    8’vK6″sa3%!z

    I use 1Password and use a strong master password to unlock my database, example:

    hKN$vB\M>?7_LpGQ9Hpy

    I’m also protected by the 1Password Secret Key but that’s not relevant for this example. So far, so good.

    Now, I’m required to input my iPhone password whenever I turn off my device (or if I use the panic feature). I also have to input my 1Password master password whenever I restart my device (my choice); it improves security and keeps my password fresh in memory.

    I would really like you to implement a feature like you have in Android (not all Androids have fingerprint sensors) which would allow me to:

    1 – unlock my 1Password database using my master password
    2 – use a short 4-6 digit PIN (hey, even user configurable!) to unlock the database

    Why would this be of benefit? If somebody manages to get hold of my phone and hold it to my face then they could unlock both the iPhone and 1Password. How about if I’m asleep or if I’m tied to a chair in James Bond style?

    You might suggest that I turn off FaceID recognition in 1Password or get iOS to demand my password each time but in my case (as I use long passwords for both) that’d be highly inconvenient whereas a short numeric PIN would be super convenient and massively increase my security.

    Please seriously consider this critical feature. It shouldn’t be difficult to implement, it could be optional and would not take place of the master password. It’d be used as an adjunct to make 1Password even more secure. Then, even if somebody unlocked my phone using FaceID, they’d still have to know my 1Password PIN. You could even have a 3 options and you’re out mode where after the third wrong PIN it reverts to demanding the full master password.

  • @jackCA

    We're not questioning anyone's intelligence, though keeping the product accessible to as many folks as we can is important. There is such a thing as "preference bloat." The bigger factor in deciding not to include a PIN option for Touch ID / Face ID enabled devices is keeping the complexity of our "lock service," which is already fairly programmatically complex, from becoming overwhelming to maintain. The more complex the service is the chance of bugs becomes exponentially higher, and obviously with being able to unlock being an extremely critical function we need to keep the chance of bugs to a reasonable minimum.

    Thanks.

    Ben

  • AGAlumB
    AGAlumB
    1Password Alumni

    I'd really like to see something like using IR to detect bloodflow and heart rate, so that Face ID is simply disabled if someone ties you up, staples your eyes open (maybe once you're already dead), and puts your iPhone X in front of your face.

    But let's be real: Anyone for whom detention and torture are real threats (e.g. James Bond) is not going to use Touch ID or Face ID (or similar), only a very strong passcode. Touch ID and Face ID are secure, but they are convenience features. PINs are insecure convenience features. We're not going to regress 1Password to that except in scenarios where it's the only option, and that time has past. There's a better way now for those who choose to use it. Anyone who doesn't want to doesn't have to. And if you do not deem Touch ID or Face ID secure enough for your use, its security properties apply equally to 1Password and the device itself, so it makes good sense to disable it in that case.

    Ultimately, since none of us have an iPhone X with Face ID, I don't think it makes sense to pass judgement. I'm interested to use it myself, and also see what others in the security community find. But for now, the only concrete information any of us has is Apple's Face ID Security paper, which was just released. I think it's worth reading now, and then later on we can all see for ourselves in real world usage. Until then, it's all just idle speculation for those outside Apple.

This discussion has been closed.