Tiered access to 1Password vault items with Touch ID

skippingrock
skippingrock
Community Member
in iOS

Hello, in my last posting, I touched on a thought that should be brought up as a separate entry.

I mentioned that none of my devices support Touch ID but even if they did, I don't think that I'd like to use it due to the amount of sensitive information that I have stored in my vaults.

I do seem to remember in a much older version of 1Password, that there was a setting that would require your master password any time a certain keychain item password was to be viewed. I did use it, but I guess somewhere along the way, that feature was removed and I didn't notice.

I'm not asking for that feature back, per-se, but I am enquiring about something along those lines.

Like your support document about Touch ID states:

Retrieving your Master Password from your mind while you sleep is still in the realm of science fiction. However, your fingerprint can be used without your consent whether you’re sleeping, unconscious, or otherwise.

That said, you can't always predict when there may be a concern for access using your fingerprint.

In reference to my remembrance of the aforementioned feature, I would like to petition another idea.

  • By default all of your 1Password Vault items would be available to your access on a equal basis regardless of whether or not you use your master password or your fingerprint using Touch ID.
  • But, if a particular vault item is of a sensitivity level that they would prefer never to be able to risk coming into the view of the wrong hands, the user could use the display setting in the item and choose a new setting called "Never with Touch ID".
  • Like the "Never display in browser" view setting, this would not be the default, but it would be there for you when you feel it is justified.
  • When this setting is set, the item would not be visible to the user neither through the 1Password extension, nor in the 1Password app itself.
  • It would be hidden from view and hidden from the knowledge that it is even there at all.
  • It would only be viewable, useable and editable if and only if the master password is entered, but not if Touch ID is used.


For example, something like a will; or the location, contents and combination of a safe vault a kept secure are kept secured and could never be forced out of you by an unwilling or unconscious fingerprint; only through your full co-operation and consented typing of your master password.

A user could chose to employ this feature for a little or as many of their vault items as they feel they need.
Would this setting would hold for shared items as well? I'm not sure. I would say yes, but your user testing would determine this.

Cheers, @skippingrock.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Ben
    Ben

    Hey @skippingrock

    only through your full co-operation

    Heh, whenever someone mentions something like this I like to show them this strip from XKCD:

    More options inherently lead to more complexity, more confusion, and more room for error, but I do see how this could potentially be useful. The feature you mentioned was in 1Password 3 for iOS but was discontinued for many of the aforementioned reasons. If there were enough volume of demand for it, I could see us considering it, but since we already determined a similar feature was doing more harm than good it would probably take a lot of convincing.

    Thanks for the feedback!

    Ben

  • skippingrock
    skippingrock
    Community Member

    Hi @Ben,
    I agree about the complexity issue. Perhaps it could be an advanced feature that needs to be activated there.
    The thing that I like about the idea is that by unlocking it for someone with the Touch ID that doesn't show the ultra secret items, they would be unaware to its existence and think that it wasn't there. Thus the wrench wouldn't get pulled in because they think they got it all.

    Or how about a setting for a whole vault?
    The unlocking and display of a secondary vault would only get shown (of its existence) if the master password was entered, but not if the Touch ID was used.

    Just brainstorming.
    I know the self-destruct idea has been thrown out there (but that would be a risky move that might get you the wrench), but I'm thinking that this might be a more subtle way of giving people what they want, without giving them what they want.

  • Ben
    Ben

    So that gets into what we call "plausible deniability." Our Chief Defender Against the Dark Arts, jpgoldberg, has written a bit about this here:

    https://discussions.agilebits.com/discussion/comment/79821/#Comment_79821

    :)

    Ben

  • skippingrock
    skippingrock
    Community Member
    edited February 2017

    I guess the fastest way to do it is to try and quickly delete your 1Password app on your mobile device, or delete the whole phone as a last resort.

    I do have one question though.
    I know it kinda goes against the "1"Password mentality.

    But is there a way to let separate vaults require their separate passwords for each session you go into the secondary vault?

    I know that when you add a secondary local vault you are asked to enter its master password, but can you tell your master vault to not remember the password for your secondary local vaults? I know this can be the case for the cloud based vaults. I'm just talking about the locally (or Dropbox/iCloud synched) vaults.

    Thanks for allowing the continuation of this thought. I love brainstorming.

  • Ben
    Ben

    But is there a way to let separate vaults require their separate passwords for each session you go into the secondary vault?

    There is not. You'd need to re-sync it every time you wanted to access it.

    Thanks for allowing the continuation of this thought. I love brainstorming.

    Of course! :)

    Ben

This discussion has been closed.