2FA - Allow access of codes without master password
Hi
I've recently transferred all my 2FA one time keys to 1Password and am loving the syncing that it does so I can get it between my devices or when I have a new device it is easy to get my codes there.
However it can be a bit frustrating typing out a 40 character master password to get into those keys and then realising I've missed the time slot and have to do it again. I now I can enable a pin but I don't want to comprise my security.
What I am proposing is that you can access these codes from the home screen without having to unlock. This isn't a security risk as the same is true for other apps like Google's Auth
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @chriscn,
With the current structure of the 1Password database this would not be possible. To do as you're proposing we would need to store the TOTP secret unencrypted. That is certainly something we can consider, but at present all such fields are encrypted, and the only way to decrypt them is with the Master Password.
Thanks for the feedback.
Ben
0 -
@Ben I would actually prefer if this wasn't the case or at the very least an option, I'd prefer to have everything encrypted but I'm sure the route you guys end up taking will be well thought-out so it's exciting to see where we go from here.
To add a question, does 1Password 7 or 6.9 or whatever the next major release have a rough release date? Perhaps end of this year or next year or is just done when it's done?
0 -
Thanks for the feedback. :)
Unfortunately we can't discuss timelines on future updates.
Ben
0