Feature Request: Main password prompt when revealing passwords

Hi there,

Basically I have a small request, it's not really for any specific version of 1Password, but it's something I'd ideally like to request for all operating systems. I switched to 1Password not to long ago and so far it's been great, but having a long secure main password can get tedious when you're having to re-enter it constantly due to the auto-lockout, I started off with having it auto-lock when my PC locked and that didn't end well due to how often I'm locking the computer and returning, so I decided to use the idle timer. This worked slightly better but it's still a pain, if I was to compare to say LastPass there was an option to stay logged in at all times, but if I ever wanted to view **or **edit then it would prompt me for my main password. This worked great, it was actually one of the things I really miss hence why I'm making a request.

I'm aware your program works differently and it has different security layers in place compared to other password managers but even if it's something simple for now, perhaps just a small option to the software itself (such as a check before decryption). It would be great to have an option to secure viewing sensitive data without disabling the hotkeys for filling login information and adding notes.

If what I'm asking isn't possible, perhaps adding something like a PIN? Or even integrating support for quick logon using a prompt sent to a phone. Basically anthing at the end of the day to make it easer for the end user while keeping data secure as while I love keeping my passwords and data safe, typing a password that's over 20 characters long multiple times a day is tiring.


1Password Version: 6.7.457
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: 1Password

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Mark95: Thanks for reaching out with your request, and for trying 1Password in the first place! We can certainly take it into consideration, but I'll give you a few reasons why we're probably not going to do that:

    1. We already offer fairly granular security options, so you can customize when 1Password locks (and therefore how often you need to enter your Master Password). It sounds like you haven't quite found the sweet spot for you in spite of some experimentation, but I think if you continue to make tweaks you can find a combination of settings that better suit you.
    2. Using a "PIN" (typically 4 or 6 digits) is much less secure than even a weak Master Password. And it is yet another thing for users to remember — or forget. We actually know how bad an idea this is because we made that mistake in the past. I can't tell you how many times I've heard from 1Password users who've been using a PIN for so long that they forgot their Master Password, and then when they need their Master Password (new device, syncing, etc.) they're just out of luck. It's basically a time bomb. And, again, this weakens their security when the PIN is active. So it's potentially a lot of hurt in the long term for a tiny convenience in the short.
    3. Getting back to requiring the Master Password only for viewing and editing but not for saving or filling, that's essentially a lie: it's fake security. If it's possible to save and fill data using 1Password, it has to be decrypted already or decryptable. How? You've entered your Master Password, and a) that's either decrypted all of your data already (this isn't how 1Password works, but go with me here), or b) the encryption keys are available to decrypt data on demand (because you entered your Master Password to decrypt them — that's how 1Password works). So, in either case, the Master Password is not needed to access the data (or save more), so presenting a prompt for you to enter your Master Password only offers a false sense of security at that point, which is not something we want to do. A user would justifiably believe that their data is protected in this case, but someone with access to the machine could probably get it in that case.

    We try to present 1Password's security very clearly: if 1Password is locked, your data is secure; if it is unlocked you should assume that anyone else with access to the machine can access it just as you do. Half measures like different lock "stages" ultimately offer no real security benefit (unless it's really locked, and then you can't save or fill anyway), and they muddy the waters, when "locked" and "unlocked" are very clear and effective, and much more user-friendly. Even if that means entering your Master Password from time to time, that's fundamental to the security of all 1Password users.

    So ultimately you need to decide the level of security which is appropriate for your data: are you comfortable with more relaxed lock settings and/or a weaker Master Password, or do you feel that something more strict and secure is in order? You can't have it both ways, but there's a lot you can do to strike the right balance for you. Cheers! :)

  • Mark95
    Mark95
    Community Member

    Thanks for the very detailed and well explained reply. I understand your view on the security perspective with when it's unlocked then it's fully unlocked and vice versa, I will try play around for the idle time a little more but it's very difficuty due to how often I'm always locking and leaving the PC.

    I understand re-prompting for data would be false security as the data is already unencrypted and can be accessed through other methods than the 1Password tool, perhaps instead of a re-prompt for something that is available when pressing the button to view 'sensitive' data such as a password or secure note it would actually encrypt the data again. I understand in the event of someone trying to steal data they could become aware of this and attempt to access via other means but I'm more looking to stop people phsically on my PC. For example the last thing I'd want is to rush out while at work with my PC unlocked and they can poke around and view all my passwords!

    I hope this suggestion could be a compromise, it's more of a trigger to lock the vault than a false check as you've described above.

    Thanks again!

  • AGAlumB
    AGAlumB
    1Password Alumni

    I hear you. Ultimately we want to offer other unlock methods, such as fingerprint support which we have on iOS and Android, since those are both more secure than a PIN and more convenient than entering the Master Password every time. I think that's the core of what you're looking for, so while I'm not sure we want to make the specific compromises you're asking for now, we're definitely looking into alternatives. :chuffed:

This discussion has been closed.