Don't ask for Master Password every x if using TouchID
As I didn't found any other discussions I started this thread.
I'm sure that you have reasons why you require the Master Password for users that are using Touch ID but I just like to express that I don't like this and I would love to see an option called Never., the same way Touch ID works under iOS.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
@heubergen - I'm actually surprised you couldn't find any other threads on this topic; there have been quite a few over time. No worries, though - you're always free to start a thread if you can't find the answers you're looking for. Thanks for checking first!
I definitely understand your position, and although we're sympathetic to it, I can tell you right now we won't be pursuing that idea, at least not with the way the technology stands currently. In fact, we've actually changed the iOS default to 2 weeks instead of Never because if Touch ID (or Face ID) crashes or you update iOS, that secret can be removed from the system keychain. If that happens, you'll be forced to enter your Master Password to access your data and the settings that allow you to resume using Touch ID. Too many users were telling us that they'd forgotten their Master Password because they never had to use it on iOS.
We're all human: if we've chosen a particularly random or difficult to memorize Master Password, and we go for too long without having to ever enter it, we will forget it. And it's your Master Password that is used to derive the key that allows you to unlock your 1Password data, not your fingerprint or your facial scan.
0 -
Maybe I did my search with the wrong terms, sorry for that.
As I understand your point and I appreciate the effort you put into to make the experience for all users better; I also have to point out that I don't care about those users and I personally would wish to have a Never option.
You can close the thread, thanks for taking the time!
0 -
@heubergen - I didn't mean to suggest you did anything wrong; I was just surprised there weren't any search results; it feels like there's been a few threads on this subject here in the last month or two. In any case, no worries, and thanks for making the suggestion; we're always glad to hear every bit of feedback even if we know immediately we won't be doing a particular thing, because it gives us a sense of where users are and what they'd like to see. So, thanks! :)
0 -
I agree with OP. I hate typing my password, especially on iOS. I have to type it every 2 weeks on macOS too, but with a full keyboard, that’s not as bad. I can remember my password - if I didn’t have to type it for 3 months I’d still remember it. With the frequency that I even need to open 1Password on a given device these days, I feel like I’m prompted for my password more than I get to use face or Touch ID. If you feel users need to be babysat, maybe this cooldown can sync across devices? If I’ve entered my password on my Mac I shouldn’t be bothered to enter it on iOS later that day.
0 -
@dtrobson099 - you may be able to remember your Master Password even if you don't type it for months at a time, but not everyone can do the same. Most of us humans, in fact, have terrible memories for things like passwords.
Our experience with allowing users to set the timeout to "never" in 1Password for iOS for Touch ID resulted in a flood of user issues where a new user would create a Master Password for use in 1Password for iOS, discover they could turn on Touch ID, set it to "Never," and then go for months without ever having to enter - or even think about - their Master Password...until Touch ID crashed or they upgraded iOS which knocked the obfuscated secret out of the System Keychain. Then iOS would inform them they could not re-enable Touch ID until they entered their Master Password...which they'd forgotten. We've even had some users who have insisted to us that they never HAD a Master Password because they've just "always used their finger."
Too many users aren't really clear that their Master Password is what derives the encryption key used to encrypt and decrypt their data. It isn't an authentication-based system where we have a copy of everyone's passwords (or even hashes of them) that we can reset or get around to recover their data. All of us in the internet age have been conditioned by authentication-based systems and their designers that you don't really need your password; the website or service can reset it for you if you present an alternate form of identification/authentication. We really can't do this...and that's not well understood by even many of our own users. So, since our job is providing people secure access to their most important data (and you can't access your data if you can't remember your Master Password), we're moving away from giving users the ability to shoot themselves in the foot this way. And yes, that means everyone will need to enter their Master Password occasionally, if for no other reason than to stay in practice and to remember that you even have one. But that's a much smaller price to pay than potentially losing all your data just because TouchID crashed.
0 -
But like OP, I don’t care about those users. And with a lot of devices, I’m constantly being prompted. It’s as if TouchID/FaceID isn’t even a feature for me. What’s stopping you from enforcing this account wide instead of per device?
0 -
But like OP, I don’t care about those users.
Fair enough, but we don't have that luxury; we need to think about and design for all 1Password users, not just you. :)
What’s stopping you from enforcing this account wide instead of per device?
Because Touch ID and Face ID aren't handled by your account, they're handled per-device. You can choose to turn it on or off, and set the timeout individually. It's a client-enforced setting, not a server-enforced one. You can definitely change the timeout settings in Preferences > Security > Require Master Password, but you can't disable Master Password entry completely.
0 -
I mean, you’re excluding me when you brush off my concerns like this, so not all users, just non-power users. Please consider lengthening the timeout, it’s a really annoying experience. People who actually know how to use technology are users too.
0 -
@dtrobson099 - you're quite right; power users are users too (sort of implied in the name, in fact!) ;)
The difference is that when we design a feature, all users are able to use it. So we have to consider the potential ramifications for all users -- and they may be (and often) different depending on what we choose. If we allow you and other confident power users to set your timeouts to "never" because you know you'll remember your Master Passwords, and a group of less-sophisticated users choose to enable that as well, the result for them is often complete loss of their data. If we set it to require the Master Password occasionally but frequently enough that there's much less chance anyone will forget theirs, very few people if any lose their data as a result...and some power users are annoyed that they have to enter their Master Password occasionally when they would rather not. That's not a particularly hard choice for us to make.
That said, we're always looking to improve 1Password for all users, so if there's a way we can refine things to where neither one of these outcomes is likely (or at least happens less), we'll certainly pursue it. Thanks for the feedback and taking the time to share it with us. :)
0 -
No, I have to politely disagree with Lars (and 1Password in adjunct) here. I think both Heubergen and dtrobson099 have very valid points here that shouldn't be disregarded. It's the spirit of what they're both relaying that I think you are missing. Ultimately, users should have a choice over when they'd like to be reminded about their password, and about what particular security measure they'd prefer to use. If you choose "never" and forget, that's your problem, you chose it, so deal with it; it's not 1Password's fault at all. Why? Because the user chose it.
More importantly, I see a profoundly philosophical issue about TouchID, FaceID, or the next biometric measure of security. Why is a password still (rather archaically) considered more trustworthy than other biometric measures? You can forget a password, but you can't forget your face (unless you meet an accident -- but that's another problem entirely).
True, technically, the likelihood of a computer malfunctioning with TouchID/FaceID is probably greater than with a password.
I think users should be given a choice over what measure they chose to "protect" themselves with. True, the measure they choose may not be the most secure, but, so long as the choice was informed, it should be their choice, not yours.0 -
Welcome to the forum, @theguytheguy! Thanks for the feedback.
0
