Disabled 1password idle lock in Chrome

Hi,
How to i disable 1password idle lock in my Chrome?
Im using the latest version of Chrome.

I can only set timeout lock to max 300 miutes
Code:

I Would like to disable the lock completely.

Cheers


1Password Version: Not Provided
Extension Version: 1.5.0
OS Version: Win 10 64Bit Pro
Sync Type: Not Provided

Comments

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @boomdrak! I hope you don't mind, but I've moved your question over to our 1Password X section because that seems to be what you're asking about. And thanks for the question - the short answer is: you can't.

    Not that we wouldn't like to make you happy as a user of 1Password X, but the reason you have a timeout of any length in the first place is because you have to enter your Master Password to decrypt your data, and we can't (or at least should not) use timeout rules to avoid that. Your Master Password is what protects your data from...well, all the potential threats that you use a password manager to defend against. So setting it to never require your Master Password is inherently insecure. From a security standpoint, allowing a setting to never lock 1Password would be almost the same as having your passwords in just an unsecured database or a spreadsheet.

  • boomdrak
    boomdrak
    Community Member

    How about raising limit to 8 hour?
    Its bothering having to input a Long password multiple times during work hours..

  • Lars
    Lars
    1Password Alumni

    @boomdrak - I'll certainly mention your wishes to our development team that's working on 1Password X, but I rather doubt they'll approve such a long timeout. Remember this is the idle timeout we're referring to, here. If you are using your computer continually (or at least frequently) -- as most of us who have desk jobs these days do -- then you should never hit this timeout at all, even if you set it to something as restrictive as thirty minutes. The idle timeout only comes into play when you stop using your system -- and not just 1Password, but the entire system itself; in other words, the clock starts when you take your hands away from your keyboard/mouse completely. Do you really want your data to be available to anyone who walks by your office/cube/workspace for eight full hours if you leave? Maybe your setup is such that you don't worry about such a scenario, but as a security company, we can't in good conscience either recommend or make available such a setting. We've had numerous discussions over the years about what to offer in terms of adjustability for these settings, and while we're always eager to hear new perspectives, this is a setting that's had more discussion than most over time.

  • boomdrak
    boomdrak
    Community Member

    Is using my mouse and keyboard in an external application (non web app) counted as non idle time? How is my idle time counted and summerized?

  • AGAlumB
    AGAlumB
    1Password Alumni

    I Would like to disable the lock completely.

    @boomdrak: We're not going to do that. You can accomplish that level of insecurity by other means, after all — like storing everything in a spreadsheet or text file.

    Its bothering having to input a Long password multiple times during work hours..

    I'd encourage you to not view entering you Master Password as a bother, as it's the key — quite literally — to the security of your 1Password data.

    Is using my mouse and keyboard in an external application (non web app) counted as non idle time? How is my idle time counted and summerized?

    Chrome reports the idle time to the extension. Rather than try to rephrase things, I'll leave you with Dave's excellent post, which gives a better overview of 1Password X and locking:

    Locking in 1Password X happens when you quit Chrome, your machine sleeps or locks, or when the idle timeout is exceeded. [...] Having 1Password X never lock is something we would never do as it would require us to write out your master password (or some equivalent) to disk since there would be no other place to store it when Chrome exits. That's simply not something we're interested in doing as it's terribly insecure. [...] Making it so 1Password X doesn't lock when your Windows session locks is possible and something that we're considering. Honestly I'd prefer to keep the 1Password X locking code as simple as possible as things need to work on many platforms and the available APIs provided by Chrome are fairly limited (and have bugs of their own that we need to work around). With this in mind I may delay adding these options until 1Password X is able to communicate with the main desktop app where we have more options available to us. Time will tell :)

    Cheers! :)

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited February 2018

    @boomdrak: I just wanted to mention that, while we're not going to disable locking completely, in the current beta, it isn't possible to keep 1Password X unlocked while Chrome is open, in case that helps. Basically with the new setting, you can:

    1. Set up to 999 minute timeout (however, we will still lock if we get a notification that the desktop is locked via macOS or Windows.
    2. Disable locking 1Password while Chrome is running. It will stay unlocked when you sleep/suspend the computer.

    I know that's probably not exactly what you're looking for, but hopefully that helps a bit. :)

This discussion has been closed.