Necessity for repeatedly signing in (not timeouts)
On a trial using 1Password X on Chrome and 1Password on iPad and iPhone. When using iOS/Safari, despite being signed in to 1Password, I am asked to sign in with Master Password when attempting to autofill at each and every website. Chrome/X doesn't require that of me. Is this expected? Is there a setting adjustment I can make to have iOS/Password behave as does Chrome/X?
Thank you.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Necessity for repeatedly signing in (not timeouts)
Comments
-
I should clarify to say that the requirement for Master Password for each AutoFill applies to the iPad but not my iPhone,
Also, is there an option for 1Password signing in on the iPhone that does not require a fingerprint, touch sign-in? If so, how can I access it? Sometimes Touch ID does not work well on my iPhone.
0 -
One question more: Are there some websites that will not accept 1Password for autofill? I repeatedly cannot sign in for Microsoft's https://account.live.com with 1Password X. When I enter the data (user name and password) held in my vault for that URL, I can sign in. But I cannot use X for that on an autofill basis.
Thoughts?
0 -
Hi @Maury,
In order to avoid having to enter your Master Password on each use you’d need to enable some form of Quick Unlock. Options may include a PIN, Touch ID, or Face ID, depending on the capabilities of your device. Not all devices support the same options. For example the iPhone XS supports Face ID but not Touch ID, while the iPad Air 2 supports Touch ID but not Face ID. That is determined by the device, not 1Password. Without Quick Unlock enabled you’d need to enter the Master Password on each use.
We’re aware of the issue with live.com and hope to include a fix in a future update.
I hope that helps!
Ben
ref: xplatform/filling-issues#256
0 -
Yes, it does but questions remain:
iPhone 5e: I cannot always depend on Touch ID working. I can sign in to 1Password with my Master Password, typed. But when I then access a different website that I want to autofill, a screen requiring Touch ID to log in to the website appears. I do not see a way to bypass that and use a typed password. Admittedly, I do have Touch ID activated under settings. Here is my assumption--please correct me if I am wrong: With Touch ID activated, my only option is to use it but I will be provided the opportunity to type in my Master if Touch ID fails--correct?
Is it a known entity that the Master is required to sign into every website on the iPad Pro but not on the iPhone 5e, even tho' both operate with iOS?
Thank you for clarifying the issue with live.com. Wish I had known that before I spent about 1/2 hour trying to make it work! Your help is appreciated.
Maury.
0 -
Please see my questions placed on November 2.
In addition:
1. When I subscribe (currently on a free trial) to 1Password, I intend to change a # of my passwords. Is there an efficient way to print off all my passwords after subscribing in order to preserve them in hard copy in a locked file drawer?
2. Two factor auth is required when a new device is added. I understand that. But, in addition, seemingly in random fashion, I am asked to verify auth in signing to 1Password X on a known, established device. This seems to be occurring with X (Chrome) but not when I am using standard 1Password on my iPad (Safari). Is the system supposed to behave that way? I am not averse to using 2 factor auth but do want to understand what to expect.Thanks.
0 -
iPhone 5e: I cannot always depend on Touch ID working. I can sign in to 1Password with my Master Password, typed. But when I then access a different website that I want to autofill, a screen requiring Touch ID to log in to the website appears. I do not see a way to bypass that and use a typed password. Admittedly, I do have Touch ID activated under settings. Here is my assumption--please correct me if I am wrong: With Touch ID activated, my only option is to use it but I will be provided the opportunity to type in my Master if Touch ID fails--correct?
Correct. You can cause it to fail by hitting ‘cancel’ on the Touch ID prompt.
Is it a known entity that the Master is required to sign into every website on the iPad Pro but not on the iPhone 5e, even tho' both operate with iOS?
It is not. Do you have Quick Unlock (PIN/Touch ID) enabled in 1Password on the iPad Pro?
Thank you for clarifying the issue with live.com. Wish I had known that before I spent about 1/2 hour trying to make it work! Your help is appreciated.
You’re welcome. :)
- When I subscribe (currently on a free trial) to 1Password, I intend to change a # of my passwords. Is there an efficient way to print off all my passwords after subscribing in order to preserve them in hard copy in a locked file drawer?
There is not, and frankly I wouldn’t recommend doing that. The information stored in 1Password does not lend itself well to be stored in printed format. Because data in 1Password is subject to frequent change, and is often in fairly long form, printing the entire database is a rather impractical solution. I’d recommend looking into digital options for backups instead. With 1Password membership your data is automatically backed up off-site.
1Password backups
- Two factor auth is required when a new device is added. I understand that. But, in addition, seemingly in random fashion, I am asked to verify auth in signing to 1Password X on a known, established device. This seems to be occurring with X (Chrome) but not when I am using standard 1Password on my iPad (Safari). Is the system supposed to behave that way? I am not averse to using 2 factor auth but do want to understand what to expect.
1Password X has never asked for a TOTP code after initial setup for me. Are you clearing Chrome’s local database prior to being prompted for this?
Ben
0 -
Re: the need to sign in at every website on the iPad: Do you have Quick Unlock (PIN/Touch ID) enabled in 1Password on the iPad Pro?
I don't see an option for Touch ID on the Pro and wouldn't likely use it anyway (I do on my iPhone). I do not have the Pin Code turned on. Not sure how that would work here but most importantly, enabling PIN would cause storage of my 1Password Master in the iOS keychain--which I do not want to do. My auto lock feature is set at 1 hour. I have Lock on Exit turned off.
Suggestions?
0 -
Re: the requirement for 2 factor auth, seemingly randomly, using X, on Chrome:
I do not know what you mean by TOTP (I assume that is an acronym for auth) nor do I know what you mean by: Are you clearing Chrome’s local database prior to being prompted for this?
All I know, and have experienced, is the mandate to submit 2 factor auth at times other than when launching a new device.
One allied question: I gather that once 2-auth is launched, I can review any individual website to see if 2-auth is available for that website and if it is, I can activate it--so that using the code that comes up on Authenticator on my phone will be required to access the site, correct? I had thought that the process was dependent on 1Password, not the individual website.
0 -
Re: the need to sign in at every website on the iPad: Do you have Quick Unlock (PIN/Touch ID) enabled in 1Password on the iPad Pro? I don't see an option for Touch ID on the Pro and wouldn't likely use it anyway (I do on my iPhone). I do not have the Pin Code turned on. Not sure how that would work here but most importantly, enabling PIN would cause storage of my 1Password Master in the iOS keychain--which I do not want to do. My auto lock feature is set at 1 hour. I have Lock on Exit turned off. Suggestions?
@Maury: Yes. You'll need to enter your Master Password to unlock 1Password in that case. It is needed to decrypt the data. If your (equivalent) Master Password is not stored in the Keychain, you cannot use Touch ID (or Face ID) or the PIN option. There is not other alternative.
Re: the requirement for 2 factor auth, seemingly randomly, using X, on Chrome: I do not know what you mean by TOTP (I assume that is an acronym for auth)
1Password's two-factor authentication uses the open TOTP (Time-based One-time Password) standard.
nor do I know what you mean by: Are you clearing Chrome’s local database prior to being prompted for this?
"Resetting" the browser or otherwise deleting 1Password's data from it will cause you to have to sign in again as if it's the first time, including the TOTP ("auth") code.
All I know, and have experienced, is the mandate to submit 2 factor auth at times other than when launching a new device.
Two-factor authentication, when enabled on your account, is required in any browser/device that is not already authorized with your account.
One allied question: I gather that once 2-auth is launched, I can review any individual website to see if 2-auth is available for that website and if it is, I can activate it--so that using the code that comes up on Authenticator on my phone will be required to access the site, correct? I had thought that the process was dependent on 1Password, not the individual website.
You're confusing two different things: using two-factor authentication to sign into your 1Password.com account, and using the 1Password app to generate codes for other websites:
Use 1Password as an authenticator for sites with two-factor authentication
I hope that helps clear some things up, but please let me know if you have any other questions. :)
0 -
Well, frankly, yes I do.
- I get the mandate to use auth for any new device. But I am being asked for it randomly, at other times, on X. I have not been ""Resetting" the browser or otherwise deleting 1Password's data from it", at least not knowingly.
- The question I asked about auth for non-1Password websites comes from a different perspective. I'm really not confusing the two. What I wanted to know is whether individual websites can be programmed to require auth and, if so, would the code on the 2 factor authenticator on my phone be the one that the website would accept?
- The question I asked about the requirement for my log-in to 1Password on my iPad (not a requirement on my iPhone or for X used with Chrome on my laptop) for every site visited has not been answered.
So, I have these persistent questions. It would be so much more efficient and a great deal easier if could talk to one of you folks. I'm just trying to get comfortable with using the programs and move on from trial to purchase. Thanks very much.
0 -
- I would suggest starting a thread in our 1Password X category to troubleshoot that issue further: https://discussions.agilebits.com/categories/1password-x
The fine folks over there (including brenty) will be able to assist you better than I can on that. - A number of websites support using TOTP for two-factor authentication. 1Password can be configured to be the authenticator app for these websites. If you configure 1Password as such the code you see in 1Password will indeed be the one the website will accept. A 3rd party list of sites that support TOTP is available here: https://twofactorauth.org and instructions on using 1Password to generate TOTP codes can be found here: https://support.1password.com/one-time-passwords/
1Password cannot add two factor authentication to sites that don’t already support TOTP. - If you do not turn on some form of Quick Unlock, which will store an obfuscated Master Password equivalent in the iOS keychain, you will need to enter the Master Password every time you attempt to access 1Password on iOS in any fashion. There is no way around that. No other timeout or lock settings (e.x. Lock on Exit, Auto-Lock) have any effect unless you enable Quick Unlock. I have been speaking with development about how we might make that more clear, perhaps by disabling those settings unless we detect the presence of Quick Unlock. In order to enable Touch ID in 1Password it must first be enabled in the Settings app to unlock the device. Once it is enabled there you’ll see the option within 1Password’s settings. You can read about how we protect your information when Touch ID is enabled for 1Password here: https://support.1password.com/touch-id-security-ios/
Please let us know if you have further questions. I do apologize that I’m not personally in a position to further assist with the 1Password X issue but I’m confident the folks on our team that help out over in the 1Password X category will be able to get that sorted out for you.
Ben
0 - I would suggest starting a thread in our 1Password X category to troubleshoot that issue further: https://discussions.agilebits.com/categories/1password-x
-
Ben, much appreciated. Apologies unnecessary.
- I'll do that.
- Need to clarify. I understand the need to enter the Master each time I log into 1Password. No problem with that. I also understand the route for Quick Unlock--have done that (Touch ID) on my iPhone. When using my iPhone, I have not been asked to log in (Quick or otherwise) on accessing each and every (non-1Password) website. On my iPad, however, I am asked to do so. That is the difference and the genesis of my question. I have not established Touch ID on my iPad and do not intend do so. Does that clarify the core of my question?
0 -
That is happening because you have Quick Unlock enabled on the iPhone but not on the iPad. Without Quick Unlock being enabled you’ll be asked to unlock 1Password every time you try to access 1Password. With Quick Unlock enabled, depending on your other settings (i.e. “Lock on Exit” off), that may not be necessary. The only way to not be asked to unlock 1Password each time is to enable Quick Unlock. In order for the Lock on Exit option to be disabled successfully you have to have Quick Unlock enabled. This isn’t made clear in the interface, which is something I’m working with development on addressing.
Does that answer that question more clearly?
Ben
0 -
Yes, Ben it does. Thank you. Geez, I like the Touch unlock feature on the phone but the iPad is in a case that would make Touch unlock impractical. Face recognition would be great...
Still waiting to hear about the random requirement for 2 factor auth while using X and Chrome. Hopefully, somebody, Brenty or otherwise, will get back to me.
Thanks.
0 -
Looks like the new iPad Pros support Face ID so that may be an option, though a different case that doesn’t block Touch ID might be less of an investment. ;)
Thanks for the update.
Ben
0
