Option to stay logged into 1Password forever?
Hello!
I know that the question in the title will probably seem crazy or shocking to a lot of people already, but please let me explain at least ;-)
I am a user of LastPass now for many years but did experiment over the last weeks with 1Password a little, mainly because I often heard and read about it as "the other" great solution and got curious. After playing around with the trial version on my Mac I have to say that I am really impressed and there are clearly some advantages but also some options I miss where I wish the developers would put some more choices in my hand.
So yes, one thing I would like to see in 1Password is an option to stay logged in, even after a restart of the app or reboot of the machine. Yes, I know that this is not making things more secure, if other people approach your machine this is dangerous and the risk is higher this way, that you forget the master password.
However I still think that at least users should be able to make that choice themselves and in my case I use LastPass this way after really thinking hard about about this. In my case I think the risk isn't that high because I use Filevault in my machine with a strong password, I always lock my screen even if I just leave my computer just a few minutes and normally shut it down completely when going to bed or work.
I feel that for me personally this is an acceptable compromise between security and comfort. Some might disagree but still I want to make that choice myself and don't want others to do that for me. LastPass gives me a clear recommendation and warning against this, when I activate that option but after that then lets me do it this way.
The question is just I think what you want to achieve by using a password manager and you should be able to be flexibel in measuring security and comfort. I want to be able to use different strong passwords on different sites, so that I don't have to use the same one everywhere, because I clearly see a risk for me there when people could brute force a weak password of mine or a password database got breached somewhere.
I don't see myself however at the risk of forgetting my master password (didn't happen yet to me in many years in case of LP) and see my computer and my passwords already well protected with Filevault.
I really like 1Password and it has for me also advantages over LastPass (in my case deals better with filling some sites forms, generally looks more pretty) and I could imagine myself moving to it from LastPass, however when switching from one solution to another I don't like making compromises and giving up something.
So please at least consider adding this option to stay logged in forever. Hide it deep in the settings, let us click away 10 warnings before activating it, but please give the users the choice :-)
Comments
-
I assume you have become aware that you can set a very long period of time before needing to reenter your master password in the security section of 1Password's preferences. But you cannot avoid entering it whenever you restart your computer. I suppose if entering your master password once a day when you first turn on your machine is too much of a burden, you may need to look for a different solution. I don't work for AgileBits, so I can't say for sure that they won't ever plan to do what you want, but I've read enough of their responses to this same request in these forums to know that they don't plan on adding the option you are requesting.
0 -
Its a 2 sided sword giving users feature requests. I also don't work for AgileBits but I have been here for quite a few years over 6 now or is it 7...
Anyway they take your safety and security as the most important thing. They only do whats best. Honestly they kind of remind me of Apple a little.. They only give features and enhancements that they believe is in the best interest of the user. Sounds like Apple huh. Much smaller but sounds like them.
I also have to say I feel almost within 100% certainty, the feature will not come about at least not YET. What good is a security app if it doesn't provide some form of security.
Ok I am daydreaming here:
What I foresee a possibility and this relies on Apple. What about a MacBook with integrated fingerprint reader in the Trackpad ? Always on Always working. Honestly I usually buy a machine every 3 years. I will gladly shell out some money for a fingerprint reader on the Mac. I would do it next week if it became available. All I am going to say is Apple must spread the debuting of the products over a few years a new phone and possibly a watch and a Mac in the same year they are intending to break my piggy bank hard. LOL
We already see similar functionality with iOS. Agilebits has already demonstrated how the iOS app can work with TouchID. I feel certain Apple will bring this to the Mac. I may just have to wait a couple more years. But I am patient. After all a few years back they de throned the Mac taking it away from the center of the universe and made it a syncing product just like iOS. The Mac and iOS now each sync to the server, and not the Mac holding all the cards. By doing so they set a chain of motions into place that I still think we are seeing today with iOS 8 and Yosemite (being unveiled soon). The server validates the Mac and iDevice allowing wifi calling, personal hotspot etc.
What if the iWatch allows you to unlock your Mac when you get near ? Its always worn on your person less likely to be lost or forgotten. What if it allows 1Password to reduce the security on the 1Password app and set your selection to only ask for a PIN not a Master Password? All this is conjecture and is up to multiple parties to fulfill but the possibilities are endless.
Its very exciting times. What will be unveiled ? What will developers be able to do with it ? I personally cant wait till Tuesday.
0 -
While I like the idea a simple unlocking mechanism, I still want it to be 2-factor authentication, aka 2 items out of the classic something you have( phone ) something you know(password) or something about you ( your fingerprint ) trio. Nothing like your curious friend or sibling grabbing your iWatch, unlocking your computer and then rifling through your system, purposefully or accidentally messing something up.
0 -
I really respect AgileBits for putting security in front of just about everything else (even perhaps what some regard as "usability"). I'd rather grapple with security than be robbed because of too much usability. :) I'm not saying the latter can't be improved without prejudicing the former—but merely that in my experience AgileBits is usually very good at striking the right balance.
@thightower I much enjoyed reading your thoughts above: thanks!
Stephen
0 -
Hi @schluesselbund,
I do work for AgileBits. As @hawkmoth noted, you can customize your security settings to have a great deal of latitude in how much time passes before you need to enter your Master Password again.
You can essentially set it so it only needs to be entered if the Mac has been restarted. That is something I don't think we'd ever be able to get around, as we have to have our process running in order to keep the data unlocked. This is part of what 1Password mini does. However, when the Mac is restarted, all processes are obviously terminated. At that point the Master Password needs to be entered.
0 -
Well, of course it can be got around, as was done in 1PW3. All that's needed is an option to store the master password in the Apple keychain.
I agree with the AgileBits attitude that this actually a very bad idea, but it could be done.
0
