Safari Extension Authentication
The authentication process for the new Safari extension seems a bit clunky. It involves extra steps that are annoying and unintuitive. So you’re left with the choice of either wasting time doing these extra steps frequently or setting the extension to require authentication less often thus sacrificing security.
I don’t understand why it doesn’t just automatically authenticate with each use as it did with the old auto fill system.
Comments
-
Hello @AMonitorDarkly! 👋
1Password for Safari takes advantage of Safari's ability to support extensions on iOS 15 and is subject to different technical opportunities and limitations than iOS Password AutoFill. Specifically we're using a web standard called WebAuthn in order to manage authentication, it's a great way for Safari extensions to make use of Touch ID or Face ID however it does require that the user first allows the authentication to take place.
The default amount of time before 1Password for Safari needs authorization again is 24 hours but you can indeed lower this to as low as 15 minutes. Or you can manually lock 1Password for Safari between uses:
- Open Safari on your iPad.
- Tap on the puzzle piece in the address bar.
- Tap on 1Password.
- Tap on the colourful ring icon.
- Tap on Lock 1Password.
The next time that you use 1Password you'll be prompted to authenticate. Let me know if that helps. :)
0 -
Hopefully we can improve this in the future as Safari Web Extensions on iOS and iPadOS continue to mature. At the moment because of the technical limitations of WebAuthn and Safari Web Extensions 1Password for Safari isn't able to immediately authenticate using Face ID / Touch ID.
In recent years Apple has done a great job having users set a PIN code or use Face ID / Touch ID to lock their iPhones when not in use. If your iPhone is locked when you're not using it then 1Password for Safari won't be available either until you unlock your iPhone.
0 -
I agree with the clunky comment. I’m not going to continually type a complex password on an iPhone keyboard just to use this extension. I’m turning off the extension and going back to the previous method.
0 -
Understood @Michael Shingledecker, we appreciate the feedback :+1:
0 -
Unfortunately you can’t go back to the previous method, because they disabled it. Why did they disable it? No one has given an answer that isn’t convoluted and confusing. Something about not wanting to support two different functionalities because that’s too hard/expensive, and something about the browser extension being so much better that they just tossed the share sheet method (that’s the previous method). What I don’t understand is, when was that decision made inside the company, and didn’t at least one person speak up and say “Hey, if you do that you’re killing the app for like thousands (they don’t know the actual number of people with local accounts, so it could be tens or hundreds of thousands for all I know) of costumers who’ve forked over hundreds of dollars in license purchases? Or why didn’t at least one person say hey, the extension method requires users to input a (newly lengthened) 10 character password periodically into the tiny iPhone keyboard which has to be typed perfectly because you can’t autocorrect a password, and the old share sheet method only used biometrics - I wonder if anyone is going to dislike this? And also, if my 1Password app always uses biometrics, why on earth does it make sense to have to manually type in the password to the “mini 1Password” extension periodically? Also, why do they keep closing discussions here about the iOS15 local account thing?
0 -
You make some very good points.
I hope management listens to its users before they end up losing many previously loyal customers. It is a shame to find that the app is no longer the brilliant one it has been for many years.
0 -
I’m currently not a fan of the new Safari extension. I prefer having Face ID authentication each time 1P is accessed on my phone. The new extension also displays items from all my vaults even when I exclude certain vaults from “All Vaults”. Also, as most are saying, it’s clunky and takes too many steps to manually lock/unlock each time.
Please bring back the share sheet extension. I can still kind of use the old method since it prompts the login integrated with the keyboard, but I can’t seem to initiate credit card fill this way.
0 -
+1 for the previous comments
0 -
@Sandgirl I'm sorry to hear that you're receiving multiple sign-in notification emails per day. This is a bug that our developers are investigating and I'll add your report to our internal tracking item for the issue. Hopefully we can get this fixed soon.
@c224 I hear you about 1Password for Safari not respecting vault selection for "All Vaults" in the 1Password app. I'd like to see this changed myself and our developers are looking into this. I'll add your +1 to the existing work item for the feature request.
There are two different ways to fill information from 1Password into Safari:
- 1Password for Safari which features greatly improved filling capabilities and offers an experience that is similar to what you're already used to with 1Password for the browser on the desktop. This method also supports filling credit cards and addresses.
- iOS Password AutoFill which allows you to fill logins and passwords into Safari and other apps on the iPhone and iPad. You can use copy and paste or drag and drop for items that can't be filled with Password AutoFill.
Our founder Dave wrote a great post explaining our official stance regarding the old share sheet here: https://1password.community/discussion/comment/612494/#Comment_612494
ref: dev/core/core#10017
ref: dev/core/core#10342
0
