Unlock on Secure Desktop

This is a feature included in the latest beta release. How does it work?

Comments

  • svondutch
    svondutch
    1Password Alumni

    It is supposed to add some protection against key loggers. When you unlock your keychain on another desktop, key loggers cannot spy on the (keyboard) messages.

  • khad
    khad
    1Password Alumni

    Yep. Just to add to what Stefan already said:

    Because the "enter master password" dialog appears on another desktop (that we temporarily create ourselves), and because Windows messages do not travel across desktops, key loggers aren't able to spy on the (keyboard) messages.

  • Jenneane
    Jenneane
    Community Member

    Ahhhhhhhh... Ok. I misunderstood what "unlock on secure desktop" meant. I thought that it was allowing me to identify a computer that was "secure" (and thus make use of the program less time-consuming somehow), and wondered why it required me to enter the password twice, since that seemed like it made it MORE work. Just fyi that that's how one non-techie user understood the label.

  • khad
    khad
    1Password Alumni

    Thank you for your feedback, Jenneane! We'll see if we can make this clearer. :)

  • rqc
    rqc
    Community Member

    I also misunderstood what the phrasing of "unlock on secure desktop" and also thought that it was to identify this computer I was using as "secure" and perhaps ask for authentication less or provide for more seamless use. I think the wording should change to something like "unlock from a trusted device", "unlock on a different computer to proceed", or "Dual authentication. Unlock using another trusted device."

  • svondutch
    svondutch
    1Password Alumni

    This feature unlocks your keychain on a secure desktop, unavailable to key loggers. I doubt "unlock using another trusted device" makes this any clearer.

  • rgsteele
    rgsteele
    Community Member

    First of all, kudos on this new feature. Having a keylogger capture my master password is something I've been worried about, and prompting for the master password on the secure desktop seems like a good strategy for minimizing this risk.

    I was a bit confused by the "shield icon" on the "Unlock on secure desktop" button. This icon normally means that a process requires elevation, which is not the case here.

    Is there a reason you have implemented "Unlock on secure desktop" as a separate button, rather than just replacing the existing unlock mechanism? It seems to me that the right way to implement this would be to pop up a notification on first launch of the new version explaining that you have implemented a new, more secure, unlock mechanism, with an option to disable it if it causes problems for anyone. Then, at future launches of the app, go directly to the secure desktop unlock. Having two different ways to unlock the app is confusing, and the average user won't understand why they should choose one over the other.

    I wonder, is there a way you could combine the secure desktop unlock with a "security image", i.e. a unique image displayed to the user with the unlock window that is only accessible by the secure desktop process? This would help foil attempts by trojans to impersonate the 1Password unlock window.

    @rqc: I think you may still misunderstand what the "Unlock on secure desktop" button does. It displays the unlock window on your computer in a special mode that prevents other programs that are running on the computer from "seeing" it. This special mode is referred to as "secure desktop mode". It has nothing to do with a different computer.

  • khad
    khad
    1Password Alumni

    Thanks for the kind words, rgsteele. I can't say I disagree with what you wrote. I'll let Stefan know, though I'm not sure of the efficacy of the security image part.

  • svondutch
    svondutch
    1Password Alumni

    I was a bit confused by the "shield icon" on the "Unlock on secure desktop" button. This icon normally means that a process requires elevation, which is not the case here.

    Analog to UAC, the feature brings up a dialog on another desktop, unavailable to key loggers. This is why the shield icon is there.

    Is there a reason you have implemented "Unlock on secure desktop" as a separate button, rather than just replacing the existing unlock mechanism?

    It is not for everybody for compatibility reasons (for example: it is not supported on Windows versions older than Windows 2000).

  • rgsteele
    rgsteele
    Community Member

    Analog to UAC, the feature brings up a dialog on another desktop, unavailable to key loggers. This is why the shield icon is there.

    According to the Windows UI Guidelines, the shield icon should only be used when a process requires elevation. A user who does not have administrative privileges on a computer will avoid clicking this button because they will (rightfully) expect that they will get prompted to enter administrative credentials if they do.

    It is not for everybody for compatibility reasons (for example: it is not supported on Windows versions older than Windows 2000).

    Why not continue displaying the old interface for users on operating systems that don't support the secure desktop, and display only the secure desktop login to users on supported platforms (with the option to turn it off)?

    I hope the secure desktop unlock is coming to the browser extensions as well. Keep up the great work!

  • svondutch
    svondutch
    1Password Alumni

    I hope the secure desktop unlock is coming to the browser extensions as well

    It is available in our extension for Internet Explorer

This discussion has been closed.