Skip to main content
February 9, 2022
Question

We want your feedback on biometric unlock!

  • February 9, 2022
  • 15 replies
  • 147 views

I've said this a few times already but I just want to reiterate how thankful we are that everyone here is testing out CLI 2.0 and giving us such amazing feedback. As a reminder, we will be giving out some pretty awesome prizes soon so keep your eyes peeled to the forum for an announcement on that.

In the meantime, I'd love to hear your thoughts and opinions on how our new biometric unlock feature for CLI 2.0 is working for you. We've seen a few threads so far but we'd love to hear if you're running into any issues or just want to rave about how cool it is and how it has impacted you! Our goal is to continually make your workflows more streamlined and more secure so if there's anything you want to share about biometric unlock for how it's working for you (or not working for you) please reply in this thread!

We can't wait to hear from you.

15 replies

February 15, 2022

@XIII can you give us some more details about the context where that happened? Is it a persistent issue? From what I understand, this happened while you tried to run a CLI command, while the 1Password application was not running? Did this happen on the nightly version you were running before, or on the current one?

XIII
February 15, 2022

It happened only once.

However, biometric unlock is now completely broken again (see my post in another private beta; I'm not sure what I am allowed to post where).

XIII
February 16, 2022

Fixed! Thanks!

1Password Employee
February 17, 2022

Hi @smanojkarthick, sorry about the slow reply here. I just noticed we hadn't yet responded to your feedback about using Biometric Unlock in multiple terminals.

One minor piece of feedback: I use multiple panes and windows in my terminal, so it would be great if the Biometric unlock didn't show an allow prompt for each of them. It's not a big deal and I figured there's probably a good reason for why it does - but thought I'd share it either way :)

Unfortunately, you're right and we do have a reason to do this. For your security, we want only the terminal to have access to your 1Password account and not any process on your machine. Since any process can start a terminal, we have to lock access down to a single process of that terminal.
This is to limit the attack surface to access your 1Password account. If for example an npm dependency of one of your side-projects contains a backdoor that allows code execution, this cannot be used to access your 1Password account, because execution of CLI commands will need re-authentication for the new process.

I hope this sheds some light on our reasoning.

February 17, 2022

Thanks for detailed explanation!