All accounts unlock is not consistent
I have many accounts (21 currently added to primary). When I signed in to my main account, all other accounts would be unlocked in previous versions of 1Password 7.x and 8.7.
With 8.8, sometimes ...
Forum Discussion
1P_Dave
Moderator
ModeratorWhen you enable Touch ID or Apple Watch unlock for 1Password, 1Password stores an encrypted secret on disk. The secret is encrypted using an encryption key stored in the Secure Enclave which is a security component built into your Mac. This secret allows the 1Password app to unlock all of your accounts at once which makes enabling Touch ID or Apple Watch the best option for when you wish to conveniently unlock all accounts at once.
1Password removes that encrypted secret from disk if your fingerprint isn't recognized three times in a row and when you haven't entered your account password into the app for 2 weeks.
@chrisjaffe
If someone were to crack, steal or otherwise compromise one of my accounts they would all be compromised. The whole point of 1password is to keep people from reusing passwords. 1password should not be advocating differently.
1Password works differently from other accounts for two reasons:
- As Jack mentioned, we use Secure Remote Password (SRP) to ensure that your account password never leaves your device.
- Each of your accounts is protected by not only your account password but by a unique Secret Key as well. An attacker would need both your account password and unique Secret Key in order to access your account.
Our Principle Security Architect wrote in more detail on this subject in this thread: Two accounts - now needs two different passwords every time you login? — 1Password Support Community
-Dave
