ModeratorHello YellowVista! π
Thank you for the detailed suggestion! I've filed your feedback internally with the product team so that they can consider adding shorter term durations to the "Require password" setting in the future.
I'm not sure how 1Password currently handles multiple failed unlocks via Touch ID / Face ID / PIN, but if it isn't already a feature, then I would also like a feature added to require the account password again after multiple (5? 10?) failed unlock attempts via Touch ID / Face ID / PIN. I wouldn't want someone to be able to attempt an unlimited number of unlocks via those alternate methods.
If you're interested, we've published articles that go into the security of Face ID / Touch ID here:
Biometric unlock on iOS stores an obfuscated secret (equivalent to your account password) in the iOS Keychain which is used to unlock 1Password when your face or fingerprint is recognized. This secret is removed from the iOS Keychain, and biometric unlock for the 1Password app is disabled, when your face/fingerprint isnβt recognized five times in a row.
I hope that helps! π
-Dave
ref: PB-30870328
