Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Forum Discussion
iOS PIN Security
I have meticulously read through discussion 98376/Pin Security (now closed), along with a couple others posts is all I could find, but I still am having trouble understanding what is being said. Most recent posts were back in 2018 and before.
Has anything changed since then?
I am out-of-trial and happily have an 1Password Account. But I am not, yet, using 1Password.
Backing up for a minute, I understand that iOS is a walled garden [ I'm guessing Android phones use a simple 1Password PIN (QUC) solution ]. AgileBits has masterfully leveraged Apple's iOS Keychain so as to offer PIN code for iOS 1Password users who do not wish to key strong Master password each time they open the app. My household will not use 1Password unless/until I create a PIN code.
I do not wish to delve further into iOS PIN security details.
OTOH, what I would kindly prefer (if reasonable and sensible, of course) :)
Can anyone of the AG Team confirm, maybe something like this:
"Yes, I know of one or more Team members that use iOS PIN codes on their personal 1Password accounts".
At this point, if 1Password Team member(s) are knowledgeably and confidently using iOS Keychain PIN code, I will choose to trust that it is (completely? sufficiently?) safe to use and move on.
Thank you.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
10 Replies
1P_Ben1Password Team
Apple does now offer a keyboard to help with that use-case, if you have a compatible MacBook:
For what it's worth. 😊
Ben
Jack_P_1PHi @maver1ck:
Currently the only alternative unlock methods we offer for 1Password for Mac are Touch ID or Apple Watch unlock. If you'd like to see the specifics of how the security of that works, you can find more details here: About the security of using Touch ID or Apple Watch to unlock 1Password for Mac
Let me know if that helps, or if you still have questions!
Jack
Thank you @ag_ana, for your response and on point suggestion. A very helpful article, too. Secure, Simple, Easy.
Though the risks are small and the advantages are big, it comes down to firm reluctance to Biometrics. But then there are potential risks of jailbreaking and with PINs, too. The list goes on.
Obviously, this is all at the subjective and personal level. Just wanted to think out loud a bit, and with other(s) input, hone my chosen solution.
For now, I am re-visiting the use of random memorable 1Password Master Password (including the associated large-size hash). JGoldberg has so expertly written about this, along with his Password-Cracking challenge assessment and results. I have gone back-and-forth for a long time on this topic of passwords and entropy. Maybe this time I can internalize 'random memorable' for myself, and then convince other family as well.
Also, I think it would be nice to see an Auto-Lock option of 4 hours.
Hi Former Member!
AgileBits has masterfully leveraged Apple's iOS Keychain so as to offer PIN code for iOS 1Password users who do not wish to key strong Master password each time they open the app. My household will not use 1Password unless/until I create a PIN code.
Is there any reason why your household would not simply use Touch ID or Face ID to unlock 1Password instead?
https://support.1password.com/touch-id-security-ios/
In addition to being secure, it would be even quicker than entering a PIN code, if the goal is to unlock 1Password quickly (which sounds like the reason you are asking this).
