Is 1Password Still Safe If iPhone + Passcode Gets Stolen?

Hello @fastrhythm! 👋

Thank you for the question! As danco mentioned, 1Password isn't unlocked by your iPhone's device passcode unless you deliberately turn on passcode code unlock. If passcode unlock is turned off then the 1Password app can only be unlocked using either your account password or Face ID / Touch ID (if you've enabled biometric unlock).

You can have both the 1Password app, and the 1Password for Safari browser extension, lock faster by changing your auto-lock settings:

• How to set 1Password for iOS to lock automatically
• Change how quickly 1Password for Safari requires reauthorization

Regarding the specific attack that you mentioned, the attacker would need both of the following:

1. Possession of your iPhone.
2. Knowledge of your device passcode.

If you haven't already then I would recommend that you enable biometric unlock for your iPhone so that, when you're in public, you unlock using Touch ID / Face ID rather than typing in your device passcode:

• Use Touch ID on iPhone and iPad - Apple Support (CA)
• Set up Face ID on iPhone - Apple Support (CA)

For further advice on how to protect access to your iPhone itself I would reach out to Apple Support. Let me know if you have any questions. 🙂

-Dave

A bad actor with your phone and passcode wouldn’t be able to access the 1P app directly but they would have access to the Safari auto fill functionality for anywhere from 15 minutes to 2 weeks depending on your reauthorization settings.

For example, the thief could start visiting major bank websites and see if Safari auto fills any credentials.

No. 1PW has its own password.

Also, consider using a longish alphanumeric passcode for the phone rather than a short numeric one, as that will make it much harder to steal.

Finally, is you turn on ScreenTime, which rquires a four digit passcode, this will prevent the changes that could damage your digital life.