Security Feedback: 1Password App Doesn't Require Master Password If iPhone Passcode Is Changed

unhappychappy

Unlocking 1Password for iOS using a passcode is one of the most requested features that we've received from the forums. I know that a lot of folks here will be happy when it comes out: Building a Better, More Useful 1Password

One example of a use case, that someone shared with me in another thread, is a user whose iPhone's Touch ID sensor no longer works but they can't afford to upgrade their device. Without passcode unlock that user would have to enter their account password each time to unlock 1Password which isn't convenient.

Since this conversation is veering a bit off-topic, and the OP's question has been answered, I'm going to close the thread to save others the notifications. 🙂

-Dave

1P_Dave Well sure, I just don't understand the use case for this feature and wonder whether it's worth focusing resources on?

unhappychappy

Using your device passcode to unlock 1Password will be optional and disabled by default. If it's something that you aren't interested in using then you can keep the feature disabled.

-Dave

1P_Dave Is this really necessary considering the bulk of iPhones in use today have Face ID and Touch ID?

clarino

It sounds like you have it right. 🙂

Based on customer demand, we are planning to add, as an optional feature that is off by default, the ability to unlock 1Password using your iPhone's passcode. When this feature is released I believe that we'll be updating articles such as this to incorporate the new option and expand on the security implications.

-Dave

Thanks for having this discussion. As I understand Dave's link, nimvio is correct but irrelevant. To restate, yes, someone can steal your phone and change the passcode but they still won't be able to use 1P which relies on either knowing the 1P password or using Face ID which 1) cannot be changed without resetting 1P's secret or 2) will fail and fall back to relying on 1P password.

It would be helpful to other 1P customers if that support article could be expanded to explain not just 1P's internal logic but why the logic effectively blocks someone who has stolen the phone from getting access to a 1P vault. Or provide a link to another support article that explains it.

As an aside, I'm reading other articles (example: https://macandegg.com/2023/02/icloud-account-can-be-taken-over-with-only-iphone-passcode/) that recommend NOT using iOS's builtin password manager. It's been years since I've used it but I guess its rules are simpler. For example, it re-uses the phone's passcode so there's no further way to authenticate the user. So glad I use a 3rd party password mgr.

Do I have this all straight?

Hello nimvio!

If someone steals your iPhone's passcode and adds an alternate appearance to Face ID on your iPhone, Face ID will be automatically disabled for 1Password and you will be required to enter your account password to re-enable Face ID the next time that you try to unlock the app. You can read more about this here: About Face ID security in 1Password for iOS

Let me know if that answers your concerns. 🙂

-Dave