I'd like to discuss a situation which led me to request an enhancement for 1Password.
Lately I was robbed. The thief got an open iPhone with opened 1Password right out of my hand.
Likely a desaster situation. I'm pretty sure, nothing bad happened (as so fare I don't have evidence for that), but who knows.
However, this led me to the following thinking: the human and the situation is the most weak part of the security chain.
It also led me to: what data to actually store in 1Password? Luckily I'm separating identity information (like recovery questions, recovery separate phone numbers) in a different place (or possible vault?).
BUT: if I would carry two vaults on one device with 1Password, it wouldn't help to just have two different passwords on the vaults.
1Password ALWAYS unlocks all vaults stored on the device with the same MasterPassphrase you use to unlock the app.
So my security enhancement wish: please implement a way to mark certain vaults to require a separate authentication even after 1Password was successfully opened.
Most users likely use 1Password to store – passwords! It's easy to change passwords after a robbery. However, if you store more sensitive information, you might want to protect this further. The current architecture of 1Password unlocks everything with a single password (hence the name, :-) ) and in this case is a disadvantage here. I'd need to run two apps to separate data.
1Password Version: 7
Extension Version: 7
OS Version: macOS, iOS
Sync Type: iCloud, Dropbox, WLAN, …