Unlock with Apple Watch [feature request; not currently possible]

13

Comments

  • gdgadmingdgadmin
    edited August 2017

    +1 for Apple Watch Unlock the same as it can unlock a sleeping Sierra Mac. Too lazy to always be reaching wayyy over to the fingerprint sensor ;) Especially since I use a stand and external monitor, laptop touchbar is actually a bit far away..

  • brentybrenty

    Team Member

    It's definitely an appealing idea. Maybe we'll be able to do something like that someday. Cheers! :)

  • I've skimmed through this thread and note the challenges that 3rd party devs have with the Apple SDKs. Just wanted to throw my support +1 behind this idea and hope that it becomes technically possible soon. Regardless of the hardware being used this is one of the potential advantages of the IOT and wearables in particular. That the devices do the handshake without the user needing to take action. I work in an open plan office (as is increasingly common) so the ideal would be to geofence my laptop and if I (and my watch) move outside of the geofence then 1Password automatically locks to protect all of my important stuff, and when I return it automatically unlocks. Security could be supported by only allowing this to function with the wrist detection (watch is on my person) active.

    Although my institution is working towards 'single sign on' I doubt that it will ever truly be seamless so I very much value having 1Password keep all of my logins and only require a click of a button to populate. Reducing the number of times I have to enter the master password would make the workflow even more fluid and in fact would increase the security (presently the only controls I have are time which can leave my device vulnerable during the inactivity countdown if I walk away).

    I believe 1Password has a good relationship with Apple so I hope that you have opportunity to provide them with feedback about their SDK so that this will be possible in the future.

  • brentybrenty

    Team Member

    @physiomedia: That's sort of the opposite of what's being discussed here — more like a "lock with Apple Watch" feature — but it's an interesting idea. I've used apps that did something similar, and honestly it's a bit of a hack since Wi-Fi and Bluetooth just aren't designed with this in mind, which makes it unreliable to determine proximity. Not sure I'd want to have that enabled in other environments, but man that would be cool! :)

  • I'd like to +1 a feature to unlock 1Password on the Mac by the BT proximity of an unlocked Watch (or iPhone could work as well, as it's the device unlocked with Touch-ID)

  • brentybrenty

    Team Member

    I'm not sure that is the best way to go, since the signal could potentially be rebroadcasted to spoof proximity, but if we can find a way to do this securely it would sure be awesome. :)

  • goldfilmgoldfilm Junior Member

    +1 to unlock 1Password with the watch! It's one of my favorite features in the watch and a great feature to encourage strong passwords.

  • LarsLars Junior Member

    Team Member

    Thanks for adding your vote, @goldfilm -- there's no doubt this would be a cool feature, we're just not sure about the security aspects of it. Still considering. :)

  • Apologies if this get's double posted but I think I lost my post when I registered. I would also be in favour on unlock from Apple Watch. I spend a lot of time working in public places and on public transport so the being able to unlock my Mac without entering my password is perfect. If this could be implemented in 1Password that would be amazing and I think make it an even more secure product for Road Warriors

  • LarsLars Junior Member

    Team Member

    Thanks for weighing in, @themilkmen :) :+1:

  • goldfilmgoldfilm Junior Member

    I'm pretty sure you have to make sure the "tunnel" open between the watch and the desktop is safe, but also I suggest one idea to make it safer to unlock: key combination or 2 step authentication. Once you open 1Password it unlocks the first stage with the watch proximity and it asks you for a 4-digit code on the watch or a combination of clicks or even cooler, like in the old safe boxes: crown up, crown down, crown down... you set up your own combination, so if somebody has your watch can't do anything... I don't know how crazy this sounds, just my 2cents of an added security that does not involve typing a crazy 20-digit master password. Thanks for considering this!

  • LarsLars Junior Member

    Team Member

    Thank you for the additional suggestions, @goldfilm -- this would indeed be a snazzy addition to 1Password, so if we can devote the cycles to it to ensure we get it right (on top of everything else we've got going), you may see something like this. Keep an eye on the updates, and thanks for being involved community-members. :)

  • +1 to able to unlock 1PW on my Mac with my AW, just like my Mac can unlock when it detects my AW is within range. Or have 1PW on Mac look for an authentication by means of a 'tap' on the watch to say 'ok to unlock', just like I get the message on my AW where I can tap 'dismiss' after telling me my AW was used to unlock the Mac.

  • LarsLars Junior Member

    Team Member

    Thanks for weighing in, @emailtowilliam!

  • +1 from me as well. PingID uses an UI that allows me to tap on my Apple Watch to confirm authentication so that I can login to my client accounts. Would be awesome to have something like that to unlock 1Password - especially when I have to log into 1Password on my browser extension.

  • brentybrenty

    Team Member

    Ah, that makes sense if you're authenticating with a server using a push notification. Not something that's possible with the standalone version of 1Password since there is no authentication with a central point involved, but perhaps that's something 1Password.com could offer in the future. Cheers! :)

  • Come on, more than a year pass, and you still considering. Do it already !
    I want to unlcok my macbook 1Password, without constantly typing master password !

  • brentybrenty

    Team Member

    Come on, more than a year pass, and you still considering. Do it already ! I want to unlcok my macbook 1Password, without constantly typing master password !

    @dx777: How do you propose we do that? We're not going to store your Master Password, but we'd have to have your devices authenticate and then negotiate and store a shared secret on both devices in order for them to maintain this across multiple sessions, or you'd have to set it up each and every time. I don't think you want to do that. We have that on iOS, but there is nowhere we can do that securely on Macs at this point...except those with Touch ID, and we already support that. I went into more detail previously, so I encourage you to read my comments there. We're not going to add a feature like this unless it can be done securely, and I'm sorry but making demands won't change that.

  • dx777dx777
    edited January 2018

    @brenty : But macbooks are unlocks with Apple Watch, is this not secure enough ?

  • rudyrudy

    Team Member

    @dx777,

    Unfortunately, that's not something we can hook into to implement such a feature.

    Rudy

  • brentybrenty

    Team Member

    @dx777: Indeed, as I mentioned earlier,

    There simply isn't an "Unlock with Apple Watch" [framework] that Apple makes available to 3rd party apps. So unless Apple adds something like that in the future themselves, we're on our own when it comes to finding a way to implement a feature like that; whereas Apple has added frameworks for developers to use Touch ID and Touch Bar on macOS.

    The Unlock with Apple Watch feature in macOS is something only Apple has access to. I apologize for not being clearer.

  • This is a shame, i have very secure pass and can be hassle at times to enter. My apple watch is secure for me so that if I am near PC and need 1pass if it detects me it would auto enter the password.

  • LarsLars Junior Member

    Team Member

    @agrublev - It's definitely something that would make using 1Password more streamlined for those of us fortunate enough to have an Apple Watch as well -- but as brenty mentioned, it's not nearly as easy to implement in a secure way as it sounds. When the iPhone X with Face ID was released we were there from the very beginning, able to offer that amazing feature within 1Password. But - as much as I love our developers, who worked hard to have it ready on launch day - it would've been somewhere between difficult and impossible for them to implement if Apple had NOT chosen to release the framework for allowing 3rd party developers like us to hook into this iOS process. The same applies here: since Apple hasn't released (or announced) developer access to this, it remains a much more difficult thing to make a reality.

  • I understand completely. But if two apps MacID/Unlox and NearLock offer this to unlock a Mac.. isn't it the same technology?

  • LarsLars Junior Member

    Team Member

    @agrublev - I can't say, since we obviously can't review the code used by either of those developers. They might be doing it exactly the same as one another, or their methods might be very different. And either might be something we would find insufficiently secure for our purposes -- or incompatible in other ways. The bottom line is that anyone wanting to implement such a feature would have to devise a way to do it that doesn't rely on frameworks from Apple.

    Creating such a feature is likely not impossible to do in a way that meets our own security requirements, but it definitely falls into the realm of things which aren't either simple or quick to implement. As with any feature we consider, security concerns come first, but past that there are a whole array of other factors that bear on whether - or how quickly - something makes it into production. Those include available developer hours, estimates of how many of those hours would be required to create the specific feature, number of users it affects, and several other issues. We don't have anything to announce regarding this at this time, and while I know that's not particularly satisfying, it's all I have to offer in the way of a response, other than what mostly brenty has already discussed.

    If you're not already, I'd suggest enabling beta builds in your 1Password applications, as this is where you'd see something like this first.

  • I would love this feature too!! Is there any progress??

  • LarsLars Junior Member

    Team Member

    Welcome to the forum, @DaanMooij! We don't typically issue progress reports on feature development; instead, we prefer to release things when they're ready. There are too many variables that to into getting any release out the door -- some of them quite beyond our control -- so we've learned to not announce or promise something until we're literally ready to ship, because it's not fair to our users. Thanks for stopping by and letting us know you're interested in this as well, however -- we're glad for every bit of input we receive from users because it gives us a sense of what people would like to see in future versions. We can't always guarantee any particular feature will see the light of day in a future release, but we always take user feedback into account when planning what to do next. So, thanks! :)

  • brentybrenty

    Team Member

    I understand completely. But if two apps MacID/Unlox and NearLock offer this to unlock a Mac.. isn't it the same technology?

    @agrublev: It was discussed earlier in this thread, and I also alluded to it more recently above as well: they're storing your account password in order to fill it automatically. We're not going to store Master Passwords for two reasons: (1) there's no secure place to do so, and (2) it also makes it really easy to forget it and get locked out of your data forever. Both of these considerations are two of the most significant to all of us as 1Password users, so we'll only do a feature like this if (1) it can be done securely and (2) as a temporary convenience feature, since never requiring the Master Password and depending on another device will ruin anyone whose Apple Watch is lost, stolen, destroyed, or replaced.

  • brentybrenty

    Team Member

    I would love this feature too!! Is there any progress??

    @DaanMooij: Just to clarify, this isn't possible currently, and therefore not something we're working on. That may change in the future, but a feature request does not mean that a feature will be added — or that it is even feasible. Thanks for letting up know you dream of using your Apple Watch to unlock 1Password someday too though! :)

  • Please add my name to the chorus of people that would LOVE to unlock 1Password with the Apple Watch. If security concerns are present, could you advise users of the risk and allow them to select to enable the feature or not? Thank you.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file