Request Type In PIN always for added security

I added the PIN option for Apple Watch but found that once it's provided it doesn't seem to ask for it often. I would feel more comfortable having secure items on my Watch if the PIN was requested "every" time the app was opened. I realize that if my watch is stolen whoever has my watch would need to enter my watch Master PIN to access the watch at all. I also know that the upcoming Apple Watch software update will be addressing security issues to protect the watch if stolen. Nevertheless, I would still feel more comfortable having secure items on my watch if the 1Password watch app requested the PIN every time the app is opened.


1Password Version: 5.4.3
Extension Version: 4.3.1
OS Version: Windows 8.1
Sync Type: WiFi

Comments

  • chrisdjchrisdj AgileBits Support

    Team Member

    Hi @jm2267,

    Right now with current WatchKit apps, we can't time out the instance ourselves. The app's PIN will be required once iOS and the Watch decide to purge it from memory. We should have much better control of this in the future, and we're exploring those possibilities.

  • This is an urgent problem folks. Even if I remove the watch from my wrist, requiring a password login to the watch itself, iPassword still comes up unlocked. That's totally unacceptable for security purposes.

  • chrisdjchrisdj AgileBits Support

    Team Member

    @dstrauss We don't have control over the timeout right now. It's whenever iOS on the phone decides to remove the app from memory. This Fall Apple is releasing watchOS 2 which will give third-party apps much more flexibility. We're excited by the possibilities that watchOS 2 will give us for better security control.

  • @chrisdj - Thank you for the quick response. I guess the short answer is to disable 1Password on the Watch for the time being. I don't mean to be paranoid, it's just that this is a pretty unexpected behavior for a security app.

  • chrisdjchrisdj AgileBits Support

    Team Member

    @dstrauss Indeed, I can understand wanting to have it lock down. Current Apple Watch apps just have no context of what's going on. There's zero access to any sensors or anything, including knowing when the Watch itself has locked, because currently third-party Watch apps don't execute any code on the Watch itself. It's all streamed live over Bluetooth from the iPhone.

    With watchOS 2 third-parties with be able tor un their apps on the Watch hardware directly, with access to a whole bunch of hardware sensors. We're really excited about the possibilities of that, and are actively looking at what we can do with watchOS 2.

    All that said, please have a read-through of our security documentation for the current 1Password for Apple Watch app, as it is very enlightening.

  • I would also like to add my support for this feature, if or when it is possible.

  • chrisdjchrisdj AgileBits Support

    Team Member

    Thanks for the vote, @Furzul!

This discussion has been closed.