1P5 log in on iPhone 6Plus

dlm67dlm67
edited August 2015 in iOS

Simple: When I open my iPhone 6Plus, 90% of the time I must enter a code. Sometimes it accepts my fingerprint, but this is random.
Why can't I open 1P5 with my fingerprint all the time?


1Password Version: 5.3
Extension Version: Latest version
OS Version: OSX 10.10.5
Sync Type: iCloud

Comments

  • thightowerthightower T-Dog Agile's Mascot

    @dlm67

    AFAIK, The use of the fingerprint and the corresponding acceptance and or denial is all handled by the phone. All 1Password does is pop up the authorization prompt and then the phone handles the actual authentication. 1Password never sees the fingerprint.

    This is based upon what I saw in the developer WWDC session, when the touch sensor was made available to app developers for authorization prompts.

    I am not a developer so that is the only data I can personally relate to.

    To add to your topic for me Dropbox is the worst app for my fingerprint with only 30% being successful . 1Password for me is about 75% successful.

    • I did notice something interesting for me the other day. If I place my finger on the sensor and press ever so slightly diagonal towards the display area (with a super light downward push) the sensor works better. Its kind of a weird thing to get use to. This is in relation to every app I use and even logging into the phone.

    Maybe the staff can also offer some ideas, and or suggestions.

    Cheers,

  • thightowerthightower T-Dog Agile's Mascot
    edited August 2015

    You posted in the Mac section. I am going to move it to the iOS section as its the only one (Apple device) with a fingerprint sensor and you specifically reference the iPhone 6+.

  • What you are saying is incorrect. The iPhone does not determine whether the fingerprint can open a particular app. The app does. For example, some banks or credit cards such as American Express allow it the account to be opened by a fingerprint. Others do not. Why doesn't 1P5 allow this ALL the time and not just sometimes?

  • Let me make the above comment clearer: When I ask why 1P5 doesn't open with a fingerprint, I mean the 1P5 app, not any other app.

  • thightowerthightower T-Dog Agile's Mascot
    edited August 2015

    @dlm67

    Developers do not have access to the fingerprint. Apple maintains the security of said fingerprint on the device.

    For the first time, you have the option of using Touch ID to sign in to third-party apps — there’s no need to enter a password. Your fingerprint data is protected and is never accessed by iOS or other apps.

    All authorizations happen through API's provided by Apple. The developers build in this functionality to there apps. You do not store a fingerprint inside each app, so it is outside of each app.

    From here http://www.apple.com/ios/developer/

    Yes the phone specifically the chip determine if the app can be accessed.

    https://support.apple.com/en-us/HT204587

    Secure Enclave:
    Touch ID doesn't store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn't possible for someone to reverse engineer your actual fingerprint image from this mathematical representation. The chip in your device also includes an advanced security architecture called the Secure Enclave which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of the chip and the rest of iOS. Therefore, iOS and other apps never access your fingerprint data, it's never stored on Apple servers, and it's never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can't be used to match against other fingerprint databases.

    The specific portion is this.

    1. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data.
    2. The Secure Enclave is walled off from the rest of the chip and the rest of iOS.
    3. Therefore, iOS and other apps never access your fingerprint data,

    From the 1Password FAQ's

    How does 1Password protect my fingerprint from being stolen?

    When 1Password brings up the Touch ID window, it is not directly scanning your finger. iOS performs the scan privately and then simply tells 1Password “yes” or “no”. Your apps (including 1Password) do not have access to your actual fingerprint data, which is stored in a secure enclave on your device’s hardware.

  • thightowerthightower T-Dog Agile's Mascot
    edited August 2015

    Yes, I understood why you were asking about 1Password 5, I was merely telling you I have hit and miss success, with other apps. I was also conveying how I gained a better margin of success from my use of the phone.

    Edit: As for myself, I am hoping for better performance in a new generation sensor in the next phone. It has been speculated and rumored that it will be of better quality.

    Here is hoping it solves all of our issues.

    Cheers,

  • thightowerthightower T-Dog Agile's Mascot

    This topic may help https://support.1password.com/touch-id-faq/ answer some of your questions re Touch ID.

  • brentybrenty

    Team Member

    @dlm67: Indeed. Sorry for the confusion!

    As thightower mentioned, Touch ID is handled entirely by iOS. It's a black box that no apps can access directly. So when it isn't working, it won't be something that a 3rd party app (such as 1Password) or its developer (such as AgileBits) can fix. The app just calls on Touch ID, Touch ID itself pops up the dialog (which is why it locks the app in the mean time), the user gives input, and Touch ID either accepts or rejects it and tells the app. That's the extent of it.

    Ultimately you may need to contact Apple if it still is giving your trouble, but typically you can simply restart the device or re-set Touch ID (turn it off and then back on) to get it working, or there are a few other tips that you can try to get it working. Just follow these steps:

    1. Launch Settings on your iOS device
    2. Tap on Touch ID & Passcode
    3. Enter your Passcode or Password
    4. Toggle Touch ID to OFF
    5. Press the Home button to return to the Home screen
    6. Shut down and restart your device
    7. Enter your Passcode or Password at the Lock screen
    8. Launch Settings on your iOS device
    9. Tap on Touch ID & Passcode
    10. Enter your Passcode or Password
    11. Toggle Touch ID to ON

    Please let me know how it turns out. I look forward to hearing back from you! :)

  • Thank you for your help, but I know how to install and use Toggle Touch ID. My question is about using the fingerprint recognition to open 1P5 upon restarting my iPhone. Sometimes, randomly, 1P5 opens with the fingerprint, but not always, even though the settings in 1P5 say that the user must always enter a manual passcode. A Manual passcode is not as secure as a fingerprint, so I would rather have the fingerprint. I do not want to enter a passcode for 1P5 each time I restart my iPhone.

  • brentybrenty

    Team Member

    My question is about using the fingerprint recognition to open 1P5 upon restarting my iPhone. Sometimes, randomly, 1P5 opens with the fingerprint, but not always, even though the settings in 1P5 say that the user must always enter a manual passcode.

    @dlm67: I'm afraid I don't know what you mean then. 1Password always needs the Master Password to decrypt your data. Touch ID simply stores it in the iOS Keychain temporarily to facilitate this. And again, this is managed by iOS, not individual apps.

    A Manual passcode is not as secure as a fingerprint, so I would rather have the fingerprint.

    This is not the case. When you use your fingerprint with Touch ID, it is simply entering your saved passcode once authentication is successful, so your "fingerprint" is always going to be exactly as secure (or insecure) as your passcode. After all, anyone can simply bypass Touch ID and enter a passcode instead. Touch ID does not make a weak passcode stronger; it allows you to use a stronger passcode since it does not need to be entered manually every time.

    You device can always be unlocked using the device passcode; and 1Password can always be unlocked using your Master Password. Much as nothing is protecting your device when you're 'going naked' without a device passcode, without a Master Password it would be trivial for someone to access your 1Password data. So not requiring it would make 1Password pretty much useless when it comes to security.

    I do not want to enter a passcode for 1P5 each time I restart my iPhone.

    You must. And I won't even say 'unfortunately'. 1Password always needs the Master Password to decrypt your data. Your security depends on it. Touch ID is there for convenience, and to encourage you to use a long, strong, unique Master Password — and device passcode. It isn't a replacement for either, which is why you need to enter your device passcode before you can use Touch ID after a device restart. ;)

  • Thank you very much to all for your time and thoughtful comments. You should be aware, however, that 1P5, as I mentioned, occasionally and randomly opens with a thumbprint and not the manual passcode. That is what lead me to believe that I did not need the manual passcode.

  • brentybrenty

    Team Member

    @dlm67: Indeed. Unless you restart the device completely or your Master Password timer expires (from 1Password Settings > Advanced, and therefore it is removed from the iOS Keychain) you should be able to use Touch ID. Sorry for any confusion that may have caused!

  • In my Advanced Settings, I have Never selected for Require Password. Does this mean that the password is only required upon restarting my iPhone? I use the iTouch after initially submitting the password. Thank you.

  • brentybrenty

    Team Member

    @dlm67: Sorry for the confusion! As stated in 1Password Settings > Advanced > Security,

    In addition to your regular security settings, your Master Password will be required every [n days/hours/weeks].

    1Password always requires your Master Password after restarting your device, regardless of anything else, or when you choose 1Password Settings > Security > Lock Now. And then 1Password will also require the Master Password when the criteria for the above setting are met. I hope this helps.

This discussion has been closed.