1Password X bypasses Duo Prompt

@wkleem,

1Password X and the 1Password website use the same authorization. So if you have already authorized in Duo on the 1Password website, 1Password X is already authorized too.

Let us know how it goes! It should also be noted that Duo is still a beta feature of 1Password accounts.

--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits

Thanks for letting us know your results. I've opened an issue on your behalf so we can look into this further.

--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits

ref: b5-3467

You're welcome. I'll keep this thread updated. :) :+1:

--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits

It is a 1.0 after all. :) And you're right, Screen Shader seems to prevent 1Password X from working correctly.

We are still encouraging folks to use the 1Password extension on Mac and Windows instead of 1Password X if they want a more mature solution. We are still full speed ahead on the Mac/Windows apps (and extension!) and don't plan on slowing down there either as we barrel ahead with 1Password X.

Thanks for reminding us that this is important to you. It's on our list. :+1:

:) :+1:

@wkleem: I'm not sure what you mean by "double unlocking". Would you be able to record a video, or give exact steps with screenshots about what you're seeing? That sounds really weird.

@wkleem: No worries. Just want to make sure we're on the same page here. I apologize if I'm misunderstanding, but it seems like this is working as intended: while 1Password X can unlock multiple accounts together if they're using the same Master Password, you should have to lock 1Password X and unlock it again using the correct Master Password if they are different. We recommend using a single long, strong, unique Master Password for 1Password as a whole, not multiple 1Passwords. You're welcome do do so if you wish, but it will mean you'll have not only more to remember (or forget) but also to type in to unlock. :blush:

@wkleem: Can you clarify what you mean? That does sound a bit odd, but I'm not sure how a local vault would be involved here. 1Password X only works with 1Password.com accounts. How many of those are you using in 1Password X?

@wkleem: But all of those should be part of a 1Password.com account, not local vaults (which don't work in 1Password X) unlocked with different Master Passwords. And I don't think that Security Audit coming to the Windows app soon will help you with this. 1Password X unlocking accounts separately when the Master Password is different is by design.

I thank you for your team's input. I thought I would highlight what I thought was an anomaly when traditionally, I only needed one Master Password to unlock and now I may need two.

@wkleem: Ah, I see. That makes perfect sense. Indeed, while the native apps have sort of faked this by using the Master Password for the first vault/account to unlock, even when other vaults/accounts required a different Master Password, we're trying to keep 1Password X more in line with the 1Password.com model, since it doesn't have any legacy baggage: each account's vaults can be accessed all together using the account's Master Password. We recommend using one Master Password, but for those who want to use a different one for each account, the accounts will also unlock separately as well.

I have not actually set up any alternate Master Password for 1Password.com vaults. They have been the same since I signed up.

To be clear, it isn't possible to set vault-specific passwords with 1Password.com, as all vaults unlock as part of the account, which has a single Master Password. This has been a conscious decision to bring 1Password more in line with the name "one password", since having separate passwords for each sync'd vault before (using Dropbox, for example) caused a lot of confusion. I'm sorry that by rectifying this we've cause some confusion for you and others who have grown accustomed to the way it worked historically, but long-term it's going to help a lot of people use a stronger Master Password and not get locked out of their data. :blush: