Auto Locking when Locking Windows

Can you guys provide an option in OnePassword X to DO NOT lock it automatically when we lock Windows? I am locking roughly 15-20 times a day my computer at work and need every time to enter the password again. Honestly this is a pain in the neck. I understand that it could be for security reasons but please allow me to do it in some advanced options.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Would be great to have 1password having his own DB of nice logos for websites to avoid to edit them

Comments

  • brentybrenty

    Team Member

    @thatann44: Thanks for getting in touch! It's something we'll consider, but we don't want to lower the bar for security unnecessarily. For example, if you're locking the machine, arguably it's for good reason. Can you tell me more about what you're trying to do? Maybe there's something else that can help. :)

  • Yes, so to be honest I reverted to OnePassword 6 on Windows, just because of that. When I lock my computer (windows) I don't want OnePassword to be locked as well. Otherwise I need to unlock windows and unlock OnePassword everytime which is painful. You already provided the option to disable this in OnePassword6 but not in X. Can you please add it?

  • brentybrenty

    Team Member

    @thatann44: Indeed, 1Password 6 already has a year of development behind it. We've got a lot of other features we still want to add to 1Password X since its release a few weeks ago. Like I said, it's something we'll consider. Thanks for letting us know you'd like that option. :)

  • Cool thanks @brenty !

  • brentybrenty

    Team Member

    Likewise, thank you for your feedback on how you'd like 1Password X improved! It's always good to know what people are looking for. :chuffed:

  • Please move this up on the wish list. Having to unlock the computer and then 1Password X is getting mildly annoying but will soon move into the extremely irritating category... ;)

    Starting to get complaints from some of our test users before we deploy it company wide.

  • brentybrenty

    Team Member

    @Cartman: Thanks for getting in touch! I'd love to hear more about your setup and use case. We don't have the same system access with 1Password X running solely in the browser, but perhaps we can make it work in conjunction with our native apps in the future to allow more granular security options. :)

  • Hi guys, I have been using another vault, BitWarden and I liked its option to never lock the app after windows restarting.
    Is it possible to do the same in 1Password now?

    I have my password written down in a sticky notes, this is not safe.
    I though about a security key, like google has with its lock key in a encrypted key dongle.
    https://support.google.com/accounts/answer/6103523?hl=en-GB

  • kaitlynkaitlyn

    Team Member

    @marcelogrsp – As far as I know, there isn't a way to keep 1Password unlocked after it's quit completely. The same will go for 1Password X. Since it's operates inside the browser, if the browser is fully quit then 1Password X will be quit, and therefore locked, as well.

  • Hi,
    I have a huge drawback when using 1Password on windows.
    I set up Windows Hello unlocking and the 1Password still locks itself after reboot the PC.

    This is so so so so so annoying and unsafe since I have my master password saved in a txt file, because it is huge! And of course it is huge, it is my MASTER PASSWORD, it should be stored with encryption! How can you ask me my master password to unlock the app when my fingerprint is thousand times safer than it.

    I use 1Password on iPad and iPhone, and on these devices I am able to unlock with Face ID after restart the mobile devices, why not having the same on Windows, please!

    Another safe idea is using a encrypted usb stick with a key to unlock the app, much better than type my master password right? Asking for type the password makes us creating a easy and memorable MASTER PASSWORD! Dear God, who wants to remember the master password easily? Sorry for me it doesn’t make sense in 2020.

    Is it possible to unlock with Touch ID on Mac after restart the machine?

  • ag_anaag_ana

    Team Member

    @marcelogrsp:

    This is so so so so so annoying and unsafe since I have my master password saved in a txt file, because it is huge! And of course it is huge, it is my MASTER PASSWORD, it should be stored with encryption!

    Please do not store your Master Password in a text file, it's very unsafe. You should not have your Master Password stored anywhere that way.

  • So what is 1Password doing to avoid that, or, what suggestion do you give me?

    Thank you,

  • DanielPDanielP

    Team Member
    edited February 11

    @marcelogrsp:

    So what is 1Password doing to avoid that

    If you are suggesting that 1Password should prevent insecure behavior from happening outside of 1Password at the level you are describing, the answer is that it cannot do that. You are the owner of your computer, and therefore you are free to do whatever you want with your machine, including performing insecure actions if you so wish. 1Password cannot control what you do on your computer this way (and even if it could, an app should not dictate what you are and are not allowed to do with the device you own). I believe only you should be able to do that.

    If you want to store your Master Password in a cleartext file, no app on your device can stop you from doing that. This is a human decision, and therefore needs to be prevented with a human decision as well. It should be noted that you already have a secure alternative to this (i.e. type your Master Password instead of storing it in a text file): you chose to do this in an alternative way though, so the problem exists at a different level of your security posture.

    what suggestion do you give me?

    What we can do is indeed offer you suggestions on how to approach this in a more secure way, at the same time while trying to offer you an increase in the usability of your system, which I believe is the current pain point in your environment.

    The issue is likely not that you have to type your Master Password too often: in my experience, when I read this sort of complaint, it's rather because the complexity of your Master Password weighs much more than the security benefit that you perceive your password manager is offering you. If you lean too much towards the security end of the spectrum, you risk avoiding security altogether, because the impact on your day to day usage is just too much to bear for you. Storing your Master Password in a text file and copy/pasting it regularly instead of typing it is a clear symptom of this.

    To avoid this, I can suggest something that I found useful for me: I recommend using a random Master Password, but which is also memorable. And the best way to do this is to use the word-based password generator instead of a string of random characters. I will use the 1Password password generator to show you two examples of what I mean:

    eD4qiUhJDRZgpfMnxkU,wVj4
    

    Something like this is a nightmare to type regularly. And since the idea behind 1Password is to remember only one password (indeed, that's the reason for its name), your Master Password will often be the only one you will have to type on a regular basis. It makes sense, therefore, to make sure it is also easier to type. Something like this is longer than the one in the previous example, but it is way more memorable and easier to type too:

    python eminent multiply cannot
    

    So if you are struggling with having to type your Master Password, my first recommendation would be to switch to a word-based password.

    How you are going to configure the password generator will be up to you, based on your preference, but no matter how you do this, it will be infinitely better than storing your Master Password insecurely on your device, unencrypted. Something like this can undermine the security of your whole system, so already switching to a Master Password that you are going to type instead of copy-paste will already offer you a big benefit.

    ===
    Daniel
    1Password Security Team

  • Thanks Daniel,
    Does 1Password also lock on MacOs after reboot?

  • DanielPDanielP

    Team Member

    @marcelogrsp:

    Yes: since we don't store your Master Password anywhere for your privacy and security, 1Password cannot retrieve the Master Password for you and unlock automatically, since it's not stored anywhere on your system. If 1Password were able to do this, it would mean that your Master Password was stored unencrypted on disk, which is exactly what we are trying to avoid here.

    From this point of view, 1Password doesn't behave any different than macOS itself: while you can login to macOS using TouchID, macOS requires you to enter your user password after a reboot. It does not allow you to authenticate with your fingerprint in that scenario; if it did, it would mean that your user password was stored somewhere unencrypted.

    ===
    Daniel
    1Password Security Team

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file