Can I unlock the app using a security key?

Hi,

I have a Yubico security key. I want to unlock the app using the security key, instead of typing in my master password every time. Is it possible?

Thanks,
D.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Greg
    Greg
    1Password Alumni

    Hi @davidshen84,

    We have no plans to support this. Any hardware device can easily be lost, stolen, or destroyed, so it is not safe to replace your Master Password with it. However, you can use Yubikey as a second factor for a 1Password account and use Windows Hello (fingerprint or PIN) to unlock 1Password for Windows.

    Let me know if it answers your question. Thank you!

    Cheers,
    Greg

  • coolcow
    coolcow
    Community Member
    edited March 2019

    We have no plans to support this. Any hardware device can easily be lost, stolen, or destroyed, so it is not safe to replace your Master Password with.

    I you really want to be consistent with this argument, then you should also remove the fingerprint-unlock feature in you android app (which i use and love ! I would also love to have something similar for the PC...). It is way easier to steal and replicate someones fingerprint (https://www.theverge.com/2016/5/2/11540962/iphone-samsung-fingerprint-duplicate-hack-security) and get access to the victims phone, then to steal a yubikey.

    I really understand that you want to make your customers as secure as possible, and this is great ! But what you are doing here unintentionally, is motivating the user to use a weaker master password (because it is easier and faster to type in) or to store it somewhere on the Desktop (for copy pasting it each time it's needed) or something like that.

    That's conterproductive in my humble opinion. Please reconsider this argument and the fact that security has also to be convenient if you want it to be adopted by a maximum of people.

  • AGAlumB
    AGAlumB
    1Password Alumni

    That just doesn't make sense. It's like complaining that 1Password not saving the Master Password so the user never needs to enter it encourages people to use weak Master Passwords. In fact, in both cases, needing to enter the Master Password more often helps people avoid forgetting it. That's not say that other options can't be available to use for convenience at times, but ultimately the Master Password is needed to decrypt the data, no matter what. Emphasis on this part of Greg's reply:

    it is not safe to replace your Master Password

    We can't stop people from making bad decisions with regard to security, but at the same time we can avoid adding features that make it easy for people to wreck themselves -- like not using a hardware device that can be lost, stolen, or destroyed in place of the Master Password. Not to mention that an authentication device is not a substitute for 1Password's security model, which is based on encryption.

This discussion has been closed.