Request: Unlock Desktop (macOS) version with mobile (iOS) version
Feature request: Ability to unlock macOS version of 1P using iOS with 1P installed via a bluetooth (BTLE) connection, a la Unlox or NearLock apps.
I've brushed on this before, but figured I'd make a (semi) formal feature request.
I'd like to be able to have the macOS version (main window or 1P mini) authenticate itself via a bluetooth connection to my iPhone (or paired Apple Watch) in the event that 1P is installed and has already been authenticated (master password has already been entered so that iOS version accepts Touch/Face ID). The interface would be similar to the Unlox or NearLock where I can authenticate by selecting the appropriate option for a dynamic notification on the Apple Watch or iPhone, and the user could decide what level of authentication (e.g. require Touch/Face ID) is required.
Regarding security, Unlox and NearLock are apps that enter your macOS administrator password to unlock your Mac from sleep/screensaver or when authentication is required (e.g. when unlocking the Security preference pane in System Preferences). They state that the password is stored encrypted, and though I don't know what level of encryption is involved in the BTLE connection, I haven't seen anything pointing out security flaws of such methods aside from the inherent security weakness in any security-related convenience feature. I know that Touch/Face ID itself is less secure than a strong password, and that 1P on Apple Watch introduces inherent weaknesses. That in mind, I think this would be a nice feature to have. I'd love to be able to unlock 1P on my Mac using Face ID on my iPhone, and would be willing to accept the unavoidable security flaws accompanying such convenience, since I already use Unlox, Face ID, and 1P on Apple Watch. I'm tempted to try an AppleScript-based workaround, but that's going to be far less secure than anything you guys come up with!
Thanks! Keep dominating the password manager space!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:unlock macOS with ios
Comments
-
Hi @twilsonco ,
Personally, I'd love to have that feature too, especially on my Mac that doesn't have TouchID. We haven't looked to deeply into Unlox or NearLock, but in addition to storing your Master Password securely, we'd also have to make sure of a couple of other aspects to security before we could implement such a feature. For example, if you had a rogue malware process running on your Mac, we'd have to make sure that it couldn't pretend to be 1Password for Mac, and then grab your Master Password as you try to unlock the real 1Password on your Mac. There must be a way to authenticate which app is on the other end, and secure any information in transit between your phone and Mac.
None of these are impossible to solve, but they do take time. So we will definitely consider this request. We can't make any promises just yet.
Cheers,
Kevin0 -
Thanks for the quick reply @ag_kevin!
I understand. I imagine that the development process for the apps I mentioned wasn't overnight anyways, and you guys have such an emphasis on security. If you do find a solution, I bet it results in a white paper that the Unlox and NearLock devs would love to see to boost the security of their apps too!
I already have an idea for an AppleScript-driven solution involving EventScripts as a trigger, though I'm unsure how I'd access the encrypted master password data in a secure way. And in the meantime, dice ware reduces the work of unlocking manually with my ancient mid-2012 MBP (hint hint dark web, my master password is LONG, so better start the attack at the high end and bring a nice supercomputer for the job! Of course, you could just bring a pair of pliers and I'll cough it up before you break the first finger; my data's not that important!).
With the advent of a 32GB MBP, however, I've never been more tempted to upgrade... Too bad it comes with the antithesis to touch-typing a.k.a. Touch Bar!
0 -
Hi @twilsonco ,
I'm not sure how far you'd get with an AppleScript solution. 1Password doesn't expose password information via AppleEvents, and it also uses SecureInput mode to prevent other apps from typing into the Master Password field.
And if you do upgrade, TouchBar feelings aside, note that you'll have TouchID, which will help you tremendously. TouchID, and the Xcode TouchBar features, are my favourite aspects of the TouchBar.
Cheers,
Kevin0 -
Ah, so enabling 3rd party integrations under Preferences->Advanced won't do the trick, huh?
Also, you mean the "Touch" Bar that you have to look at in order to use? :P
Another topic, but I'm amazed at all the ways Apple can imply that a touch screen laptop is a great idea while continuing to say, out the other side of their face, that nobody want's a touch screen laptop: the touch bar, which is actually a tiny touch screen, on your laptop; and a 12.9" iPad with a dedicated keyboard that they advertise as being as productive as a laptop! As if the sales of touch screen PC laptops wasn't enough proof that people do indeed want a touch screen laptop.
0 -
Hi @twilsonco ,
Enabling 3rd part integrations will output metadata files that can be indexed by third-party applications. Those files contain some information (title, category, URLs, account, vault, and identifier links) to allow Spotlight and third-party applications to display the item to the user, but not access any password information directly. It also does not provide an API for unlocking or accessing/entering passwords.
Cheers,
Kevin0 -
Great. Thanks for the clarification!
0 -
:+1: :smile:
0 -
Any updates on this? I’m trying to get my wife’s family onto 1Password but they’re on old non-touchID Macs and newer iPhones. This would be so great for them.
0 -
Thanks for the update, Ben. Are there any other ways to unlock 1Password on pre-touchID Macs without having to type the whole password every time? Maybe a USB fingerprint reader?
0 -
The Master Password is the only way. Still much better than having to remember and type a bunch of different passwords. :)
Ben
0 -
Thanks Ben, good to know.
0 -
:) :+1:
0 -
I'd like to show interest in this feature request as well. Having my phone with a finger print reader unlock my mac desktop app would be such a time saver!
Keep up the good work!
0 -
Welcome to the forum, @petergoes! Nothing new to report on this -- and as you know if you read the preceding thread, there likely won't be anytime soon - but thanks for weighing in. :)
0 -
Yeah... why are Apple dragging their heels on this, just give us a desktop magic keyboard with touch ID already... or a screen popup using the camera for face ID.. something... I'm SO tired of having to pump in my l.o.n.g 1Password multiple times a day..
Especially after having enjoyed that freedom on iOS all this time.
0
