This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

Feature Request: Prevent Password Entry on Failed Password Attempts?

Caleb531
edited September 2011 in Mac
I don't really know what else to call it, so let me describe it.



The iPhone passcode system has a time lock, so if you type the incorrect passcode 3 times, you can't type it in again for 1 minute. With each subsequent incorrect passcode, that time increases (5 minutes, 10, 20, and so on).



I thought this would be something that would make 1Password much more secure, as one couldn't keep entering passwords until the right one is entered. Even if I already use a strong master password, I think I would just feel safer if there was such an option.



Could such an option be added?

Comments

  • Hello Caleb531,



    Due to the small size and feel of iOS device keyboards, users typically do not use strong passwords on them. Consequently, on average it is more likely that someone may be able to guess the password with a minimal number of attempts. So, for those devices a time lock or device wipe feature is more valuable.



    However, on desktops and laptops, typing a password is much less cumbersome, and as long as you have a strong password, the odds of someone gaining access to 1Password via guessing your master password or using a brute force attack are statistically much, much lower. Depending on the study you read, it could take more than 100 lifetimes.



    Regardless, the idea has merit as a secondary line of defense, and I appreciate you bringing it up. I'll pass it along to the developers for consideration.



    Thanks again for letting us know that you would like to see it. I am not aware of any current plans to implement a time lock, but we are always open to options that offer increased security.



    Cheers!



    Brandt