This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Use of fingerprint scanner
Does anyone have any recommendations for a[b] fingerprint scanner[/b] such as the Eikon Digital Privacy Manager for use with a [b]Macintosh[/b]?
I would like to use it to sign onto my Mac and then to authenicate the keychain and 1Password programs. Or authenticate just the keychain and let 1Password get it's password from the keychain.
Is there a better solution to avoid constantly typing passwords just to get to 1Password? I love 1Password, can't live without it but having said this there is still a lot of passwords I have to enter each day. That is why I am looking for a biometric device that works.
Would my idea compromise security or improve it or just be neutral on the security issue while facilitating rapid sign on?
__________________________________
Also please see discussion at AgileBits:
http://support.agilebits.com/discussions/1password-38-for-mac-from-agilebits-website/5419-use-of-fingerprint-scanner
I would like to use it to sign onto my Mac and then to authenicate the keychain and 1Password programs. Or authenticate just the keychain and let 1Password get it's password from the keychain.
Is there a better solution to avoid constantly typing passwords just to get to 1Password? I love 1Password, can't live without it but having said this there is still a lot of passwords I have to enter each day. That is why I am looking for a biometric device that works.
Would my idea compromise security or improve it or just be neutral on the security issue while facilitating rapid sign on?
__________________________________
Also please see discussion at AgileBits:
http://support.agilebits.com/discussions/1password-38-for-mac-from-agilebits-website/5419-use-of-fingerprint-scanner
Flag
0
Comments
-
I just watched a few Youtube videos that say Upek has been working with 1Password and their fingerpinter scanner is now integrated with Password.
[url="http://www.youtube.com/watch?v=tggvtg1hX2U"]http://www.youtube.com/watch?v=tggvtg1hX2U[/url]
[url="http://www.youtube.com/watch?v=qdMOF4l6cVA"]http://www.youtube.com/watch?v=qdMOF4l6cVA[/url]
Is this correct ????Flag 0 -
Unless something has changed that video should be very old its been over a year, maybe 2 since I heard the time had dropped support of Upek.
Yes see that the vid is from 2009Flag 0 -
I do apologize that we were not able to get this project implemented. We're a small team and that means we need to be very careful where we spend our development resources. This is not a decision we took lightly: we needed to reduce the number of projects vying for our time and after careful analysis Eikon integration was one of many exciting features we had to let go. After 2 years of interaction with the Upek team to get the 1Password+Eikon bundle into stores we decided it was time to focus on other projects.
Misleading you was certainly not our intention. If the removal of the enhanced Eikon integration is a deal breaker for you then we want to give you your money back. Just to be clear, however, you can use 1Password with Eikon and still use the Eikon to unlock 1Password. The way to do this is to go to the 1Password > Preferences > Security window and enable the "Never prompt for master password option". This option (only available in 1Password [b]3.8 [/b]from our own online store) will store your master password into the default Mac OS X login keychain and this keychain can be unlocked automatically after successful authentication using the Eikon. When using this approach 1Password will be able to unlock itself without you ever needing to enter a single password.
The "Never prompt…" feature is being deprecated in the future, though, and is already unavailable in the Mac App Store version of 1Password. Please keep that in mind.Flag 0 -
There is no integration with any fingerprint reader at this time. I don't know enough about how that particular one works to say for certain. If it simply functions as a standard human interface device (HID) essentially spitting out a long string of characters from a virtual keyboard driver when you use it, then you could theoretically set your master password using it. [b]Please be very careful with this, though, since if it malfunctions or works in a way that does not produce a consistent string of characters based on your fingerprint then you may be locked out of your 1Password data forever.[/b]
For your privacy and security, your master password is known only by you. (Well, normally this is the case. For a fingerprint reader, it is known only by your fingerprint.) We cannot reset your master password for you and you cannot change it without entering the old one. There is also no "back door" to access your data without the master password. If there were, that would be a security hole that criminals could exploit to steal your information.
It is not a risk I would take with my data, though, since it is trivial to create a very secure [b]and memorable[/b] master password:
[url="http://blog.agilebits.com/2011/06/toward-better-master-passwords/"]http://blog.agilebit...ster-passwords/[/url]
That way you do not rely on a device which may fail and lock you out of your data. That is part of the reason we do not support such devices directly. A critical component of security is [url="http://blog.agilebits.com/2011/04/keeping-your-data-at-your-finger-tips-part-i/"]data availability[/url], and the risks to that component are very great when you start relying on something like a fingerprint reader to grant you access to your data.Flag 0 -
I suggest it is FUD that a fingerprint scanner makes data more likely to be lost. There is nothing that says you cant ALSO login via password.
I have a HP Laptop that has a scanner on it and it is very convenient that I can login to windows with my fingerprint. I wish I could also login to 1Password with it.
But without I can still use my password. So there is no downside, to my thinking, that integration with fingerprint scanners provides. I agree its work (I'm a software developer, and I know what it takes), but suggesting that somehow it a risk to allow fingerprints is totally FUD. Just allow both fingerprint AND password.
+1 on a feature request to enhance 1Password from a great product to a fantastic product by integrating with biometrics ...
Even better, someone someday will make a killing if they figure out a way to avoid passwords altogether. Passwords are horrible security, and a severe PITA to everyone.
No password is almost better to passwords we have to write on stickynotes ....
I wish I had the perfect solution ...Flag 0 -
Welcome to the forums, DALDEI. It looks like you just dove right in with your first post. That's great! <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/smile.png' class='bbc_emoticon' alt=':)' />
[quote]There is nothing that says you cant ALSO login via password.[/quote]
Very true, but in doing so your data is only as strong as the weakest point of entry. If the point of such a feature request is to "beef up" security with a master password that is entered by a fingerprint reader (much like one that 1Password itself can generate), then having the option to also log in with another password means that any attacker would just skip the fingerprint reader and go for that "back door."
We don't currently have any plans to implement this, but I will certainly pass your vote along to the developers!Flag 0 -
I second the use of a fingerprint scanner. Who's to say that the password couldn't be something long and complicated, printed out and stored in my firesafe for safe keeping. But then I use the fingerprint scanner to normally login and open 1password. Thus I'll never totally locked out of my 1password keychain should the scanner not work, I just have to get that long password out of my safe.
I really want to get a fingerprint scanner for the use of logging in to my Mac and using 1password and other things. While I use strong passwords I have just system set to just log me in without a password. A hacker isn't going to get into my stuff remotely, but a theif could get in no problem. I'm not too worried, my house is secure, but fingerprint security would be the perfect solution to balancing security and convience for me.Flag 0 -
Welcome to the forums, Gex2501! You can certainly use a fingerprint scanner in that manner (as I described above). <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/smile.png' class='bbc_emoticon' alt=':)' />
If we can be of further assistance, please let us know. We are always here to help!Flag 0 -
I vote you reinitiate the finger print scanner idea (not just promote how to use a feature that will likely be removed in the future). Example: Let's say you're away from home and need to login to an online account. You go to you local café and proceed to login to Dropbox through a computer station, and from their your 1Password data. Isn't it plausible that that computer [i]could have been[/i] keylogged? So then the thief would ultimately be able to use you 1Password data for nefarious purposes? Moving away from the café idea, this could happen on any computer. (Heck, even I have one on my computer). From my understanding of this fingerprint scanner, It would paste the appropriate password and avoid the keylogging situation. Just some semi-paranoid thoughts here...Flag 0
-
Thanks for the vote! We'll continue to evaluate methods of authentication that increase security and convenience, but as I'm sure you can imagine there is nothing to announce right now. <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/smile.png' class='bbc_emoticon' alt=':)' />Flag 0