1Password Launches Recovery Codes and Simplified Sign-In Process

[MacRumors]

Popular password management app 1Password today announced the launch of two new features that are designed to make the app more user friendly. 1Password is improving the sign-in process on new devices and adding the ability to recover an account when a master password and secret key are lost.

With recovery codes, 1Password is providing a failsafe that will let customers back into their accounts in the event that a password is lost. 1Password already provides an Emergency Kit PDF that includes a Secret Key, and users are instructed to keep the Secret Key safe. The Secret Key allows for access to a 1Password account if the master password isn't available, but prior to now, if the Secret Key was also lost, there was no option for account recovery.

1Password users can now log in and generate a recovery code, which can be used to regain access to an account. The company recommends that customers go through the recovery code process immediately, as a recovery code can't be generated after a user is locked out of their 1Password account.

After a recovery code has been created, it can be used at any time to regain access to a 1Password account, though users will need access to the email address associated with their 1Password account.

Generating a recovery code can be done by going to the Manage Accounts section, selecting Sign-in and Recovery, and choosing the "Set up recovery code option." 1Password recommends that recovery codes be stored in a safe and accessible place.

1Password is also testing an updated sign-in experience in a beta capacity, with the new method aimed at making it easier to log in on a new device or through a web browser. When logging in somewhere new, users can now choose the Scan QR Code option from the top left account menu in 1Password and scan a QR code on the new device to log in.

The new sign-in option is available in beta and nightly release channels on 1Password for desktop and TestFlight for iOS. Recovery codes are available to all 1Password users.

Article Link: 1Password Launches Recovery Codes and Simplified Sign-In Process

 

[breenmask]

who cares? I'm glad 1Password will be out of business soon. blood sucking leeches...

 

[rodpascoe]

The writing is probably on the wall now that Apple is making this a core part of MacOS

 

[jessebkr87]

1Password already provides an Emergency Kit PDF that includes a Secret Key, and users are instructed to keep the Secret Key safe. The Secret Key allows for access to a 1Password account if the master password isn't available…

No, that is not what the secret key is for.

 

[madmax14304]

How about making a functional MacOS Safari plugin that doesn't fail daily instead? Constantly reloading it for six months has become annoying. At least the native Password integration is working flawlessly since exporting from 1Password and importing via Safari.

 

[turbineseaplane]

who cares? I'm glad 1Password will be out of business soon. blood sucking leeches...

Why this level of vitriol?
It feels really misplaced

They've continued to put out a phenomenal product for years and years now

 

[Macaholic868]

The writing is probably on the wall now that Apple is making this a core part of MacOS

Until Apple’s version also works on Windows in the Big 3 (Chrome, Edge and Firefox) those of us who want a cross platform solution aren’t going anywhere.

 

[nfl46]

The writing is probably on the wall now that Apple is making this a core part of MacOS

It’s only going to get better and that’s trouble for 1Password. It’s pretty basic right now but who knows how it would look by time iOS 18 is fully released.

 

[turbineseaplane]

Until Apple’s version also works on Windows in the Big 3 (Chrome, Edge and Firefox) those of us who want a cross platform solution aren’t going anywhere.

And honestly even if it does do all that, I'm still not sure I want this particular content tied into Apple.

They have a habit of doing weird things on software and falling behind on support or features, etc

I just don't know if I want my critical password/secure notes data going down that road

I sort of prefer to have it as a standalone thing

 

[AppleTO]

who cares? I'm glad 1Password will be out of business soon. blood sucking leeches...

The writing is probably on the wall now that Apple is making this a core part of MacOS

Uh, what? You do realize that the macOS user base is tiny compared to Windows users, who also use 1Password? Not to mention all the business/corporate users? If a Mac isn’t your primary device, Apple’s still very limited implementation doesn’t make sense.

 

[jeroenvip]

This is going to be operation clean sweep for 1password when apple release MacOs 15, powered by the apple cleaning cloth.

 

[Macaholic868]

I sort of prefer to have it as a standalone thing

I couldn’t agree more!!!

 

[AppleTO]

And honestly even if it does do all that, I'm still not sure I want this particular content tied into Apple.

They have a habit of doing weird things on software and falling behind on support or features, etc

I just don't know if I want my critical password/secure notes data going down that road

I sort of prefer to have it as a standalone thing

Agreed. I’m not really comfortable giving all this data to Apple. For me, it’s not so much that I don’t trust them with it; I know they put a good effect into protecting iCloud data and such, but it’s more along the lines of the “don't put all your eggs in one basket” approach.

For the sake of not potentially losing access to everything, I also don’t put any email account passwords in 1Password.

 

[MallardDuck]

ok…so you can either have a secret key or a recovery code?

how is that any different?

as far as Apple, no thanks. My Apple password is in 1 password because I want something robust for it….and that can’t be recovered just with an iPhone pin.

 

[Subliminal87]

I just want to sign in on a new device with my Yubikey. That's all I wanna do.

 

[noraa]

AgileBits and 1Password doesn’t need free advertising. Stop schilling for an arrogant and dishonest company.

 

[rorschach]

ok…so you can either have a secret key or a recovery code?

how is that any different?

as far as Apple, no thanks. My Apple password is in 1 password because I want something robust for it….and that can’t be recovered just with an iPhone pin.

You don’t have to only use a 6-digit pin for your iPhone. If you use Face ID or Touch ID, make it longer and alphanumeric and you only have to reenter it occasionally (after restarting or I believe about once a week). Plus you can use Stolen Device Protection to require biometrics outside of trusted locations.

Not trying to convince you to switch or anything. Just putting it out there for those who use Apple’s Passwords and might want more security.

 

[TriBruin]

ok…so you can either have a secret key or a recovery code?

how is that any different?

as far as Apple, no thanks. My Apple password is in 1 password because I want something robust for it….and that can’t be recovered just with an iPhone pin.

Not exaclty. The recovery key is only used if you need to access your account and you lost your secret key. Once you have recovered access, you will reset your password AND be issued a new secret key. Presumably, you will also need to be issued a new Recovery Key for future use.

 

[Corefile]

They lost their audience with the Electron abomination and subscription service.

 

[flexwithmarius]

How about making a functional MacOS Safari plugin that doesn't fail daily instead? Constantly reloading it for six months has become annoying. At least the native Password integration is working flawlessly since exporting from 1Password and importing via Safari.

This was the last straw for me. That plugin was awful. Keychain/Passwords has a much smoother interface even if it means re-authenticating to fill multiple fields.

Whoever signed off on that clunky plugin needs a talking to about user experience.

 

[Victor Mortimer]

I don't understand why anybody would pay for a password manager when Keychain is built into macOS, and KeePassXC is free.

Makes zero sense.

 

[AppleTO]

I don't understand why anybody would pay for a password manager when Keychain is built into macOS, and KeePassXC is free.

Makes zero sense.

Because Keychain is only useful for macOS users and KeePassXC has no reputation (as in the typical consumer has no idea what that is).

 

[reyesmac]

How many accounts can be hosted off one computer with a few terabytes of data on it? Im sure it's pretty cheap so if they don't lower their prices drastically over the next 5 years they wont be around much longer than that. They lost me when that went to the cloud, I still use their older version because my passwords do not go through the internet to get saved who knows where and I don't have to pay every month for it. Hopefully more local and encrypted password managers will start being made as an alternative to the cloud strategy.

 

[bLackjackj]

Too little, too late...bye bye 1Password

 

[Tdude96]

Is this article accurate? 1Password has the capability decrypt and grant access to people's passwords without needing any encryption key, but simply with a "recovery code"? Or am I missing something here? That sounds like a potential backdoor or at least a security flaw, not a feature to advertise. Something has to be missing in this story.