|
|
|
|
|
|
by roustem
1570 days ago
|
|
|
It is possible but not that simple. The model is going to be a bit different because it will always require the server connection to perform the authentication. At the moment, 1Password does not require server connection to operate. Also, 1Password would have to be changed to not store any data (or at least the vault keys) locally and then retrieve it from the server after unlock. Otherwise, it is going to be vulnerable to local attacks, without even going through the app. We were brainstorming this feature when we first were designing the service. It certainly would be an interesting option, it just requires quite a few changes on both server and client sides. In any case, "unlocking" in 1Password is always based on encryption not authentication. The second-factor authentication can only help the server reject the clients that fail to provide it. Roustem
Founder of 1Password |
|
|