Skip to main content

1Password for iOS adds one-time password tool for two factor auth, new login creator, more

The popular secure password management app 1Password is out with a big update today adding new features on both iOS and Mac. Arriving in version 5.2 of 1Password for iOS is a new login creator tool, a one-time password tool for use with two factor auth, new entry fields for pro users, and more. On the Mac side, 1Password version 5.1 was released adding a number of improvements to sync. This includes the ability to sync secondary vaults to iOS over WiFi. More on the major new features below:

1Password says its new login creator tool on iOS streamlines the process of setting up entries for popular services and websites. You can see a preview of the new workflow above on the left, and this feature is available to all 1Password users.

As for 1Password’s new one-time password tool for two factor auth, the feature works as advertised generating a random login credential for sites that support two-factor authentication. You can see the feature in action in the example above on the right. As a pro feature, customers who paid for the app or the in-app purchase will have access to one-time password generation.

Pro customers are also getting additional features including the ability to add more field entries like address and dates, as well as the ability to remove attachments from the item editor.

Changes to the Mac version include master password sync between all versions when using iCloud, support for Portuguese, and several refinements.

1Password for iPhone and iPad is available for free on the App Store; pro features are available through a $9.99 in-app purchase or free for paid customers. 1Password for Mac is $49.99 on the Mac App Store while today’s update is free to existing users.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Ryan Janak (@RyanJanak) - 9 years ago

    When I read the update release notes I didn’t catch that ‘one-time passwords’ was two-factor authentication. This really is an awesome update.

  2. George Pollen - 9 years ago

    I think a little explanation is warranted. If a password is for one-time use, then why enter it into the 1P database?

    • Ryan Janak (@RyanJanak) - 9 years ago

      The text you into the one-time password field in 1Password is actually a “key” that is associated with the account, and the text displayed is the actual password.

      In the screenshot above, they enter ‘awesomesauce’. That would be the key that the service generated and presented to the user. In reality they key is much more complex and random, and can often be entered by scanning a QR code. After the key is entered, 1Password displays the one-time password that you actually enter when logging into the service. In the screenshot above, it is the 6-digit number that changes every 30 seconds.

  3. elbertlo - 9 years ago

    Thank you LastPass for improving 1Password (competition is great for the customer)

  4. philboogie - 9 years ago

    God I hate this app. This time when opening 5.2 on my iPhone it says I need to open 1Password on my Mac, because ‘it encountered a problem’. Together with a couple of other annoyances, like multi login entries for the same website (because registering is seen different then loggin in).. this is not a working app.

    Ok, so opened 1P on my Mac; phone still says it encountered a problem. QA dept at 1P on holiday? Because this app does NOT work. I cannot get the popup on my iPhone go away, therefore I cannot use the app. Normally I simply throw this crap off my phone, but it was;t exactly a 99 cents app. With the Mac I paid over € 40 or something.

  5. Elias Sørensen - 9 years ago

    Doesn’t this break the whole idea with two factor auth? Now you have BOTH the password AND the OTP key in the SAME keychain. So if someone gets into your 1Password, they have free access to all your accounts, even though they have two factor auth…

    The whole idea is that it should be kept on separate platforms; i.e. password on your computer, and one time password on your phone (either via TOTP tokens, which I think 1Password uses), or via an SMS to your phone. That way, intruders would have to get access to both your phone and computer simultaneously to gain access.

  6. Hitoshi Anatomi - 9 years ago

    ID federations (single-sign-on services and password managers) create a single point of failure, not unlike putting all the eggs in a basket. It remembers all my passwords when un-hacked and loses all my passwords to criminals when hacked. It should be operated in a decentralized formation or should be considered mainly for low-security accounts, not for high-security business which should desirably be protected by all different strong passwords unique to each account. Needless to say, the strength of the master-password is crucially important.

    The two-factor authentication, though not a silver bullet, could be reliable when it comes with a reliable password. 2 is larger than 1 on paper, but two weak boys in the real world may well be far weaker than a toughened guy. Physical tokens and phones are easily left behind, lost, stolen and abused. Then the password would be the last resort. It should be strongly emphasized that a truly reliable 2-factor solution needed for important accounts requires the use of the most reliable password.

    By the way, some people shout that the password is dead or should be killed dead. The password could be killed, however, only when there is an alternative to the password. Something belonging to the password(PIN, passphrase, etc)and something dependent on the password (ID federations, 2/multi-factor, etc) cannot be the alternative to the password. Neither can be something that has to be used together with the password (biometrics, auto-login, etc). 
    By the way, some people shout that the password is dead or should be killed dead. The password could be killed, however, only when there is an alternative to the password. Something belonging to the password(PIN, passphrase, etc)and something dependent on the password (ID federations, 2/multi-factor, etc) cannot be the alternative to the password. Neither can be something that has to be used together with the password (biometrics, auto-login, etc). 

  7. Lowt Echiq - 9 years ago

    Yay for two-factor authentication, more of this on http://low.tech-iq.org/two-step-upgrade-your-security/

  8. fredzelders - 9 years ago

    Nog steeds op zoek naar een password manager voor je iPhone of iPad?
    Overweeg dan nog eens 1Password. Zeker de moeite waard. En nu helemaal met de in de laatste release toegevoegde nieuwe features.

Author

Avatar for Zac Hall Zac Hall

Zac covers Apple news, hosts the 9to5Mac Happy Hour podcast, and created SpaceExplored.com.