The biggest challenge with Passwords is that there is no option to separate the password from your default for the phone / Mac. If I am wrong, educate me. But if your phone password is compromised then it seems all your passwords are compromised. 1Password requires a separate password to access the app and the only reason I still use it.
So by the same token, if your 1Password is compromised... Ultimately there has to be some sort of a key, code, face, finger, passkey, Yubico etc. I don't have an answer to your question, but wanted to share that idea.
My 1Password login is unique and known only to me. Now if the company is compromised that is different but it is not coming from my phone in that case.
But how is that different from your phone password being unique and known only to you?
Comments