I have been getting excited about Universal Two-Factor auth tokens. Sure, yet another standard, but U2F seems dead-simple from user perspective, and easy for developers to add to web apps.
If we rely more upon web-browser front-ends for 1Password UX, I'd feel way more comfortable with some kind of two-factor auth for the password vaults themselves.
I have inadvertently submitted my 1pw vault password to web sites, usually because keyboard focus changed and I didn't notice. Real people will inevitably do this from time to time, even in the absence of malicious phishing.
I have been getting excited about Universal Two-Factor auth tokens. Sure, yet another standard, but U2F seems dead-simple from user perspective, and easy for developers to add to web apps.
If we rely more upon web-browser front-ends for 1Password UX, I'd feel way more comfortable with some kind of two-factor auth for the password vaults themselves.
I have inadvertently submitted my 1pw vault password to web sites, usually because keyboard focus changed and I didn't notice. Real people will inevitably do this from time to time, even in the absence of malicious phishing.
Good luck!