Yeah I can see that happening. I don’t have a google account to test with, but I tested with Bitwarden and that appears safe. I have Face ID enabled for the application, and if it fails to detect my face, it doesn’t allow the use of a PIN/passcode. It’s either my face or the master password.
Edit: I’m curious what the behavior is with Apple Passwords. If it lets you access with just the phone PIN then I agree that’s a pretty big misstep by Apple.
Yeah I can see that happening. I don’t have a google account to test with, but I tested with Bitwarden and that appears safe. I have Face ID enabled for the application, and if it fails to detect my face, it doesn’t allow the use of a PIN/passcode. It’s either my face or the master password.
Edit: I’m curious what the behavior is with Apple Passwords. If it lets you access with just the phone PIN then I agree that’s a pretty big misstep by Apple.