While Knock isn't a two-factor security system as such, it relies on the notion that if you're the sort of person who locks a Mac, you're also likely to lock your iOS devices and carry them with you when you're away. Thus, the odds would be pretty low that someone could gain physical access to your iPad or iPhone and be able to unlock it to then use Knock to unlock a Mac in a cascading security failure. Further, because it requires Bluetooth, not an Internet connection, you have to be close to the Mac while using the associated iOS device.
The app also lets you lock your Mac with a tap in the iOS app, increasing the likelihood that you'll keep your computer locked down. Knock can also be set to use Touch ID on devices that support that feature, which shifts access to a biometric factor, requiring both the hardware and a finger. (Why lock your Mac If you're concerned about theft or snooping roommates, or you're a parent who doesn't want a child to have unfettered access--or vice-versa!)
Knock's latest move is to extend itself to the Apple Watch, where it's a natural fit. And it's one of several apps related to security and access that were immediately available after the Watch's launch. This category of apps reveals more of the potential of what the Watch can offer as a hub of your identity.
Because the Watch locks when it senses it's been removed from your skin, it provides effective security whenever you aren't wearing it or if it were literally ripped off your wrist or otherwise stolen. (Touch ID offers the same sort of protection whenever an iOS device is put on standby or goes to sleep.)
Who's there
Knock's Watch support comes in the form of notifications, a glance, and an app. (Knock currently only supports a one-to-one connection for a Mac and an iOS device.) When a Mac is locked, your associated iOS device and Watch can receive a notification. On the Watch, tapping the notification launches the app, while the glance shows the status and likewise when tapped launches the app. The app shows your Mac's current status and lets you lock or unlock with a tap.
Knock Software notes that it's having some trouble initially getting a consistent display across all three Watch appearances, which I've seen, and which is happening to other developers as well. Force-quitting the iOS app and relaunching it solved this problem for me.
Even before HomeKit has launched, where the Watch is expected to play a key element as a personal identifier, Knock shows some of the power of using a device that's easily available and for which a click or a quick look suffices.
Authy and 1Password also have Watch apps, and these prove similarly useful. 1Password lets you select which passwords and other items to display on the Watch, because having everything available wouldn't be sensible. You can see this problem clearly in Apple's Messages Watch app, where you have to scroll through what can be a lengthy list to pick a recipient. (Tip: Try using the Digital Crown to scroll instead of your finger.)
The Authy ecosystem manages time-based one-time passwords (TOTPs) used by Dropbox, Google, and others (but not Apple, which uses one-time messaging codes). These can be pulled up from the Watch app, which is actually quicker and simpler than using the full iOS version. Having a six-digit or similar code on your wrist displayed in large type makes it a snap to enter via a keyboard. In fact, I wouldn't mind a login option that let me choose to tap my wrist or even enter a tap pattern on the Watch to "release" a one-time code to a website or other login.
Pushing security options to a Watch that are simpler to engage because of a different basis of trust on a wearable and the necessity of stripping something down for Apple's requirements and the limits of the interface makes it more likely that you (clearly, a sophisticated user) and others (who may lack the specific interest in security and privacy) will turn on options for protection.
HomeKit will extend this by letting developers not have to build the infrastructure for straightforward scenarios that tie in location, proximity, and identity. Imagine driving up to your house and feeling a Watch tap with a notification, based on GPS. For an extra measure, the disabling function might only work when you're close enough that a Bluetooth handshake happens with the security system. And a force press could trigger a 911 call if you notice something awry.
The iCam app has already been updated with Watch support to allow seeing brief bits of recent events recorded on security or motion-sensing cameras. If you're like me, you often miss notifications on your phone. For categories like this, I'd like my Watch to bug me and I'd pay attention.
While I've been a Watch skeptic in my early days, as developers haven't had enough time to work with the hardware yet and many functions remain poky or require handholding, these sorts of cases are encouraging. They move the Watch closer to being a personal key to our stuff instead of another device demanding attention.