How do I securely delete the "Emergency Kit" pdf from my desktop/Mac?

gmj
gmj
Community Member

Can you address best practices for dealing with the Emergency Kit?

I downloaded the Emergency Kit to my desktop and printed it.

Later, I put the Emergency Kit pdf in the Trash and emptied the trash.
I also deleted the pdf from my Firefox Downloads.

I guess someone could retrieve it with recovery software.
When I (eventually) get a new computer, and get rid of/give away this one, what is the recommended practice re: having the Emergency Kit sitting somewhere on the hard drive?

In hindsight: I guess, I should have taken a screenshot and not downloaded it.

Thanks!


1Password Version: 7.3
Extension Version: 4.7.4.90
OS Version: OS X 10.14.5
Sync Type: 1PW account
Referrer: forum-search:How do I delete the "Emergency Kit" pdf from my desktop/Mac?

Comments

  • gmj
    gmj
    Community Member

    I just remembered to delete the email sent to me from 1PW that had the link to my Emergency Kit.
    Then I emptied my Gmail trash.

    I probably could have initially printed the Emergency Kit from preview mode, rather than downloading it.

    I'm looking forward to hearing the best practices on this.
    Thanks!

  • AGAlumB
    AGAlumB
    1Password Alumni

    @gmj: Thanks for getting in touch! A screenshot wouldn't be any different than the PDF. But if you're using full disk encryption on your Mac in the form of FileVault2, then someone would need to be logged into your Mac as you in order to even attempt file recovery; apart from that, everything on disk will essentially be random noise and unreadable. And if and when you get rid of the Mac, you can wipe the drive first anyway. FileVault2 has been on by default for years now. It's maybe possible that you don't have it enabled if you have a really old Mac...but I think you wouldn't be able to run the current OS at that point. Just double check to be sure. If you have that enabled already, you're good to go. :)

    Regarding email, we don't send you your Emergency Kit (or account credentials in any form) because we never have access to that; it's all only accessible within your account, and only you have the keys for it. That's why you need to be signed in to view it. Even the 1Password "web app" runs in your browser locally on your computer, so that we don't have your account credentials on our server, and they are never even sent to us. So nothing to worry about there.

    I hope this helps. Be sure to let me know if you have any other questions! :)

  • gmj
    gmj
    Community Member

    In Apple's System Preferences, under Security & Privacy, it has a tab for Filevault.
    It is turned off. I do see how I can enable it.

    I'm running Mojave on my 2013 Macbook pro.
    Does that mean I have Filevault2? (or the earlier version?)

    Here's my Macbook stats
    I don't know if it's enough to run Filevault2 and not slow down or have issues with my computer.

    Is enabling Filevault recommended as a good security practice, especially when having sensitive Passwords on a laptop?

    Thank you!

  • ag_ana
    ag_ana
    1Password Alumni

    @gmj:

    Does that mean I have Filevault2? (or the earlier version?)

    FileVault 2 appeared in 2011 with 10.7 Lion, so you should definitely be using version 2.

    I don't know if it's enough to run Filevault2 and not slow down or have issues with my computer.

    For what it's worth, I do not notice any performance issue on my computer after enabling Filevault. And I never had any issues with it: after you enable it, you forget that it's there :)

    Is enabling Filevault recommended as a good security practice, especially when having sensitive Passwords on a laptop?

    Yes, it's absolutely recommended, not just when you have passwords stored on it, but if you want to make sure all your data is safe even if your device is stolen, for example.

  • gmj
    gmj
    Community Member
    edited June 2019

    Thank you both, for all the useful information.
    Very helpful and educational.
    I appreciate learning how to secure my sensitive data.

    A few more questions:

    Enabling Filevault would be just one more password to remember, right? (along with the 1PW Master Password)
    Would you recommend putting the Filevault password into 1Password?

    Would you also store both of these passwords on paper in a safe deposit box and on a USB flash drive too?
    Would you recommend encrypting a USB drive? Where might it be good to keep the USB drive?
    One of the concerns prompting me to get 1PW is the possibility of needing to evacuate during a wildfire and needing to quickly take important documents with us.

    If I lost my Macbook, would my Android phone with 1PW installed on it, maintain 1PW access for me?
    Do you at 1PW have any ability to recreate my data for me, if I was not able to access it on my devices? I'm surmising "no".

    I thought my 1PW data was on your servers somewhere. And that a 1PW subscription provided a cloud setup/storage, unlike your old "standalone" model.
    I'm guessing the "non-standalone" version of 1PW just means that my data can be synced to another device?

    Thanks again.
    Your team is awesome!

  • gmj
    gmj
    Community Member

    I just found the following on your site from Lars:
    So it sounds like my data is on your servers, just not accessible to you and is there to provide sync for me.

    A 1password.com account is something else entirely. With a 1password.com account/membership, your data is stored on the 1password.com servers (and you have a local cache of the data in each of your devices on which you use 1Password). Instead of having to set up advanced, 3rd party sync, once you've signed up, you simply sign IN to your account on every device where you want to use 1Password, and your data appears (nearly) instantly, synced automatically.

    https://discussions.agilebits.com/discussion/104844/what-is-a-1password-account-in-the-context-of-1password-7

  • AGAlumB
    AGAlumB
    1Password Alumni

    @gmj: You can learn about FileVault from Apple. It's part of macOS and not our product:

    Use FileVault to encrypt the startup disk on your Mac (Apple Support)

    But to answer your questions:

    Enabling Filevault would be just one more password to remember, right? (along with the 1PW Master Password)

    You'll need to enter the password when booting your Mac, or mounting the disk on another Mac.

    Would you recommend putting the Filevault password into 1Password?

    You can certainly do that, but keep in mind that you will need that password in order to boot from the drive or access it at all -- before 1Password or any other apps can even run.

    Would you also store both of these passwords on paper in a safe deposit box and on a USB flash drive too? Would you recommend encrypting a USB drive? Where might it be good to keep the USB drive? One of the concerns prompting me to get 1PW is the possibility of needing to evacuate during a wildfire and needing to quickly take important documents with us.

    Thanks for the detail. How you do it exactly is up to you, but it sounds like having that information somewhere entirely offsite (and perhaps somewhat far away) would be a good idea. It can be a hard copy on paper, a USB drive, or something more creative. It doesn't really matter, just as long as is is both secure enough for your needs and available to you in case of an emergency. For example, you could leave it with a trusted friend or relative -- or more than one.

    If I lost my Macbook, would my Android phone with 1PW installed on it, maintain 1PW access for me? Do you at 1PW have any ability to recreate my data for me, if I was not able to access it on my devices? I'm surmising "no".

    None whatsoever. We simply never have the "keys" to anyone's data. That's very much by design. But all you need is your account credentials, and then you'll be able to sign into your account on a new device to decrypt and access your data -- even if all of your devices are lost, stolen, or destroyed. So there's a lot you can do for "insurance". :)

    I thought my 1PW data was on your servers somewhere. And that a 1PW subscription provided a cloud setup/storage, unlike your old "standalone" model. I'm guessing the "non-standalone" version of 1PW just means that my data can be synced to another device?

    No matter what, we never have the "keys" to 1Password users' data. With the "standalone" 1Password app, the encrypted data is stored only where you put it, and only you know the Master Password needed to decrypt it. With a 1Password membership, the encrypted data is stored on our server, and only you have your Secret Key and Master Password. So in the former case, if you lose your data and/or the keys to it, you're out of luck. In the latter case, you've always got a backup of the encrypted data on our server, so you just need to make sure you have your account credentials to access it.

  • gmj
    gmj
    Community Member

    Thank you very much.
    I appreciate all the information.

    I had a delay in getting back to you, because when I tried to access FileVault and didn't know what password to use and entered several that it wouldn't take, my MacBook went dead.
    The hard drive was gone and I had to buy a new Macbook.
    Well it was a 2013 Mac.
    Thankfully, I had just backed it up!

    That was pretty scary. Not sure it was totally related to trying the wrong passwords.
    The local computer guy who dealt with it, isn't sure either.

    I did notice that 1Password is up on my new Mac like nothing had happened.
    Does that mean its info lives in my backup drive also?
    I did not have to enter my Secret Key.

    At any rate, that totally scared me off using FileVault!

    Thanks again.

  • I would suspect coincidence rather than an issue with FileVault. A 6 year old hard drive biting the dust isn't that unexpected. But in any event...

    I did notice that 1Password is up on my new Mac like nothing had happened.
    Does that mean its info lives in my backup drive also?
    I did not have to enter my Secret Key.

    If you are backing up your entire hard drive that would include the cached 1Password data (including Secret Key) on that drive, yes.

    Ben

  • gmj
    gmj
    Community Member

    So the backups on my external hard drive have the same 1Password data stored in it as that which is on my laptop?
    The data is unencrypted, right? Just protected by my master password?

  • So the backups on my external hard drive have the same 1Password data stored in it as that which is on my laptop?

    That would be something you'd have to examine with whatever backup software you're using.

    The data is unencrypted, right? Just protected by my master password?

    1Password data is encrypted by 1Password using your Master Password, regardless of whatever other protections may be applied by your backup software.

    Ben

  • gmj
    gmj
    Community Member
    edited June 2019

    I'm using Time Machine. Is that considered my backup software?

    My 1Password data sits on my laptop encrypted until I enter my master password and then it becomes unencrypted, is that correct?

  • gmj
    gmj
    Community Member
    edited June 2019

    Thank you! I will check that out.

    My 1Password data sits on my laptop encrypted until I enter my master password and then it becomes unencrypted, is that correct?
    Or it's only encrypted when it is being sent?

  • My 1Password data sits on my laptop encrypted until I enter my master password and then it becomes unencrypted, is that correct?
    Or it's only encrypted when it is being sent?

    It isn't stored on disk unencrypted. It may be unencrypted in RAM, but not on disk. As such when Time Machine comes along to back it up, it is backing up what is on disk, which is encrypted.

    Ben

  • gmj
    gmj
    Community Member

    Hey, that is comforting to know that Time Machine backs up an encrypted version!

    Thank you!

  • Excellent. :) You're very welcome. If there is anything else we can do, please don't hesitate to contact us.

    Ben

This discussion has been closed.