Sync (1Password account) to mobile devices

jlanzago

I have read a lot through the forums and I understand that currently it is not possible to sync only one vault and not all of them to my portable devices. I live in a country with very high criminality and I see this as a huge security issue.

For example, if I ever get to be abducted, criminals may force me to reveal my Master Password to unlock accounts, banking information, etc.

Plus I do have some sensitive information stored in my 1Password account that I would rather no one but me would ever be able to access.

So this is the entire reason / purpose why I would set up several vaults - to "hide" some of them from mobile devices and only keep them accessible in my desktop or directly in my 1Password account.

My first question would be: will choosing which vaults to sync to mobile devices is something you are actually considering / working on? I see a lot of requests for that in the forums since some time ago and the answer is always the same: not possible, but there is a workaround. Will this ever be possible? I think it is a must-have feature to be honest, due to the risks described above.

My second question is regarding the workaround which I believe is to migrate to a family account (or a business one), then create another account for me with a different e-mail address and move into this account the data I want to be synced to mobile devices (and set up the mobile devices using that account and not my primary / administrator one). Feels like a lot, adding unnecessary complexity, plus it requires me to pay a more expensive membership. So if the feature of "selective sync" is not in the works or being implemented any time soon, is there any "step by step" instruction for doing this?

Appreciate your kind answer.

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

ag_ana

Hi @jlanzago! Welcome to the forum!

My first question would be: will choosing which vaults to sync to mobile devices is something you are actually considering / working on?

This is not something that we are currently working on, sorry!

My second question is regarding the workaround which I believe is to migrate to a family account (or a business one), then create another account for me with a different e-mail address and move into this account the data I want to be synced to mobile devices (and set up the mobile devices using that account and not my primary / administrator one).

That would indeed be a good workaround for what you are trying to achieve.

So if the feature of "selective sync" is not in the works or being implemented any time soon, is there any "step by step" instruction for doing this?

The process would look like this:

1. Upgrade your account to a Families account
2. Invite yourself using a different email
3. Move the data you want from the old account to the new one
4. Login with the new account in the 1Password app on your mobile device

If you have any specific questions about the process, or if you get stuck at any step, please feel to ask :)

jlanzago

Thanks for your answer. Too bad that you are not working on it given that there is quite an important amount of requests for this feature in the forums. Otherwise your product is awesome. I guess I'll have to proceed with the workaround then.

plttn

The flipside of this argument is that once you're at a point where you're including rubber hose cryptanalysis (aka being beat repeatedly by a actor with a blunt object until you give up an encryption key/master password/etc) in your threat model, there's really nothing that can be done from a pure technology standpoint to defend against it (barring deniable cryptography, plus deniable crypto has the whole problem of not ending rubber hose cryptanalysis once started because the attacker cannot determine if there's more keys to be revealed or not).

Let's say you do go ahead with this workflow and make a second account with a separate completely non-mobile vault. If you get abducted by a malicious actor and they are specifically going "give me your 1Password master password or we'll perform rubber hose cryptanalysis on it/you", will they believe that you don't have access to this vault with your credentials they're interested in? They've already proven to know about the details of 1Password and it being pure math unhackable. At some point this malicious actor will get access to the account you have access to via methods, see that it's a family account and realize they may need to continue performing rubber hose cryptanalysis to get you to provide them access to that other vault.

ag_ana

@jlanzago:

Otherwise your product is awesome.

Thank you for the kind words! And when it comes to this specific request, we can certainly continue to evaluate moving forward (although please make sure to read plttn's post too, as he makes a great point on this) :+1:

ag_ana

@plttn:

Thank you for this! Another option might be to use Travel Mode too, so you would not even need the second account I suppose.

jlanzago

Thanks @plttn and @ag_ana for your answers.

I think the best way to be better protected in my specific situation, would be to migrate to a family account in order to have a vault in a separate account not accessible from my phone and not accessible via web with the same master password.

I have been a happy customer of 1Password / Agile Bits for several years now, and will continue to be. It is a great product.

Ben

I agree that is likely the best solution at present. Thanks for the kind words!

Ben