Offline syncing, data transfer, and export options

thisisfaked
thisisfaked
Community Member
edited July 2013 in 1Password 3 – 7 for Mac

If I am starting fresh with a new Mac App Store install and keep my database local, what options do I have to access my passwords away from home or on a separate machine (Windows)?

Given the recent news, are dropbox synced (cloud) databases somewhat susceptible? Does the Mac App Store version (both v3 & v4) have the option of saving the database to dropbox?

Thanks in advance,

Comments

  • thisisfaked
    thisisfaked
    Community Member
    edited July 2013

    Update

    Hope my initial question doesn't come across as too convoluted. Sort of answering my own question, it would appear that currently the only offline option to access your password database away from your main computer is with '1Password Anywhere'. Is that correct?

    Quoting from the user guide, help.agilebits.com/1Password3/1passwordanywhere.html

    "1PasswordAnywhere requires a modern browser. Internet Explorer is not supported.
    Many browsers prevent 1PasswordAnywhere from loading files from the local file system. You can still access 1PasswordAnywhere via the Dropbox website, however."

    However on a Windows 7 machine I was able to run 1Password Anywhere through IE10 but it failed to open on Opera, Firefox, and Chrome (all updated). If I'm on a machine without IE, am I SOL in terms of accessing my passwords offline?

  • khad
    khad
    1Password Alumni

    If I'm on a machine without IE, am I SOL in terms of accessing my passwords offline?

    Not at all. You can use the command line switch to override modern browsers' local file restrictions in Chrome. It's the last section ("Note to Google Chrome users") here:

    Troubleshooting 1PasswordAnywhere Issues

    I don't know of a way to disable local file restrictions in Firefox or Opera, but since Opera is now based on Chrome you may find the same command line switch works.

  • thisisfaked
    thisisfaked
    Community Member

    Thanks Khad. I don't think I'm entirely comfortable relying on just browser functionality to access my passwords. I'm curious what others who aren't using online syncing do to carry their passwords with them.

    Could I back up a copy of the database to a usb key that I could easily import to, say, keypass? Is that safe?

  • khad
    khad
    1Password Alumni
    edited July 2013

    Thanks Khad.

    It's my pleasure to help.

    I don't think I'm entirely comfortable relying on just browser functionality to access my passwords.

    I can't think of many more standards-based ways to access your data. 1PasswordAnywhere makes your data available in any modern browser. It is based entirely on web standards (HTML, CSS, JavaScript, etc.).

    I'm curious what others who aren't using online syncing do to carry their passwords with them.

    You can place a copy of your data file on a USB flash drive and access it in your browser as mentioned above, or you can use a USB flash drive as part of a good ol' fashioned sneakernet to shuttle the data file back and forth between computers. You don't have to access it in a browser. You can copy the data file to the computer and open it directly with 1Password.

    Could I back up a copy of the database to a usb key that I could easily import to, say, keypass? Is that safe?

    Any format that you can easily import into another application will not be encrypted. If it was encrypted, the other application would need to be able to decrypt it. 1Password is the same in this regard. We expect that data has already been decrypted before attempting to import it. 1Password imports standard CSV files just to name one example. CSV is not encrypted. It is plaintext. If you're goal was to have an export of your data ready for import into another application at a moment's notice, you could export to CSV and keep that CSV file in an encrypted container such as a Knox vault. That seems like an awful lot of trouble, though. I can't imagine the use case for such a maneuver. If you're worried about us going out of business or trying to lock you in, there is nothing to fear. Even if AgileBits were to get abducted by aliens today, you would still be able to use the current version of 1Password to export all your data. It will continue to work for a long time to come. Heck, you can still export your data from old copies of 1Password 2 which are at least four years old. ;)

    All that said, Dropbox syncing is extremely secure.

    From the moment we designed the Agile Keychain data format we ensured that it was able to withstand an attack should your data fall into the wrong hands, either as a result of a Dropbox breach or if someone physically stole your computer. As such, we use AES encryption with PBKDF2 key strengthening to protect your sensitive 1Password data as well as many other mechanisms to stop an attacker from ever accessing your information and we detail this here:

    Security of storing 1Password data in the cloud

    So, as long as you use a secure master password that you don't use elsewhere, your 1Password data is incredibly safe even when stored on a service like Dropbox. If you're not sure about the strength of your master password, please do take a look at our recent blog post on this:

    Toward Better Master Passwords

    I can't think of many better ways to show just how strongly 1Password protects your data than by pitting it against the pre-eminent password cracking tool John the Ripper. We did exactly that:

    1Password is Ready for John the Ripper

    But the choice is yours to make. :)

    Please let me know if you have any further questions or concerns.

    Cheers!

  • thisisfaked
    thisisfaked
    Community Member

    As before thanks again. Your clear outline was beneficial in making my call.

  • khad
    khad
    1Password Alumni

    It's my pleasure to help. Enjoy the rest of your week, let me know if you need anything else, and — above all — stay safe out there. :D

This discussion has been closed.