Start over

I’ve been using 1password Pro for about 4 years and I would like to change my Master Password.
I’ve read on this forum that you guys don’t suggest to change it, because it does not change the underlying encryption key.
I’ve already changed the master password through the preference pane on my mac.
What I would like to do now is backing up the only vault I use (the primary, the default one created by 1password), erase it and then start over, from scratch; then using my backup for the created vault, in order not to insert manually all the data.
Can anyone please tell me how to do it?
If I follow this procedure will I have a new encryption key created by the new master password?

Thank you very much!

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided


  • hawkmothhawkmoth
    edited August 2015

    @chiaras - The way I've done what you want to do is to export my data to a 1pif file from the File > Export menu. Then I follow the instructions for How do I start over with an empty vault? Once I have started over with an empty vault (a new one with new keys will be created when you follow the interaction screens you'll see when you start over). I then import (File > Import...) into that new vault.

    You must be careful with the exported 1pif file - isn't encrypted. Be sure to use secure empty trash to delete it.

    If those directions are too brief, there is a longer discussion about how to do it in this forum post by @JasperP.

  • @hawkmoth - Hello, thank you very much for your help and time!
    I'll try what you suggest.
    One last question: What about the data synced via iCloud?
    If I start over with an empty vault on my Mac, what do I have to do to start over on my iPhone?
    I would like to delete all the data on iCloud as well.
    Then sincyng everything back again with the previously exported file.
    Thank you very much!

  • hawkmothhawkmoth
    edited August 2015

    @chiaras - In your iOS application go to 1Password Settings (Gear icon near the bottom of the screen), then select Sync > Sync Service. At the bottom is an option in red to Disable Sync. When you do that, you will be asked if you want to delete the database from your current cloud service. Answer Yes, and you will have a fresh start with iCloud once you've set things up again on your desktop and have begun syncing that again. Be sure to allow a few minutes after you start syncing on your desktop to allow everything to get back up in the cloud, then restart syncing from your iOS devices.

    You should do this before you begin syncing from your desktop again.

  • brentybrenty

    Team Member

    @chiaras: To be clear, unless there is something wrong with your current Master Password (weak, or compromised in some way), there is no risk associated with changing it.

    Changing the Master Password is only a problem if you used a really bad one to begin with, which in turn was used to encrypt your data (and therefore any existing backups) since someone could simply attack the weak link (the old, bad password). So when we tell people not to simply change their Master Password, we're just trying to make sure no one gives themselves a false sense of (increased) security.

    That said, depending on how old your vault is, creating a new one and importing your data from the old will also result in 1Password using current PBKDF2 practices, as we've increased it over time to keep up with technology (both from the client perspective and current state of the art attacks). I hope this helps! :)

  • @hawkmoth
    Hello, thank you very much for your help!
    I've just did what you've said and it worked smoothly.
    Brand new vault!
    Thank you again for helping me out!
    @brenty Hello, thanx for posting.
    My vault is about 4/5 years old.
    I've created a brand new vault with a new Master Password with "start over" instructions on this website then imported the 1PIF file previously created.
    As far as I understand this should give me a brand new vault with new encrypted Master Password with PBKDF2...
    Am I right?

  • Am I right?

    Yes, you are right.

  • @hawkmoth
    Ok, perfect! Thank you!!

  • @chiaras - You are welcome. Glad to help.

  • brentybrenty

    Team Member

    As far as I understand this should give me a brand new vault with new encrypted Master Password with PBKDF2...

    Yep! But just to clarify, 1Password has always used PBKDF2; we've merely increased the iterations over time as hardware allowed. Cheers! :)

This discussion has been closed.