Store Apple ID Recovery Key in 1P?

DavidB

I just implemented 2-step verification for my Apple ID.

Apple explicitly warns not to store the Recovery Key on your computer.

I know this may sound naive, but this made me wonder: Is there any reason I shouldn't store the Recovery Key in 1Password, along with my Apple ID password?

Thank you,

David

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Furzul

Apple also say print a hard copy, I would think that 1Password is more secure than a hard copy.

Drew_AG

Hi @DavidB,

Thanks for taking the time to ask us about that! With Apple's two-step verification for your Apple ID, your Recovery Key can be used to regain access to your Apple ID account if you forget your Apple ID password or lose your device(s). Part of the reason Apple says not to store your Recovery Key on your Mac is because if someone gained access to your Mac and found your recovery key, they could use that to access your account. You also wouldn't want to lose your only copy of that recovery key if your Mac was stolen, so Apple also suggests storing it in multiple places.

Personally, I don't see any reason not to store your Apple ID recovery key in 1Password, because no one but you can access your 1Password data without your master password (just make sure you have a good master password that no one else can guess). So if someone steals your Mac, they won't be able to get that info from 1Password. But you'll also want to make sure you have your 1Password data synced or backed up somewhere other than just that Mac in case something happens to it.

I hope that helps, but if you have more questions, please let us know. We're here for you! :)

DavidB

@Drew_AG

Yes--the only reason I asked is because Apple seemed to be making a special point of this in a way I hadn't seen before with them.

They hadn't mentioned it in regard to storing your answers to the security questions, which as far as I can tell would have the same value to a thief as the Recovery Key. I guess they may have figured that everyone was giving truthful answers, so there was no need to store them anywhere.

littlebobbytables

Greetings @DavidB,

I'd say that as long as you are confident that your vault has redundancy e.g. Mine is always accessible from two Macs and a single iOS device then you should be fine. What you're suggesting is what I do myself because I'm not anticipating losing access to so many devices at the same time. I could improve redundancy by keeping a copy of my vault elsewhere as well I suppose in a format so that it could read in either OS X or Windows. Certainly from a security standpoint I'm not concerned about storing my recovery key in my vault - it's the safest place I know of after all :smile:

I started giving strings generated by the Password Generator for security questions so they can't come back and bite me in the rear later. Security questions seem like a good idea but are usually pretty bad in practice.