Some master password confusion with 1Password account

I just signed up for the free trial of an 1Password account. In the process I was asked to create a new master password for the account. I followed the steps in the tutorial to sign in with the Mac app and move all items in my Primary vault to the new Personal vault. Then I connected the iPhone version too, using the QR code. All worked fine.

What I now find confusing is that the apps (mac, iOS) still require the "old" master password to open. Is that how it is supposed to work? One master password for the apps and one for the account? Or have I done something wrong here?

Also, two family members currently use 1Password to some extent. If I decide to convert this to a family account, would the same apply for them too? That is, after they join the family account, do they still access their apps with their "old" master passwords?

I have had some issues with making some of these family members see the light, so to speak, and I would like to know in advance what to expect. Any stumbling along the way will be sure to make them go "no thanks, too complicated" …


1Password Version: 6.3.2 (App Store)
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • PilarPilar

    Team Member

    Hi @nja

    It's great to hear that you're trying out a 1Password account. I think you'll really enjoy all its perks! I'm sorry that it has been a bit confusing for you. The short answer is that we recommend you to use the same Master Password as you had for your local vaults. The long answer is that if you pick a different Master Password for your account than for your local vaults, then the Master Password that will unlock everything is the one for local vaults. What you are experiencing is the expected behaviour. I would recommend you to change either of your Master Passwords so you only need to deal with one. You can see how to change your Master Password here: https://support.1password.com/master-password/#change-your-master-password

    When you get your family members using a 1Password account you can just straightforward tell them to write their Master Password, and not get into the technicality that it could be different, that would probably simplify things :chuffed:

    If you have any other questions or if there's anything else that we can help you with, please don't hesitate to ask! :chuffed:

  • Many thanks for the prompt answer!
    It appears that the easiest solution for me is to change the account password to my local one then. I guess I should do this.

    But I have to ask, what is the reason for keeping these passwords as separate entities? I notice that the instructions under "If you have a 1Password account" would likely not actually change the master password on the app, right? If so, it is slightly confusing … If I do want to change my original master password (it probably should be something more secure), would I then have to do this separately in the app(s) and on 1Password.com?

  • JacobJacob

    Team Member

    @nja On behalf of Pilar, you're welcome! There's no need to have different Master Passwords; we recommend using the same one across everything that is 1Password related, so that would be your account and the apps.

    If I do want to change my original master password (it probably should be something more secure), would I then have to do this separately in the app(s) and on 1Password.com?

    Yes, you would. Something that would make things simpler is removing the local vault you have right now. If there's nothing in it, that's a very easy thing to do. Here's our guide to removing it after you've moved your 1Password data to an account: https://support.1password.com/migrate-1password-account/?mac#to-delete-your-old-vault

    You can do that on your iOS devices as well by simply reinstalling the app. Hope that helps! :)

  • Ok thanks a lot for your responses, they've been really helpful! I will follow your advice then, at least when and if I decide to go ahead with the subscription account.

    Best, Niklas

  • brentybrenty

    Team Member

    Excellent! Thanks for the update. On behalf of Jacob, you are most welcome! I'm glad to hear that all is well. It sounds like you should be all set, but don't hesitate to reach out if we can be of further assistance. We're always here to help! :)

  • odysseusodysseus Senior Member

    Just one more thing. One doesn't have to enter the Master Account key in the apps each time to open them, correct? The MAK is only required to log into 1P.com?

  • PilarPilar

    Team Member

    Hi @odysseus

    The Account Key is needed to set up your account in the app the first time you want to use it. Once you've added your account you don't need to scan or type the Account Key every time. This video, beginning at minute 1.00, will show you how to do it.

    If you have any other questions, please don't hesitate to ask! :chuffed:

  • odysseusodysseus Senior Member

    Frankly, I find the whole login procedure for 1Password.com to be quite confusing. If I go to 1P.com and click "login", I'm presented with "Enter the sign-in address for your account" and a blank field followed by ".1password.com". But I have no idea what that apparently customer-specific subdomain is. On the other hand, if I go to the initial setup email that I received from 1Password for Teams, it shows my sign-in address as "https://my.1password.com." If I click that link then I'm shown a login page with email and account key somehow magically filled in (via cookie?(, and a blank "master password" field.

    Is the "my" subdomain used to distinguish between individual and team server accounts? It's just weird because it isn't user-specific at all …

  • JacobJacob

    Team Member
    edited August 2016

    @odysseus Sorry for the confusion. 1Password.com's "sign in" page is not what we usually recommend people sign in from. Instead, it's best to add your sign-in address to your favorites/bookmarks in your browser. Then you can head there quickly and just enter your Master Password if you've used the browser before (your email and Account Key are saved automatically in the browser data, as you mentioned). The "my" subdomain is indeed for individual accounts, whereas team and family accounts have their own domains — it didn't seem necessary for individuals to have one more things to remember.

    I'm sure we can improve this process a bit, especially for individuals. On the sign-in page, we could just have a nice "I don't have a team. It's just me." type button that would take you to the individual sign in page. Thanks for the feedback. :) I'll pass it along.

    ref: B5-1930

  • odysseusodysseus Senior Member
    edited August 2016

    Why is it necessary for there to be a distinction (for users) between teams and individuals? Can't your server code take care of that upon login? Why can't individuals simply be a specific case of families/teams?

  • BenBen AWS Team

    Team Member

    @odysseus,

    We could have, if we had limited it such that each email account could only be associated with a single 1Password account. You wouldn't be able to have your email address associated with both your individual account and your 1Password Teams account, for example, which many people do.

    Ben

  • odysseusodysseus Senior Member

    I see -- thanks!

  • BenBen AWS Team

    Team Member

    You're very welcome. It is an interesting problem though -- and I'll be happy to let our developers know this is an area that some folks would like to see improvement in. :)

    Ben

This discussion has been closed.