Backing up 1Password accounts

245

Comments

  • BenBen AWS Team

    Team Member

    Hi @Curt Grimes

    I'd like to get a better understanding of how you were impacted by today's maintenance. What happened that would've been helped by local backups?

    Please let me know.

    Ben

  • LeonardoLeonardo Junior Member

    @rcampbel
    and agilebits

    thank you – theese are exactly the items I would like to see being addressed.

    A further consideration:
    I trust the infrastructure set up by agilebits – backup included. But 1PW does not only store web items.
    You could argue: cloud infrastructure is secure, reliable, resilient. Your only problem might be not having access to the Internet. But exactly in this case I would like to be able to access securely stored data which might be needed for non-internet related purposes.

    As 1PW already has a fine syncing feature between 1PW local and an online account, agilebits should consider adding syncing between 1PW local and 1PW team/family (at least for the primary/personal vault) once the folder vs. tagging and the attachements vs. documents disparities between local and cloud versions have been resolved.

    Keep up the good work, agilebits

  • brentybrenty

    Team Member

    @Leonardo: Thanks for your kind words and feedback! We can certainly consider different ways of backing up the local data in the future. Cheers! :)

  • LeonardoLeonardo Junior Member

    … add hierarchical tagging so we can recreate folder structures in Team :-)

  • JacobJacob

    Team Member

    @Leonardo Mmm, that will probably be later down the road. I can see the need for it, though, especially if you use a folder structure daily. We'll keep it in mind for the future, but right now we've got a few other things at the top of our list. I'm sure you'll love them as well. :)

  • skylarpskylarp Junior Member

    I would also feel more secure with a local backup option alongside the server backups. The more redundancy the better, I think.

  • BenBen AWS Team

    Team Member

    Thanks for the feedback, @skylarp. :)

    Ben

  • skylarpskylarp Junior Member

    No problem, @bwoodruff. It's also probably worth noting for others' benefit that with a local vault included, 1Password for Mac appears to back up everything, including the 1Password for Families/Teams items. For example, my Primary vault (which exists only to sync to my Apple Watch) has 12 items, while my other vaults have over 1,000. My most recent local backup shows 1,615 items. If this is a bug, it's a bug I'm happy with. :)

  • brentybrenty

    Team Member

    For example, my Primary vault (which exists only to sync to my Apple Watch) has 12 items, while my other vaults have over 1,000. My most recent local backup shows 1,615 items. If this is a bug, it's a bug I'm happy with. :)

    @skylarp: Check your Trash for that vault. That always gets me too. ;)

  • skylarpskylarp Junior Member

    @brenty Ah, bummer.

  • brentybrenty

    Team Member

    @skylarp: Wait, was I right about the Trash, or are there still 1600+ items unaccounted for? :dizzy:

  • skylarpskylarp Junior Member

    @brenty You were right. The trash is enormous because my offline vault started life as a copy of my Primary one and it never occurred to me to empty the trash. 8-)

  • JacobJacob

    Team Member

    Aha, well that does happen. :lol: I can't forget about my Trash. That badge in the corner just bugs me.

  • brentybrenty

    Team Member

    Whew. Thanks for letting me know! I just wanted to make sure there wasn't anything crazy going on that we needed to address. You never know!

    I am terrible about emptying my Trash, but there have been plenty of times when I've been glad I'm such a digital packrat, because I found something I ended up needing after all. :lol:

  • Just want to illustrate the importance and peace of mind with having regular local backups: this morning I got a text from my wife:

    "Umm... 1 password has no logins or passwords.."

    "OMG! I don’t have any passwords!!"

    Turns out I upgraded our account to the new Family plan yesterday and somehow she lost access to her own shared vault that I created for her. (We don't use the "Personal" vaults because we want to share all passwords by default).

    So it was an easily fixed problem but I nearly had a heart attack. Losing her passwords would be really, really, really bad. And having auto backups in the cloud doesn't help when the problem is "administrative" like this.

    Please add my vote for locally-encrypted, easily accessed password backups.

  • Here is also one additional vote for local backups. I think they are really needed.

  • BenBen AWS Team

    Team Member

    Thanks for the continued feedback on this issue, folks. :)

    Ben

  • I think this is particularly important in light of this discussion: https://discussions.agilebits.com/discussion/comment/297753#Comment_297753

    If you make another person an organizer (such as your wife), which is required if you want password reset support, then the other person could either accidentally (or maliciously) delete your account and wipe you personal vault. And there are no backups.

    This seems like a massive risk to the integrity of my data. Am I missing something?

  • SmudgeSmudge Junior Member

    Even with all of the "redundant, more frequent, reliable, and available" features that AWS has to offer, what can a user do if someone (angry spouse, vengeful co-worker, etc) intentionally deletes a vault?
    Can we call AgileBits support and ask to have it restored?
    Do you even offer phone support or is it only via forums and emails?
    How long would it take to contact the right person at AgileBits to perform the restore?

    I understand that we should not grant co-owner rights to someone that we can't trust to not delete our vaults but it happens. I could step away from my computer for a quick minute and forget to lock it. A co-worker jumps on and sees that I'm still logged into the 1P admin page and deletes it all. So what can I do in this situation?

  • This is the reason why I haven't jumped onto 1P for Families yet. I feel so much more relaxed and have a piece of mind knowing I have access to my 1P items in Dropbox no matter what.

    Today is also the last day to sign up for Families with the extra bonuses. I'm stuck in limbo!

  • BenBen AWS Team

    Team Member

    Today is also the last day to sign up for Families with the extra bonuses.

    It is an early adopter bonus. ;) Some of the point is to say thank you to folks who hang on with us while we figure out things such as what we're discussing here. :)

    Even with all of the "redundant, more frequent, reliable, and available" features that AWS has to offer, what can a user do if someone (angry spouse, vengeful co-worker, etc) intentionally deletes a vault?

    That is a great question, and I'll get an answer for you.

    Can we call AgileBits support and ask to have it restored?

    No. We do not have inbound telephone support.

    Do you even offer phone support or is it only via forums and emails?

    Forums, email, Twitter, Facebook, ... Just about everything other than inbound phone support. That said we'd really appreciate it if folks only contacted us via one method about a particular issue, to avoid a duplication of efforts (which just slows down the whole process for everyone).

    Ben

  • roustemroustem AgileBits Founder

    Team Member

    @Smudge,

    We are considering adding an option to restore deleted vaults. Currently, most of the information is only marked as deleted and it will be possible to restore it.

    Even the account deletion should not destroy the data immediately but only after a certain "cool-down" time.

  • brentybrenty

    Team Member

    This is the reason why I haven't jumped onto 1P for Families yet. I feel so much more relaxed and have a piece of mind knowing I have access to my 1P items in Dropbox no matter what.

    @kvnhe: I don't mean to be pedantic, but I thought it was important to point out that Dropbox couldn't guard against vault deletion either, as that change would be sync'd to all of your authorized devices.

    That isn't so say that this isn't an important issue; quite the contrary, so we'll continue to see what the best solution may be. I just think it's important to keep in mind that if we allow someone malicious (or mischievous) access to our 1Password data (by leaving the vault unlocked or staying logged in to the site) they have the same privileges you do and can therefore do a lot of damage. Better safe than sorry! :dizzy:

  • @brenty You're right about Dropbox, I guess I wasn't thoroughly thinking it through. On that note, I do have a bi-weekly SuperDuper clone which includes my local Dropbox contents and also BackBlaze which goes back a certain timeframe.

    The more I think of it, the ideal solution is indeed not as easy as we think it'd be.

  • brentybrenty

    Team Member

    Indeed, that's why this discussion is so important! It isn't clear yet what the solution will be, but I'm confident that we'll get there in time with the help of everyone's feedback. Thank you! :)

  • @kvnhe

    See here for another threat you need to consider which could result in data loss: https://discussions.agilebits.com/discussion/61124/bug-with-multiple-account-owners-holding-data-hostage#latest

    Also see this comment for a potential workflow which I believe to be more secure and which might work better for you: https://discussions.agilebits.com/discussion/comment/298226/#Comment_298226

  • brentybrenty

    Team Member

    @natehouk: I don't think that "data loss" is an accurate characterization for cases where access is revoked or it is deleted outright, but you're correct that these are problems in need of solutions. I've also replied to your comments in the other discussion, so I won't duplicate that here.

  • Here's another vote for local backups, ideally with a way to "restore from backup" that would take precedence over the server.

    I really like how 1Password Teams/Families work, and I'm a happy refugee from LastPass, but I have to agree, this is MY data and I want ultimate control.

    Once support get's my Export fixed, I can make do with that, but will feel better when a more automated system comes along.

    Thanks,
    Bruce

  • JacobJacob

    Team Member

    Thanks @bdillahu. To reiterate what brenty said above, this isn't something we're actively pursuing at the since backups are happening automatically in Families accounts and your data is being cached locally when you're offline. I know that isn't quite what you are looking for, but we have some other exciting features in development right now and this one is on the back burner for a bit. ;) Your feedback is always appreciated though. Thanks for the perspective, and hopefully we can get your Export issue fixed very soon. I'll reply to your email in just a bit.

    ref: CUW-66258-313

  • @penderworth I was with you guys on this until 2 days ago when I was reminded again how bad it is to put all your eggs in one basket. I received a notice from Crashplan letting me know that I had 5 days before a backup that I had was to be deleted " Per our retention policy". This backup has been sitting there for 2.5 years without issue. In my case it was 3 of the 5 days to download that but mine was very small compared to others. I was also told that once I initiated the restore process it would pause the deletion but what about people who were away for a week with no email? Bye bye backup.

    That being said and please correct me if I am wrong. Currently ~/Library/Application\ Support/1Password\ 4 is included in my real-time, clone and scheduled backups. So hypothetically wouldn't it be possible to take the computer offline and restore a previous version of that directory and access it? While it's not a real/perfect backup solution one big issue would be documents but at least it's something for people who are concerned.

    One thing I was considering is monthly exporting manually. 1. Is something being done about documents. Right now not being able to export is a pain for many reasons. 2. Why is there no option for an encrypted version? A password protect zip would be better than nothing

This discussion has been closed.