I want to back up (under my own control) 1Password for Teams (or 1Password for Families)
Hi saw this prior conversation:
https://discussions.agilebits.com/discussion/56933/how-do-you-backup-1password-for-teams
Unfortunately, it was closed, so I couldn't comment on it.
I'm not wild on relying on an "outside" source to back up critical data. So while I trust that your backup strategies for your servers are robust, I still want to keep my 1Password backups with other critical data (like my paperless office database and such). This information is saved to external hard drives and lives in a safe deposit box. The information is encrypted and backed up very robustly.
I'd like some way to back up 1Password for Teams/Families data myself, using some safe "supported" mechanism. I'd like the process to make these backups as easy as possible (extra credit if I can use Mac automation to do the backups on their own).
To be clear, I'm not after ISOLATION (i.e. clear text passwords that can be imported elsewhere). Having the actual .opvault files (for the regular 1Password software) would be fine.
So what's the easiest way to do this? I can select everything from each vault, tag the items with the vault name, and then copy all the items to a new local vault, and then save that local vault on the backup disk. Since I have numerous vaults, I'd need to do this numerous times each time I wanted to "update" my backups.
Can this be automated?
Is there something else I can do to back up data such that I have it under my control, and can easily use it with no data loss, if needed?
Thanks for your help!
/Jeff
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
@jeffc: As you noted, you can still use local vaults. That's the key to accomplishing what you want, since, after all, you're trying to manage backups locally. However, it isn't possible to automate this. More on that toward the end.
I totally get where you're coming from though, and I'll tell you what I told someone else: There's an element of discomfort, at least for me, when it comes to ceding control of something I'm used to managing myself. I had a really hard time letting iTunes organize my music at first! In the end, it wasn't perfect, but it was better than the time I used to sink into doing it all by hand (with folders, of course!)
But I had a somewhat easier time accepting this with my 1Password Account. Maybe part of that comes from when I learned to "let go and let iTunes". But I know that a huge incentive for me is what I learned from losing data in the past due to inadequate backup strategies. That may seem counterintuitive, but if we're honest with ourselves, the odds that an entire redundant server infrastructure and its offsite backups will fail completely are vanishingly small compared to the modest personal backup strategy I have today. Hardware files, and as a consumer I have a lot less robust equipment and systems in place. I use offsite and local backup, but all of this depends on me making sure it's working in the first place, and that I'm not just backing up corrupt data. Frankly, I don't have time to be as diligent as I'd like. But 1Password.com does, so I at least don't need to worry about losing my most important data.
However, it's certainly reasonable to make a personal backup periodically, and one way you can do this is copying the data to a local vault on a USB drive. This is probably similar to what you're doing anyway with some of your other data, to send it off somewhere safe monthly or weekly. And in a pinch, a local 1Password vault can be used with any of the apps completely offline.
And again, this doesn't need to be an every day thing since you've got a more rigorous backup solution working for you around the clock (no offense, because 1Password.com is better at this than either of us will ever be; we have other priorities, after all). I hope this helps. Let me know if you have any other questions! :)
0 -
Is there a technical reason why the 1P desktop GUI can no longer generate scheduled encrypted backups after you connect to 1P for Teams/Families?
I get the fact that the cloud service effectively provides a replica of the data.
However, I can't see why this precludes the user from taking their own backup (if they feel it is necessary), especially as the code to support this is already in the non-cloud version.
0 -
@0x6e6562 There are a couple of reasons. The main one is that the server is the known source of truth. Adding a local backups function in addition to that would require conflict resolution as well — after all, there will likely be items that have changed in between the backed up version and the server's version. The apps refer to the server as the source of truth, so that would have to be inherently different for local backups to function.
Next, there's the issue of revoked access. With team and family accounts, removing someone from the account means their data is deleted and they can no longer access it. Giving them local backups would mean they could roll back and get their data. We're not looking to empower that kind of thing. Team and family data should be consistently protected and the choices you make to remove someone's access should do just that.
From a broader perspective, with the structure local vaults have, backups were necessary because most people don't back things up routinely, and we wanted to make sure they had versioned copies of their 1Password data. When things are hosted on 1Password.com, the server handles every version of every item and vault automatically. You can restore previous versions of items in an account, a benefit the previous format didn't include.
With things being on the server, your trust in the server is required, because a Backups tab isn't in the 1Password interface at that point so the tangible security of a backup isn't as near, but realistically speaking, if in the worst case AWS was taken down — all the servers and redundancy, which would be quite a feat — your data is cached locally. It's there for offline access and use when the server is unavailable during maintenance.
Hope that helps! :)
0 -
@Jacob I take your points.
If you want to split hairs you could say that the backup would work off the server version, not the locally cached version, i.e. a backup would always read through to the server.
Furthermore you could have a monotonically increasing version number for every mutation within a vault. Looking at the highest version within a given vault would allow you to establish the newer of two arbitrary vault backup dumps.
You could also restrict access to the backup to the administrator of the account, since you would only be dealing with a paranoid sysadmin for this functionality. Normal users would just expect the cloud service to maintain the backups and wouldn't require their own backups.
That said, this isn't really a deal breaker for me, I was just curious as to whether there is a similar option like Arq has to insure people against data obsolescence in the scenario that AgileBits decides to call it a day.
0 -
If you want to split hairs you could say that the backup would work off the server version, not the locally cached version, i.e. a backup would always read through to the server.
@0x6e6562: That's exactly how it works. The server does backups (and versioning) automatically, so all of this is transparent. Of course, now it occurs to me that this transparent-to-the-user approach is probably what prompted your questions. Maybe we can make that clearer somehow.
Furthermore you could have a monotonically increasing version number for every mutation within a vault. Looking at the highest version within a given vault would allow you to establish the newer of two arbitrary vault backup dumps.
This is sort of how the server operates, but the problem arises when trying to restore local backups, and that's where conflicts arise, as Jacob mentioned, since the server would have to try to reconcile created/removed/modified data.
You could also restrict access to the backup to the administrator of the account, since you would only be dealing with a paranoid sysadmin for this functionality. Normal users would just expect the cloud service to maintain the backups and wouldn't require their own backups.
Precisely! Though, while you're right that normal users would expect their data to just be safe in the cloud, most users won't ever even think about any of this until they need to recover something.
That said, this isn't really a deal breaker for me, I was just curious as to whether there is a similar option like Arq has to insure people against data obsolescence in the scenario that AgileBits decides to call it a day.
While I think we have a good 10 year track record, and no plans of going anywhere, that's a fair point. Fortunately, there's a solution. Even if 1Password.com shuts down tomorrow, you've got your data cached on your device, and can export it without having to get it from the server. Cheers! :)
0 -
@brenty All valid points. I can understand where you guys are coming from and why the cloud backup story is probably good enough.
I guess the truly paranoid should store their passwords in a plain text file and encrypt it with OpenSSL or a TrueCrypt derivative. I might have just a bit too much grey beard mentality on this topic (plus I liked the way Arq solved this).
That said, I love 1P and have been using it since 2006, after you introduced support for Camino :-)
Many thanks for taking the time to go over this.
0 -
I remember Camino! I'd say I miss it...but I don't believe it ever supported HTML5. :lol:
Anyway, likewise! Thanks for your feedback on this. It's certainly something we'll continue to evaluate. But our priority is to offer security that works for folks not willing to manage all of the details themselves. For folks who prefer doing it themselves, I think there are certainly plenty of other possibilities out there, like you mentioned. Cheers! :)
0 -
I didn't realize this was an active topic for a bit, and I originally opened the topic. Sorry for not tracking it more closely.
I guess my view, as administrator, is that the data is mine. If I want to be anal and back it up, I should be able to. If you can make it easy for me to do so, great. But if your focus is on cloud reliability, I can understand that. But still: If I want to back things up, I should be able to, even if it's not necessarily seamless for me.
Conflict resolution is certainly an issue. Lack of "focus" on this particular feature (because you really do trust your cloud infrastructure, and certainly AWS has a lot to trust) is another. All perfectly fine reasons for you to decide not to implement features to make this seamless.
But again, the data is mine, at the end of the day. If I want to store it in the cloud AND make backup copies of my data (either in an .opvault file, or in exported text files or whatever), that should be my option. Personally, I prefer using .opvault files, as this way, there is zero data loss (formatting, whatever) if something did go wrong.
I kind of look at it slightly morbidly. Say I get hit by a bus tomorrow. Say you bill me, and I'm not in a position to pay (hospitalized, out of the country, or whatever). Eventually, you will delete my account. But if the data is backed up on my own devices, then I still have ultimate control of it.
Losing access to 1Password means I lose access to data backups in cloud services and other things that would be pretty nasty for me. I completely trust 1Password to store that critical information. I understand you say that you back my data up securely and reliably, and I appreciate that. That said, I too have grey hair, and trusting myself with critical data for me is much better than trusting someone else. At least that way, any fault is my own, and not somebody elses.
Thanks for your understanding ...
0 -
Hey @jeffc
First off, great name ;)
I was going to spend a fair amount of time going through my reasons and approach as to why I did not want to allow local backups...
For example, our 1Password service finally has a single source of truth for it's data and why that is better than multiple disparate copies of the data all of which could be considered "correct". I was going to explain how "restoring" a local backup would get you into trouble if you had other edits on other devices (think of shared vaults in particular) and how we would always have to guess the intention of the restore. I was going to try and convince you how having all of this controlled on the server makes these quite deterministic and hence better.
Then it occurred to me... what we are really doing is disagreeing over the word backup.
What you really want is a copy of your data that you can have and control locally so if something horrible ever did happen, that you could recover it, and just for sleep-better-at-night ability. If we provided an automatic export of your data (perhaps even encrypted) then I think this would accomplish what you are looking to achieve. Please let me know if I am mistaken. I use the word export simply because it makes it easier to distinguish in my mind and because it simplifies the rules of restore.
I can see the value here, and while we have the export ability today it is not automated. It is something that enough people have asked for that I will look into adding it in the future.
Thanks,
-Jeff0 -
Hi Jeff,
My initial post of this topic basically gives what I'm after: I'm after getting the data in some form (native 1Password form, like a .opvault file), such that I can use the data locally. It would not be my intention to restore that data into 1Password for Families; I believe that the backup there is just fine. But that said, this data is critical, and I still want it "in my paws", going to the safe deposit box with the rest of my data for catastrophic recovery purposes. I have backups for a lot of stuff getting encrypted and going to the cloud, but I still like to have a copy in my safe deposit box, updated weekly (the 1Password data would likely be updated monthly or something).
Exporting it (even encrypted) is fine, as long as it can be imported with zero loss of data (i.e. all sections intact, etc). Exporting it non-encrypted is okay too; I'd just put it into an encrypted sparse partition and put that on the safe deposit box disk. But what I'm looking for: Some way for someone (not necessarily me; I'm thinking next of kin) to be able to get to this data if needed and recover it to gain access to online resources.
That's what I'm after. I call this a "backup", not in the sense of recovery, but in the sense that my data is available to me if needed. As I said, I do encrypted backups to the cloud for much of my data, and I'd expect to rely on that long before I relied on the safe deposit box disk. But I want the "comfort" of knowing that the safe deposit box disk is there, along with the 1Password app that can work with data locally, should catastrophy strike.
My sister lost her husband about 10 years ago, and I remember how difficult it was for her to deal with, not just emotionally, but practically. I flew out to visit my sister a half dozen times for emotional support as well as practical support in just getting stuff handled. And I vowed to make it easier on my wife, should something happen to me.
Now, in that case, my wife is already a 1Password for Families user. But if something happened to both of us, then the estate gets managed by caretakers for our children, and they are NOT 1Password for Families users ...
Depending on how quickly they gained access to our safe deposit box, they would likely just use 1Password for Families (I have instructions in the safe deposit box on how to get to that). But I also want the data on the disk drive, should it be needed.
Hope this explains more precisely what I'm after!
/Jeff
P.S. Yeah, great name! :smile:
0 -
@jeffc: Thanks for all of your thoughts on this. I too have a rather visceral connection to the word "backup", so when Jeff (the other one) talks about "export" part of me raises an eyebrow...but once reason prevails, I think it makes perfect sense. After all, if we're talking about being prepared for something happening to AgileBits/1Password or to you, having the data in a portable (export-able) format would be even better than a backup which only 1Password can read. So while it's easy to copy data to a local vault now (which 1Password can use), making it possible to automatically and securely export data would be great for these sorts of critical situation.
And without going around in circles too much, I did want to respond to one thing you said that really stuck a chord with me:
I understand you say that you back my data up securely and reliably, and I appreciate that. That said, I too have grey hair, and trusting myself with critical data for me is much better than trusting someone else. At least that way, any fault is my own, and not somebody elses.
I'm of a similar mind. But based on my experience with family, friends, and customers, even if we understand this and accept sole responsibility for our own data, if this is after the fact — when data has already been lost — then it isn't helpful at all, except as a very painful object lesson. I'm glad that the 1Password.com subscription service is able to help people who never give this a second thought until disaster strikes to not have to learn the hard way. :blush:
0
