To protect your privacy: email us with billing or account questions instead of posting here.

Are 1password for families vaults safer than legacy vaults in Dropbox?

berto
berto
Community Member

I've been using 1Password with my vault in dropbox for years. Now that 1Password stores passwords on its own servers, are they safer than keeping my vault in Dropbox?

Thanks.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ssoroka
    ssoroka
    1Password Alumni
    edited December 2016

    Hey @berto,

    I don't want to imply that your data is not safe on Dropbox, but is it safer on 1Password servers? Yes, I believe so: Good security is about layers of protection, and 1Password servers have more layers. For example, the hosted 1Password service employs an account key in addition to your master password. This makes guessing your master password by going through dictionary attacks useless. Even if an attacker knew your master password exactly, you can't decrypt anything without also knowing the user-specific "account key".

    Both Dropbox and 1Password apply a second layer of encryption when storing your data on disk (source https://www.dropbox.com/security and https://1password.com/teams/white-paper).

    Owning the servers allows us to provide a much richer experience:

    There's better recovery features in the 1Password service. Teams and Family accounts can allow team members and family members to recover lost credentials without compromising security.

    Backups are also easy to forget about or get wrong. The 1Password service backs up your data at regular intervals (again encrypted twice) to protect you from data loss.

    In short: the 1Password service is a better experience for our customers, but if you're on Dropbox there are no security concerns; just make sure you're using a good master password.

    Cheers,
    Steven

This discussion has been closed.