Best way to back up data

jkav

I’m a loyal 1PW subscriber and love the service. I would like to possibly consider storing a unencrypted backup of my passwords on my Mac locally in case I am ever locked out. Any suggestions?

Lars

@jkav - thanks for the kind words about 1Password! We welcome all kinds of feedback about 1Password: good, bad or just informational, but not gonna lie, the positive feedback is easier to read. 🙂Thanks for being a loyal user!

And thanks for the question, too. But honestly? My suggestion is: don't. I absolutely understand why you would want to -- in case you are locked out, as you say, and I can think of other reasons as well. But all of them violate the main reason (I assume) you use 1Password in the first place: security (and privacy). For one thing, we don't have an easy "unencrypted backup" feature. If you have a 1password.com account, your data is backed up on the 1password.com servers automatically. If you use 1Password in standalone mode, then your local 1Password for Mac app makes a backup once a day of your data -- but it's not unencrypted, and the reason for that is the same reason your current 1Password database is encrypted: for your protection.

To get an UNencrypted copy of your data, you would have to export all your items to a .1pif file. That would then be importable back into any other copy of 1Password in the event of a disaster. So -- if you forgot your Master Password, for example -- you could simply start over with an empty vault and a new Master Password, and import that .1pif file back into your new setup. But there are two problems with that: the first is that unless or until such a time, this file would be available on your hard drive for anyone with access to your Mac to read or copy or misuse. From a security perspective, it would be no better than keeping all your passwords saved in a Word document. The second problem is that exporting your passwords provides you with a static copy of your data, like a snapshot. As soon as you do it, any future changes you make to your data (changed passwords, new items, deletions, etc) will not be reflected in that .1pif file you exported. If you export today, and have an issue that requires you to use it in six months, a lot could have changed in that time! That means you'd need to either set yourself reminders to keep exporting updated copies of your data (unencrypted) every few days or every week, or you'd have to live with a copy that might be significantly out of date.

Long story short: can you do it? Yes, and that would be perhaps the only good way to do it. Should you do it? Not in my opinion. A far better idea would be to write down your Master Password (and, if you're a 1password.com account user, your Secret Key) in a safe place, like where you keep your birth certificate or passport. In 1password.com accounts, we actually provide you with the Emergency Kit, for just that purpose. I have my own printed out and stored in a place only I know, in case of just such an emergency. It's a lot less risky and more convenient than trying to keep an unencrypted, up-to-date copy of all my most-sensitive data.

jkav

Makes sense. If for whatever reason I cancel my subscription or billing fails, how can I for sure be safe to know that I can access my data after I cancel. I obviously trust you guys but 5 years down the road, cancelled accounts could be eventually purged. Just thinking worse case scenario.

Lars

@jkav -- I'm not sure I understand you. If you cancel your subscription doesn't that mean by definition you're no longer interested in using 1Password? I would hate to see that day come, but if it did I would assume you'd made other arrangements for password management, and would not need to be relying on old archives of canceled accounts "five years down the road," as you say.

If billing failed for some reason - say because you switched banks and forgot to change your billing method at 1password.com before your account renewed - your data would not be lost. In such billing issue scenarios, your account would enter Frozen status, but you would still be able to access your local copy of the data.

jkav

I don’t think we’re on the same page. I never said anything about canceling. What I said was if my membership were to be canceled how can I be sure that I could get access to my data five years down the road.

Lars

@jkav

What I said was if my membership were to be canceled how can I be sure that I could get access to my data five years down the road.

Canceled by whom? I don't think I'm understanding what you're asking. If your membership is canceled, who canceled it? Unless you're part of a 1Password Families or 1Password Teams account where someone besides you is the administrator, you are the only person who can cancel your account. We will not delete data for you; anyone who has an account and who stops paying for it will not be deleted; they will only see their account enter Frozen status. That would remain the case indefinitely.

jkav

I’m saying that if I were to close my account tomorrow and then a few years down the road need to access my “frozen” data that was once stored in my 1PW account, how could I be sure that I would never have my data deleted?

AGAlumB

@jkav: I don't quite understand why you'd want to do that. While we don't have plans to delete your lapsed account, if your account is left unused for years it may be that it will be cleared out, though we'd notify you first. The point of "frozen" status isn't free long-term storage, but that the data is accessible for you to export it. But squatting on sign in addresses is no good, as paying customers might want to use them. As Lars mentioned, you can export to 1PIF, or even copy the data to a local vault instead. You specifically asked about an unencrypted copy. Is there a reason that won't work for you? Maybe there's something else we can add the future if there's another use case we need to take into account.