Why can't I get a secret key with a license?
I lost my iPad today and needed emergency access to my passwords. Got to an internet cafe, went to 1Password.com, and the login screen asked for a "Secret Key" alongside the usual stuff. I'd not heard of this before and do not have such a thing. Meant I couldn't get to my info and had to wait a few agonising hours before I was home again to deal with the lost iPad deactivation on my Mac. I understand the security logic, but in the circumstances it was very frustrating. Now, after searching a bit, I see that as a (longtime) 1Password license holder, I can't get a Secret Key, which is only available to subscribers. Am I wrong to think this penalises license holders?
1Password Version: 6.8.8
Extension Version: 4.7.0
OS Version: macOS 10.13.4
Sync Type: Dropbox
Comments
-
Hi @necktilt,
Not to make this an incredibly long thread, but I think it may help to provide some back-story here.
When we originally released 1Password it was only available through licensing and used what we now call “standalone” vaults. These vaults are only stored on the device that you create them on by default, though they can be synced through 3rd party services such as Dropbox and iCloud. We (AgileBits / 1Password) never have copies of these vaults. After many years of hearing feedback from customers that iCloud and Dropbox were less than reliable at syncing their 1Password data we decided to take the problem head on by developing our own solution for maintaining 1Password data across all devices. We developed 1Password memberships in response to these difficulties. 1Password membership is a separate offering from the standalone apps. It is still possible today to use 1Password either as part of a membership, or with a license (in “standalone” mode). We are directing all new customers to membership, and would certainly encourage existing customers to take a look as well. So that is the history, in brief.
As you are using 1Password standalone, and syncing your data via Dropbox, we don’t have a copy of it. As such there would be no way for you to log in to 1Password.com and access it. It just isn’t there. If you’d like for it to be you can certainly migrate to a 1Password membership. As I mentioned above this is a separate offering from standalone licensing, and it is a subscription service. You can learn more about migrating here:
Move your existing 1Password data to a 1Password account
By moving to a membership you get access not only to 1Password.com, where your encrypted data will reside, but you also get access to the latest versions of all of our 1Password apps including the upcoming 1Password 7 for Mac (which otherwise would be a paid upgrade). If you’d like to read more about the benefits of membership we have a guide which may be helpful here:
What are the benefits of a 1Password membership?
As for how the Secret Key plays into all this... The primary purpose of the Secret Key is to protect you from a breach of 1Password.com. As your data isn’t stored on 1Password.com without a membership the Secret Key isn’t used. You can learn more about the Secret Key here:
About your Secret Key
I hope that helps!
Ben
0 -
Ben, thanks. I guess the short version of that is: get a membership.
But my immediate worry is how secure my 1Password info is on that missing iPad of mine. Am I right in thinking it's two passwords away from someone, that they'd need to crack my iPad passcode (I can verify that I am still in possession of my relevant finger) and then crack my 1Password master password? After which, they can get to all the passwords and other sensitive info stored in 1Password. Yes?
And second question: would that be different if I had a membership?
0 -
Am I right in thinking it's two passwords away from someone, that they'd need to crack my iPad passcode (I can verify that I am still in possession of my relevant finger) and then crack my 1Password master password?
Basically, yes. There's questions about to what extent more-sophisticated hackers can bypass some of your phone's OS-based security measures, but in general you're correct. This is why we have always urged 1Password users to spend some time and effort choosing a good master password. Assuming yours follows the principles at that link, it will be quite difficult indeed for attackers to brute-force your 1Password data, even if your device had no passcode lock whatsoever. If your Master Password for 1Password was not as strong, then that might be a different story, but only you can judge that. 1Password is designed from the ground up with security in mind, but it's only as strong as your Master Password.
would that be different if I had a membership?
Not in this particular scenario. But it's also no less secure than standalone 1Password in this case. 1Password.com accounts do have the additional security advantage of the Secret Key, but because that Secret Key is designed to reside on devices on which you use 1Password, a hacker or thief coming into possession of one of your devices would by definition have access to that key. The Secret Key really helps beef up security in a case where our own (AgileBits') servers were compromised. Obviously, we take measures to prevent such an occurrence, but if it were to ever happen, a hacker would need to not only know (or be able to guess) your Master Password but would also need your Secret Key...which never leaves your device(s).
I think I'll stop here, to avoid overwhelming you with information that may not be relevant to your specific situation -- but let us know if you have further questions, we're here to help!
0 -
@Lars
With the membership, if I lost my iPad, couldn’t I go on a computer and log into my account and remove my vault from that iPad? Then my passwords are off of that iPad?@necktilt
I just read an article last week how 6 digit passcodes on and iPad or iPhone can be cracked in under 11 hours. I actually changed mine to a numeric/alpha password on my iPad now. My iPhone always had this.0 -
With the membership, if I lost my iPad, couldn’t I go on a computer and log into my account and remove my vault from that iPad? Then my passwords are off of that iPad?
Yes and no.
Yes, you can visit the My Profile page of your account and deauthorize a given device such as your iPad, but no, this won't actually remove the vault or delete the account UNLESS 1Password is able to sync with the server.
To be clear, that's likely to be enough in almost all real-world cases, but a truly knowledgeable adversary who came into possession of a stolen device would know not to open 1Password without turning off all connectivity ("Airplane mode" on iOS). If 1Password can't reach the server (which it will try to do each time you launch it, to sync and check for things like you having deauthorized a device, etc), it cannot learn that it's supposed to remove the data and delete the account from your iPad, and thus the attacker would be able to work directly on the local cache of your data, unless (s)he slipped up and turned on internet connectivity.
0 -
Good news: I just got my lost iPad back. But the experience has made me think more carefully about my strategy with 1Password.
I know my data is always secured behind my master password—and Lars, yes, my master password is apparently “very strong”—but I think all passwords are crackable eventually. Even my "very strong" master password.
Which leads me to wonder about what I have “available” in 1Password when I’m out and about with a device ... a device that could potentially be lost or stolen.
This is my current setup: I have one desktop computer (Mac mini), which I consider my master machine, I have a laptop (Macbook Air), and I have two iPads (both minis). I have a MacOS 1Password license, and I have 1P apps on each of those four computers, sync’d via Dropbox. At the moment, everything is sync’d—passwords, credit cards, secure notes, etc—and all are contained in one Primary Vault.
I want to consider, now, what might be the best way to go forward. The Mac mini always stays where it is, so that’s OK, with “everything” on it. But when I go out with all or some of the laptop and two iPad minis, I’d like a way to have a “not everything” set of data on those.
From what I’ve read, it would seem that the obvious way to do this would be to get a subscription (ouch) and use Travel Mode, although I'm not entirely sure if that does what I want to do, But I wonder also about Vaults as another option. I’ve never used Vaults. I’ve read about them, too, but I’m still not clear if they would help me to do what I want to do.
Sorry for the long post. 1Password is very good—I’ve been using it for nine years—but this recent experience has rattled me. I do want to find a practical way forward where I feel more secure as I continue to use this software, so I’d appreciate some advice.
0 -
Good news: I just got my lost iPad back. But the experience has made me think more carefully about my strategy with 1Password.
@necktilt: Never a bad thing. :chuffed:
I know my data is always secured behind my master password—and Lars, yes, my master password is apparently “very strong”—but I think all passwords are crackable eventually. Even my "very strong" master password. Which leads me to wonder about what I have “available” in 1Password when I’m out and about with a device ... a device that could potentially be lost or stolen.
"Eventually", though, will be on the order of "after everyone is long dead" if you're using a long, strong, unique Master Password...and 1Password also uses PBKDF2 to slow down attackers when they try to guess it using automated tools. So use a strong password and you can rest easy. :sunglasses:
I want to consider, now, what might be the best way to go forward. The Mac mini always stays where it is, so that’s OK, with “everything” on it. But when I go out with all or some of the laptop and two iPad minis, I’d like a way to have a “not everything” set of data on those. From what I’ve read, it would seem that the obvious way to do this would be to get a subscription (ouch) and use Travel Mode, although I'm not entirely sure if that does what I want to do, But I wonder also about Vaults as another option. I’ve never used Vaults. I’ve read about them, too, but I’m still not clear if they would help me to do what I want to do.
"Ouch"? :lol: But seriously, that's not what Travel Mode is for. Travel Mode just makes it easy to remove stuff fro your devices that you don't want there when you comply with border officers' requests to search your devices: you're giving them access to it anyway; it's not about someone breaking into 1Password, because no one has that kind of time.
Ultimately, while you can certainly try doing what you're describing, I think you'd be better served by simply securing all of your data with the best Master Password you can so you can rest easier. Life is too short — and that goes for the bad guys too! Just remember that 1Password is designed with the assumption that someone will get your device with your vault on it, so 1Password needs to stand up to a direct attack, rather than relying on the hope that something like that never happens. It probably won't, but maybe it will. And with a great password only you know, you're in good shape. :)
0 -
Brenty, thanks, that's all very useful.
My master password is very strong (off the right-hand end of the green scale if I put into 1P's Password Generator, for example), so I will keep that and rely on it. Thanks for making me feel more relaxed about all this.
I won't use Travel Mode, then, and I'll ignore Vaults for the time being.
The ouch, by the way, was simply because I figured that in the nine years I've been using 1Password, I've bought the original Mac licence, an iOS licence, and one paid upgrade, adding up to $78. If I'd been paying for a subscription over the same period (in theory, of course) it would have come to $324. I understand the difference, and I understand the attraction to AgileBits. But to me, that seems to qualify for an ouch.
0 -
Hi @necktilt,
I get why there might be a bit of a sticker shock there, that's a pretty big difference in prices. I think the iOS Premium in-app-purchase has always been $10, so I would actually be curious to know which purchase you did of 1Password for Mac and which paid upgrade you went through to reach $68.
We've been really generous with the free upgrades. Arguably too generous. Paid upgrades are really difficult. They're difficult because you need to make sure that what you're asking people to pay for has value that's proportionate to the cost of the upgrade and everyone's going to have a different definition of what that is. But they're also difficult because it requires a lot of technical work in order to make the transition smooth. And then they're also difficult because for each paid upgrade someone will draw a line in the sand and say "nope. not spending any extra money there." It's hard to fault them, who wants to pay more money? Sadly it results in a portion of the user base that's going to continue using old apps. We still have a not-insignificant number of users using 1Password 3 because 4/5/6 are paid upgrades.
It's a tough decision from our side to decide when to make things a paid upgrade. I think that you've gotten a fantastic deal if you've been able to use 1Password for 9 years across two platforms for only $78. Other users weren't quite so lucky as they needed to purchase the Mac app and the Windows app separately, and then the mobile apps. Depending on when those were purchased the total cost would go up significantly. Per user per platform per version pricing is hard that way. That's why we wanted to simplify things with 1Password account. Take all of that complexity out, and get more out of it. My wife shouldn't have to worry about what kind of computer she'll get with her next job and whether she'll be able to run 1Password on it in order to have access to everything she needs from our shared vaults.
Rick
0 -
Rick, my calculation for the cost to me so far was based on a 2009 MacOS single-user licence at $39.95, an upgrade to 1P4 in 2013 at $24.99 ... and on checking I now see that the iOS app that I bought that same year was actually £12.99 (which I misread originally as dollars), and that would be about $22.
So actually $87 or so in total.
I take all your points ... but I'm still saying ouch! compared to (a hypothetical) $324.
I don't think I'm alone in finding the general drift among some developers to subscription-forever schemes dismaying.
0 -
@necktilt - if you followed rickfillion's points, one of them was that we never charged for the full-version upgrades to versions 5 or 6 of 1Password for Mac, and the 1Password for iOS Pro features haven't had an increase (or refresh) in nearly as long. In short, we've (arguably) waited too long to charge customers. Not just you; all our customers.
There were various reasons for why we didn't charge for either 1Password 5 for Mac or 1Password 6 for Mac if you had a 1Password 4 for Mac license (or even 1Password 3 for Mac, grandfathered as far back as a full year prior to the version 4 launch), but none of the reasoning really matters much now, after the fact, except to take into account when adding up what a given user has spent for 1Password over the years.
In short, the disparity between what you actually paid and what you're extrapolating you would've paid had you been using our current subscription model for the entire time you've been 1Password is artificially wider than it would've been had we charged the way most software is paid for: by the version. And that total/disparity would've varied even more depending on which platforms you wanted to use 1Password on. One of the many benefits of 1Password membership is that it includes all our native apps on all four platforms, including all future upgrades, for as long as you maintain the membership. Decided to swap mobile platforms? No extra charge. New version released on one or more of the platforms you use? Just download and keep right on truckin'.
We love our users, and we want to continue being able to develop the best password manager for them to use for many years into the future. To be able to do that, however, we can't exist on a revenue model that includes a truly "one-time fee." People tell us this regularly: they want to pay "one time" for 1Password, and we have to tell them such a setup doesn't exist. A "lifetime license" that includes all future upgrades for a single "one-time fee" just isn't a sustainable business model, which is why smaller, periodic payments are the way most software is sold. Continued development comes with continued costs for us (those dang developers enjoy eating), therefore long-term use of an app needs to have periodic upgrade costs as well. The only questions are: what's a reasonable period, and a reasonable cost? On desktop OSes, people are used to paying for full version upgrades, usually at a lower cost than the original license. But if a new version of 1Password for Windows or Mac is out every 18 months with a $64.99 retail price, and an individual 1password.com account is $2.99/mo, well, $2.99 x 18 works out to $53.82. Which makes it about a wash, even if you assume "upgrade" purchases are discounted. And if you use both platforms, plus one or more mobile platforms? The subscription is considerably less expensive. And if it's not just you but also a spouse and maybe a couple of kids? Definitely less expensive.
The bottom line is that we'll continue to offer both the standalone license model and 1password.com memberships in the upcoming full-version releases of 1Password 7 because we want our users to have choices and we realize those choices are based on a number of differing factors depending on individual situations. But we're not going to be shy about recommending the choice we think is better for the vast majority of our users -- and it's not because we (necessarily) make more money if users choose memberships, even if a glance at the historical record seems to indicate that might be the case.
0 -
@necktilt Use cases vary, my membership buys web access, iphone, ipad, android, work desktop, work mac laptop, home desktop, home laptop, and wondering if i missed one... concurrently. And always the latest. I am content. I want features ;) but for the fee, no issues.
0 -
Thanks for saying so, @AlwaysSortaCurious. :)
Ben
0
