Upgrading to 1Password 7?

sjaffesjaffe Junior Member

I've read through the forums and I'm still confused. I sent an email message to support over a month ago and never got an answer. So: I currently have 1Password 6 on my Mac running Mac OS 10.13.6. I am not planning to upgrade it to Mojave any time soon as a lot of my software will not work if I do. I also use 1Password on my iPhone and an Android tablet. I don't generate new passwords on either of those two devices - I just use 1Password to fill in passwords when I need them. I generate all new passwords on the Mac. I sync the devices using Dropbox.

  • Do I need to go the subscription route to have and use 1Password on all 3 devices or can I continue to just do a standalone license for the Mac and continue to have access on the other two devices?

  • Am I required to use 2 factor authentication for anything? I consider 2 factor authentication a very bad idea and a broken concept (I can explain why in more detail but that's not the point of this post). Does 1Password 7 require me to use 2 factor authentication?

    • What exactly do I need to do to upgrade from 1Password 6 to 1Password 7? What, if anything has to be migrated? Do I need to create a new master password? Do I need to create a 1password account? What exactly are the necessary steps to upgrade and use 1Password on all 3 devices and in all browsers on those devices?

    • Is 1Password ready for the changes Apple is making that start with Safari 12?

    • Currently, I cannot fill passwords in windows opened by various apps (I have to use cut&paste) or in pop-up windows opened by various websites when I log need to log in to those sites. Is this fixed/changed in 1Password7?

Thank you.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • BenBen AWS Team

    Team Member

    Hi @sjaffe

    I sent an email message to support over a month ago and never got an answer.

    Hmm. I'm not seeing any emails as recent as that from you, and all of the ones I do see have responses. Did you get a support ID when you sent that email in? If so could you please post it here? If not, it is likely that we never received your message, which may explain why you have not received a reply.

    Do I need to go the subscription route to have and use 1Password on all 3 devices or can I continue to just do a standalone license for the Mac and continue to have access on the other two devices?

    You could purchase a 1Password 7 for Mac standalone license if that is what you prefer, but I'd highly recommend at least trialing membership to see how you like it before making a final decision.

    Am I required to use 2 factor authentication for anything?

    No. If you're using 1Password standalone there is no authentication involved, let alone two-factor authentication. The only time authentication comes into play at all is with membership, and there 2FA is optional (though 2SKD is required).

    I consider 2 factor authentication a very bad idea and a broken concept (I can explain why in more detail but that's not the point of this post).

    I'd suggest starting a new thread in the Lounge area of this forum to discuss further. I suspect there may be a few people here who would be interested in the topic (myself included).

    What exactly do I need to do to upgrade from 1Password 6 to 1Password 7? What, if anything has to be migrated? Do I need to create a new master password? Do I need to create a 1password account? What exactly are the necessary steps to upgrade and use 1Password on all 3 devices and in all browsers on those devices?

    If you upgrade to a 1Password membership you will create an account on 1Password.com which you can either use your existing or a new Master Password for. We recommend using the existing one, unless you suspect it is weak or reused. Migration instructions can be found here:

    Move your existing 1Password data to a 1Password account

    This can be done in 1Password 6 prior to installing v7. Please pay special attention to the instructions regarding deleting the Primary vault from each device once complete, as that is important.

    If you're going the license route you'll need to install the 1Password 7 app and then purchase a license from the welcome screen within ("need a license? we have those too").

    Is 1Password ready for the changes Apple is making that start with Safari 12?

    1Password 7.2 is fully compatible with Safari 12 and uses the new Safari App Extension framework, rather than the depreciated Safari Extensions Gallery style extension in use in previous versions.

    So: I currently have 1Password 6 on my Mac running Mac OS 10.13.6. I am not planning to upgrade it to Mojave any time soon

    I understand, but just for the record we always recommend running the latest versions of 1Password and your operating system. We don't generally guarantee backwards compatibility with any given release.

    Currently, I cannot fill passwords in windows opened by various apps (I have to use cut&paste) or in pop-up windows opened by various websites when I log need to log in to those sites. Is this fixed/changed in 1Password7?

    1Password for Mac cannot fill into apps other than web browsers, but this has become more convenient in 1Password 7 as command backslash (Cmd+) has become a global shortcut and in most cases can open 1Password mini to the login item for the app you're using. You'd still need to copy & paste, but getting to the spot to do that should be quicker in v7.

    Pop-up windows shouldn't generally be a problem. If you notice instances where this isn't working please open a thread in the Saving & Filling category on the forum.

    I hope that helps. Should you have any other questions or concerns, please feel free to ask.

    Ben

  • dancodanco Senior Member Community Moderator

    sjaffe
    Tou say that a lot of your software will not work with Mojave. You may be right, but it is also possible that you have misunderstood Apple's warning.

    I think they say that 32-bit applications won't work "without compromise" on Mojave. As I understand it (but am no expert on this), they will still work on Mojave (MacOS 10.14) but may slow down the system. It is only with 10.15 that they will stop working completely. Anyway, many of us won't upgrade to a .0 version of the OS, and in a few months we will know more about how old apps work with Mojave.

  • BenBen AWS Team

    Team Member

    Indeed. I suspect many apps that aren't currently advertised as being compatible will add compatibility over the coming months. Afterall, most of these software publishers don't want folks stuck on old versions of OSes or their products either.

    Ben

  • sjaffesjaffe Junior Member

    I don't know how to respond with quoting a previous comment on this forum so bear with me...

    @Ben: Addressing a few of your points:
    - I don't have a support ID for the last message sent. It's irrelevant since most of the questions I had were either answered elsewhere to someone else asking the same question, or answered in this thread.

    • My problem with the membership is the same as other people's I think: cost. 1 year's membership is not that much less than buying a new license every year. It's certainly more expensive to buy a membership for 2 years than it is to buy a license and use it for 2 years. It only becomes cost-effective if I have to buy multiple licenses.

      • You didn't answer the question as to whether or not I would need to buy a license for each other device that I use 1Password on. Remember, none of them are primary vaults. They use the data that is synced from the Mac via Dropbox. Right now, I only have the one license - the one for the Mac. I don't have a separate license for the iPhone or the Android tablet.

      • 2SKD is not something that I think I need to worry about in the sense that I still only need to enter 1 password (the Master Password) to access my other passwords and data. The "secret key" is something the software handles silently. I used to support Kerberos many years ago and the "secret key" sounds very much like the system key that Kerberos used to authenticate a machine and it was hidden from the user. 2-factor authentication is something else entirely and it's a broken concept because it doesn't work in practice when you really need it to work, especially Apple's implementation. If you want me to post on it, I can, but I'm not sure what "Lounge" you're referring to in your message. I don't use this forum very much at all... ;-)

      • I'm failing to understand what having a 1password.com account does for me or why it is necessary. The way you refer to it, and talk about migrating data to it, sounds very much like this is a cloud concept. That is, the data is no longer stored on my machine but on another machine somewhere else that I access via the net just like cloud data. This is another bad idea which leads me to one of the reasons I won't be upgrading to Mojave any time soon - one of my most critical applications is Quicken which stores all my financial data. The version I have won't work any more in Mojave (Apple and Quicken have both said so) and the current versions of Quicken store all the data in the cloud. Not going to happen as far as I'm concerned. So, moving to Mojave will wait until I can find replacement software for Quicken that doesn't store the data in the cloud. Why is storing in the cloud a bad idea? One way to provide security for anything is to prohibit access to where it's located. When data is on my machine, it's secure because thieves can't find it and don't have access to it. Store data in the cloud, and it's easier to find and easier to get access. Even if it's encrypted, as computers become faster and data that's encrypted is easier to decode, that makes the data more vulnerable to attack. Even if someone can't steal it, they can prevent you from having access to it. Cloud storage of non-critical stuff like photos or shared documents is one thing. Cloud storage for financial data, or passwords is a very bad idea. Note: syncing via dropbox is, admittedly, risky. But, I can disconnect my machines from dropbox if dropbox get compromised and sync another way and change all my passwords. If the only place that the information was stored was dropbox (or 1password.com) then once someone gains access to it, I no longer have control over it. And changing any of the data won't stop them from still having access to the changes.

      • Storage in the cloud is one thing. If a 1password.com account means that I always need to have Internet access to use 1Password, then that's a bad idea too. There have been many times when I needed to access passwords in 1password when I didn't have access tp the Internet - most recently was when I was trying to rebuild my LAN after a problem and I needed the password to the router that was stored in 1Password. I could get it from the Mac because the Mac had the data and didn't need to be connected to any network to get it. If the Mac had needed to be connected to the network in order to access that password, I would have been SOL. So, the question that all this brings up is: does having a subscription and a 1password account mean that the device must be connected to the Internet in order to access the passwords that are stored in the password database?

    To @danco: Apple may say that 32-bit applications won't work "without compromise" and claim that they will continue to work... but my experience with Apple is that they are overly optimistic. When they had the last major shift like this, everything I used that was basically critical had stopped working and I had to spend a small fortune to replace all the software that I needed even though Apple said that the software would continue to work. Another example: When I got my new Mac, they claimed that everything from the old machine would be downloaded from the backup device (which had been created using Apple's Time Machine on an Apple device so there's no 3rd party anything involved). It actually took me about 3 weeks to recreate everything and some stuff was permanently lost because things didn't get restored from the backup device. But none of this has anything to do with 1Password so it's mostly a digression. :-)

  • brentybrenty

    Team Member

    @sjaffe: Well, you started this particular thread, so a digression is probably your prerogative. ;) I'm glad you were able to recover your data.Time Machine is awesome, but like anything it isn't perfect, so I prefer to use that along with other backup methods, both for redundancy and flexibility (e.g. being able to grab an old version of a single file versus a bootable full-disk backup).

    Regarding the Support ID for when you tried to contact us previously, that makes sense: I'm sorry that we didn't get back to you there, but so long as your questions have been answered that's the important thing for now I think. Just be sure to let us know if you have any others. :)

    My problem with the membership is the same as other people's I think: cost. 1 year's membership is not that much less than buying a new license every year. It's certainly more expensive to buy a membership for 2 years than it is to buy a license and use it for 2 years. It only becomes cost-effective if I have to buy multiple licenses.

    Oh absolutely. When you're talking about a single license, that makes sense. But it's an apples and oranges comparison really, since 1) most people use 1Password on multiple platforms, and 2) a 1Password.com membership includes a lot more than just "licenses" for the apps — particularly relevant to your comments above, automatic offsite backup for your 1Password data, which I think tends to be super important stuff for most people, so that you can access it even if all of your devices are lost, stolen, or destroyed, just by signing into your account on a new device. item history can be a life saver too, and those are just two specific examples of features. Something to consider.

    You didn't answer the question as to whether or not I would need to buy a license for each other device that I use 1Password on. Remember, none of them are primary vaults. They use the data that is synced from the Mac via Dropbox. Right now, I only have the one license - the one for the Mac. I don't have a separate license for the iPhone or the Android tablet.

    1Password isn't licensed per-device. Rather, each person just needs a license for the specific version they want to use. For instance, if you're only using Macs, a license for 1Password for Mac version 7 will work on all your devices. You'd only need to buy the other apps if you wanted to use the latest Windows, iOS, Android versions, etc.

    2SKD is not something that I think I need to worry about in the sense that I still only need to enter 1 password (the Master Password) to access my other passwords and data. The "secret key" is something the software handles silently. I used to support Kerberos many years ago and the "secret key" sounds very much like the system key that Kerberos used to authenticate a machine and it was hidden from the user. 2-factor authentication is something else entirely and it's a broken concept because it doesn't work in practice when you really need it to work, especially Apple's implementation. If you want me to post on it, I can, but I'm not sure what "Lounge" you're referring to in your message. I don't use this forum very much at all... ;-)

    2KSD isn't something we expect most people to care about or think about, but it's important to many of our customers and to us how their data is secured — even if not everyone knows, or wants to. :)

    I think it's definitely work opening a separate discussion if you want to get into more of the details, but definitely check out the security white paper first in case you'll have questions, as 1Password works very differently than other services like this. Specifically, 1Password is encryption based first and foremost, and we use SRP to ensure that we never have anyone's secrets, so that they cannot be stolen from us or misused by us no matter what — whereas most services store your password on their servers; even if salted and hashed, those can be stolen and attacked offline. I'm going to stop there, because it's an incredibility rich topic, and I both want to tease a bit and also not carry on here for too long. :lol: Anyway, it seems like you're making a lot of assumptions here, so I think it would be best at this point to take a look first and ask questions instead. But I'll try to address some of these misconceptions below:

  • brentybrenty

    Team Member

    I'm failing to understand what having a 1password.com account does for me or why it is necessary.

    @sjaffe: It isn't necessary. It's just a new way to use 1Password, which includes all of the apps, all updates, and a bunch of awesome features we couldn't build without this kind of infrastructure. Definitely take a look, or better yet give it a test drive, and let us know if you have questions.

    The way you refer to it, and talk about migrating data to it, sounds very much like this is a cloud concept. That is, the data is no longer stored on my machine but on another machine somewhere else that I access via the net just like cloud data. This is another bad idea which leads me to one of the reasons I won't be upgrading to Mojave any time soon [...]

    1Password.com memberships are a hosted service, but this works very differently from what you're describing. First, 1Password still works the same way you're use to: you can access your data offline. You may be wondering what is the point of it being a hosted service in that case, but the only way to offer seamless sync and licensing everywhere — across OSes, app stores, and network environments — was for us to build this.

    Why is storing in the cloud a bad idea? One way to provide security for anything is to prohibit access to where it's located. When data is on my machine, it's secure because thieves can't find it and don't have access to it. Store data in the cloud, and it's easier to find and easier to get access. Even if it's encrypted, as computers become faster and data that's encrypted is easier to decode, that makes the data more vulnerable to attack. Even if someone can't steal it, they can prevent you from having access to it.

    None of that is strictly true. Certainly all of that applies in some cases, but saying "storing data in the cloud is a bad idea" is similar to saying "going swimming is a bad idea" since it is possible to drown. Just because there is a chance that something bad could happen doesn't mean we all lock ourselves in bunkers and live off of groundwater and hydroponic food supplies. And, actually, even though there is a chance of something bad happening swimming, driving, flying, etc., the probability is very slim. And frankly that's because there are a lot of factors that cannot be controlled. Math — and therefore encryption — is less volatile, to put it mildly. A cryptographic function will not change based on the weather or human factors. So while there are certainly risks to digital security, they are knowable, and we can plan accordingly. As just a few short examples, we make sure we never have the "keys" to anyone's data, since someone could potentially break into our server someday; and the 1Password apps work even in the case of scheduled or emergency downtime of our server (or Dropbox), or an outage of your own internet connection; and we can not only make changes to harden 1Password against new attacks or improvements of old ones, but also 1Password.com ensures we can push these out to members without them having to decide whether or not to upgrade. And as far as "easier access", you're welcome to try. But you'll find that even you cannot get your data without your Secret Key and Master Password, which are both needed to decrypt it. So the bad guys can't either. At the end of the day, it will be much easier for an attacker to get your data from you than from us, not only because of the ongoing effort and investment we put into our own security, but also because they'd have to get the "keys" directly from you anyway.

    Cloud storage of non-critical stuff like photos or shared documents is one thing. Cloud storage for financial data, or passwords is a very bad idea. Note: syncing via dropbox is, admittedly, risky. But, I can disconnect my machines from dropbox if dropbox get compromised and sync another way and change all my passwords. If the only place that the information was stored was dropbox (or 1password.com) then once someone gains access to it, I no longer have control over it. And changing any of the data won't stop them from still having access to the changes.

    Actually, you can change your Secret Key and/or Master Password at any time, so yes, that would prevent someone from accessing future changes even if you gave them those "keys" to decrypt your data previously for some reason. You'd just need to change any other passwords they might be able to use to access your accounts, and they'd be locked out going forward.

    Storage in the cloud is one thing. If a 1password.com account means that I always need to have Internet access to use 1Password, then that's a bad idea too. [...] So, the question that all this brings up is: does having a subscription and a 1password account mean that the device must be connected to the Internet in order to access the passwords that are stored in the password database?

    No. The apps are the same. With a 1Password.com membership, just as with how you've been using 1Password already, you can access your data without internet. You just can't magically sync data between devices without internet, or do other things that also would require a connection — logging into websites, changing account settings, etc.

    Anyway, this is just sort of the tip of the iceberg since you didn't really ask many questions and I was just trying to clarify what I could, so please let me know if you have any at all. :)

  • sjaffesjaffe Junior Member

    @brenty I only have one question left which still isn't clear. You've always said, even with 1Password 6, IIRC, that a license is needed for each device. Yet, I am able to use 1Password on my iPhone and my Android tablet, and I only have 1 license for the copy on my Mac. So, it's still not clear to me, with 1Password 7 whether or not anything has changed and whether or not I would need a separate license to use 1Password on my iPhone and my Android tablet or if the apps there will continue to work as is. This is really a "yes" or "no" thing: if I buy a license for 1Password 7 for my Mac, do I need to buy a license for the app on the iPhone and a license for the app on the Android tablet? "Yes" or "No"?

    As for your comments about cloud and security: you, like many people in the computer security industry are deluding yourself. If data is on the Internet, thieves can get at it. Period. There is NO security that anyone can devise that someone else can't crack given enough time and effort. That's a basic concept that's beyond most people's comprehension because they delude themselves into thinking that the security they wrote is impregnable . The question then comes up: why bother at all? Here's the other part of that: the whole point of security, whether it's a lock on a door, a password, an encrypted file, or whatever you can imagine is to make the thief expend more effort to get at what's being protected, than the value the thief would gain. That's the basic. If something is valuable enough, a thief will go through a lot of effort to get at it. If it's not all that valuable, the thief won't waste their time and go somewhere else that's easier.

    Saying that you have unbreakable encryption, or hidden Secret Keys or whatever is nice... but if a thief really wants to get at it, they will make every effort and sooner or later will succeed.... if they think what they would get is valuable enough. But, if getting at the passwords in your service is difficult, (which it sounds like it is) the thief probably won't even bother with trying to break into your site, they'd go elsewhere... like to the web sites and services themselves. That is, the thief won't try to break into your dataset for my bank password, they'll break into the bank's servers instead because the bank has less security (most banks do not have great online security). If the bank upgrades their security, and it's more difficult to break into there than it is to break into your data, your data becomes a target instead. The thief will go where it's easiest and requires the least effort.

    But, saying that your encryption is unbreakable is just deluding yourself. Nothing is unbreakable. If someone can write it, someone else can break it.

    I'm reminded of a story from a co-worker: he went to a conference many years ago and attended a lecture on Kerberos. Kerberos, as you may know, uses one-way encryption for the storage of passwords and, like your system, never actually stores the real password, or even transmits the password across the net. The lecture was about the introduction of 128-bit Kerberos, and the math was very complex showing how the encryption was one-way and couldn't be reversed - that is, if you knew the hash that was stored in the Kerberos database, you couldn't derive the password from it so that you could use the password. I'm simplifying things for the sake of the story but I think you get the point. The end of the story: by the end of the 1.5 hour lecture on how the math was impregnable and that it was truly a one-way encryption, etc. two researchers in the back of the lecture hall had cracked the math and broken it and were able to show that the new 128-bit Kerberos was not impregnable and was not truly a one-way encryption. They stunned everyone.

    The point of the story is to illustrate my point: no matter how impregnable you think your math is, if someone really wants to break it, they probably can with enough time and effort. And just because it's difficult to break the code doesn't mean it's impossible to break the code.

  • BenBen AWS Team

    Team Member

    With 1Password for iOS the Pro features do indeed require a separate in-app purchase (or membership) but the base app is free for use with 1Password for Mac. 1Password for Android works very similarly.

    As for breaking the encryption... I don’t see where we’ve said what you claim we’ve said. You may want to check out this thread:

    World Password Day cracking challenge — 1Password Forum

    The point being that we’ve offered a not-insignificant amount of money and nobody has been able to crack even one password in months. Now, we actually want people to crack these passwords, and so we’ve upped the monetary compensation and offered hints. They still have yet to be cracked. The point isn’t that it is impossible but rather that it is impractical due to the monetary cost and time involved in doing so. Also, AES 256 itself has never been broken in any way that is meaningful / relevant to 1Password:

    Was AES-256 cracked or not? - Quora

    So certainly someone can ultimately try every possible combination, but there are so many combinations that unless there is high confidence of significant value to be gained it just isn’t worth trying (and also may take longer than that individual’s lifetime). As you mentioned there are likely better avenues (such as social engineering or the good old ‘wrench trick’):

    xkcd: Security

    There is an opportunity cost to such things. If you’re dedicating your computing power to cracking Joe Blow’s password you aren’t using it for other tasks which are likely to be more profitible.

    If data is on the internet, thieves can get at it. Period.

    Your devices are connected to the internet, right? ;) Also: I’d suggest that perhaps a better argument is: “if data exists, thieves can get at it. Period.” (a la wrench trick).

    Ben

  • dancodanco Senior Member Community Moderator

    You've always said, even with 1Password 6, IIRC, that a license is needed for each device

    For the benefit of others, not sjaffe who posted this remark.

    It's never been true that each device needed a licence. However, each platform needs a licence (if one goes with licences rather than subscriptions). That is, one licence would cover all the Macs a person owns, but a separate licence would be needed for all Windows machines.

  • BenBen AWS Team

    Team Member

    Good catch, @danco. :)

    Ben

  • brentybrenty

    Team Member
    edited September 2018

    @sjaffe: I said none of these things: "impregnable", "unbreakable", "impossible". Math cannot be "cracked" though; it isn't magical. At most, shortcuts can be found, and, more commonly, advances in technology simply make hard math faster with better equipment over time. And we can (and do) make the calculations necessary harder over time too, and can also change our methods if needed, say, if AES is suddenly found to have a critical flaw after decades of people hammering on it. At the end of the day though, something we never have can also never be stolen from us. Contrary to the absurd claims you're attributing to me/us, we know that someone could break into our server someday. That's why apart from our own efforts, we participate in external audits and cooperate with independent security researchers to find any weaknesses so we can address them. And, most importantly, that's why we do not possess 1Password users' secrets in the first place. Food for thought.

  • sjaffesjaffe Junior Member

    AES-256 has never been proved to be secure. It's only the case that no one has cracked it. Yet. Anything written, anything devised, can be cracked. As math develops, as computers get faster, as techniques change, it will be cracked (there are some that suspect that the NSA has already cracked it). Compare with Fermat's Last Theorem, stated in 1637 that no one knew how to prove until the 1990s. It lasted 300+ years before someone was able to prove it. It took changes in mathematical thought, computers, and other changes before someone was able to prove what Fermat said 300 years before in the margin of a paper. And, yes, math can be "cracked".

    The best you can say though about AES-256 is that no one has a way to crack it that we know about.

    As for the rest of it, you merely echoed what I said: the point of security is not to make it impossible for what's being protected to be stolen but rather to make it not worth the effort to try.

    You think just because you don't know of anyone that has broken your code, that it can't be broken. You say that you've offered "not insignificant amounts of money" to people who can crack the passwords but no one has. Have you ever stopped to think that maybe people have cracked the passwords but they don't want you to know they have, even for the money you offer because being able to crack the passwords is more valuable? Consider: if you have a locked door and I have a key, would I want you to know I have a key? If I tell you I have a key, you would change the locks which would not be useful to me. In the same way, maybe someone (or many someones) have cracked those passwords but they just haven't told you because it's more useful to them to be able to crack the passwords.

  • BenBen AWS Team

    Team Member

    You think just because you don't know of anyone that has broken your code, that it can't be broken.

    Please stop putting words in our mouths. We did not say that (I said quite the opposite in fact), and that is not our position.

    We’re confident that it would be possible to brute force the password given enough time and money. That’s the point of the challenge: to find out how much time and how much money it takes. So far we’re talking a matter of months and quite a bit of money.

    Ben

  • brentybrenty

    Team Member

    @sjaffe: If you're only willing to accept that something is secure because it can be proven to be "uncrackable", I don't know what to tell you. That severely limits your options, as that's not possible to prove, just as you cannot prove this:

    Anything written, anything devised, can be cracked.

    Maybe you mean that, given sufficient time and technology, it is possible to brute force any encryption. We can agree on that, which is why it's so important that 1Password (and iOS, and Android, and macOS, and Windows, and Linux, Chrome OS, etc., which all also use AES encryption) use the math to make brute force attacks take more resources and time than any of us have. So while it's true that all of our data will almost certainly be accessible in the future after enough guesses, pushing that out far enough sort of makes it irrelevant. That's what we're doing with 1Password. Your 300 year example isn't one of something being "cracked".

    AES is decades old already, and there's a lot of incentive for people to find weaknesses or simply improve the efficacy of brute force attacks, since it's in use almost everywhere. We're in a position with 1Password to move quickly to make changes if needed. That's probably going to be more difficult for things like OSes, which tend to be big ships that are much harder to turn. So when I think about the potentiality of issues being found with AES, I'm more concerned about device security than I am about 1Password, since only a fairly small/quick (though probably not minor, in this hypothetical) update would be required. So, as a user, it's not something I lose sleep over. As a 1Password team member though, that would be a very busy time for us, to say the least. :crazy:

    The best you can say though about AES-256 is that no one has a way to crack it that we know about.

    That's implicit in what I said in my previous reply:

    if AES is suddenly found to have a critical flaw after decades of people hammering on it

    Also, you're right:

    the point of security is not to make it impossible for what's being protected to be stolen but rather to make it not worth the effort to try.

    You said it much better than I did. :)

    I also realized that I didn't address the point you made earlier, which I'd meant to, because it's a good one:

    One way to provide security for anything is to prohibit access to where it's located.

    Indeed, but I hope you'll understand that we can't build 1Password's security on the assumption that attackers will not get users' encrypted data, so it needs to withstand attack even if your device is stolen, or encrypted data stored on our server is. I touched on that earlier, but it's significant enough to be worth reiterating: 1Password's security isn't based on the hope that your stuff won't fall into the wrong hands. Our assumption is that it will, and so we've planned accordingly.

    Consider: if you have a locked door and I have a key, would I want you to know I have a key? If I tell you I have a key, you would change the locks which would not be useful to me. In the same way, maybe someone (or many someones) have cracked those passwords but they just haven't told you because it's more useful to them to be able to crack the passwords.

    Totally. But let's not get confused about what we're talking about here. There is no magical single password that can be brute forced to get into 1Password.com or even a single 1Password.com account. Let's say that someone successfully guesses or otherwise learns someone's Master Password. Maybe it was weak, or they were just seen entering it somewhere. Okay, but the attacker would still their 128-bit, randomly-generated Secret Key in order to sign into their account. And if they do get that, the account owner will be notified, and can change both their Master Password and Secret Key, as I mentioned above. Using two-factor authentication would also help in that case.

    You're right about a lot of different threats you've described, and you're right to be concerned about security. Heck, we are too. But it's important to keep the context in mind as far as application. Rather than blacks and whites, absolutes, as you seem to be both presenting your own arguments and twisting ours, there is mostly grey. We — at 1Password — need to offer protections against various threats, just as we — as users — need to be actively involved in our own security, using the available tools appropriately. I hope my example above helps paint a clearer picture.

  • sjaffesjaffe Junior Member

    Well, I wasn't speaking only of brute force attacks. The point I made about Fermat's Last Theorem taking 300 years to prove was misunderstood. The point of it is that just because no one has come up with the math to break AES-256 in the last decade doesn't mean that someone won't in the next. Fermat's Last Theorem took 300 years to prove because of the development of new math techniques and new computing power. AES-256 may take that long... or it might be broken next week using newly discovered or developed methods, computing power, etc.

    Also, even though brute force may take a very long time (depending on the password it could take millennia to brute force) that's using the assumption that we continue to use digital computing and current techniques. Look up quantum computing. When quantum computing becomes a serious and practical reality (currently, there are only test instances but it's well on its way) brute force methods of attack that might have taken millennia could take mere hours or minutes. One of the major applications of quantum computing is cryptanalysis and AES is particularly vulnerable to certain attacks using quantum computing methods. Read "The Impact of Quantum Computing on Present Cryptography", International Journal of Advanced Computer Science and Applications (IJACSA). March 2018.

    Finally, 2-factor authentication certainly does protect data... in my case, it protected it so well that on 3 occasions I was unable to access my own accounts. That's one of the reasons why 2-factor authentication, to me, is a proven failure and not practical. But you don't seem particularly open to new and different ideas so I'm not even going to bother opening a discussion on this.

    I'm just going to end with this: In the end, the question is what's the best way to protect data right now. But let's not fool ourselves into thinking that just because the security works today, doesn't mean it won't fail tomorrow. The most important tool for protection/security: vigilance.

  • LarsLars Junior Member

    Team Member

    @sjaffe

    But let's not fool ourselves into thinking that just because the security works today, doesn't mean it won't fail tomorrow. The most important tool for protection/security: vigilance.

    Indeed. Concepts it's easy to see we live by here, if one reads our documentation. Thanks for the discussion, and stay safe out there. :)

  • BenBen AWS Team

    Team Member

    But let's not fool ourselves into thinking that just because the security works today, doesn't mean it won't fail tomorrow. The most important tool for protection/security: vigilance.

    We can absolutely agree on that. I think if you take a look at our release notes you’ll find that we’re pretty Agile (pun intended).

    Ben

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file