Master Password & Dropbox

Hey folks.

I'm not sure if this is a bug or a change in behavior but I have a weird issue. When I change the master password on my Mac or iOS device, my other devices don't recognize the new password. I have to go through each device syncing the vault stored on Dropbox and manually change the password.

Is this an expected behavior or a bug? If it is expected, it seems a bit weird purely from a security perspective.

Any insight would be appreciated.

Thanks.

Comments

  • MrRooniMrRooni

    Team Member

    @foad After changing your password on your Mac, perform a sync on your iOS devices, then lock them and try unlocking with the new password. Let me know if that works.

  • That didn't work but deleting the beta and reinstalling it restored it to working as expected.

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @foad,

    If it is expected, it seems a bit weird purely from a security perspective.

    Your password isn't updated on the fly right away because of the potential issue where if the encryption key encrypted by your newer master password doesn't work correctly, you could be locked out. So, we keep copies and only get rid of the old key once you can unlock the new key correctly. That's why you have to first perform the sync to grab the new key, lock, and unlock once more when the app detects the newer key. If it doesn't work, we don't use it and you'd be able to unlock with the original key via your older master password.

    That didn't work but deleting the beta and reinstalling it restored it to working as expected.

    Do you mean after reinstalling the beta, changing the master password via your Mac did work or do you mean reinstalling would use the newer master password but you haven't changed it again?

  • Your password isn't updated on the fly right away because of the potential issue where if the encryption key encrypted by your newer master password doesn't work correctly, you could be locked out. So, we keep copies and only get rid of the old key once you can unlock the new key correctly. That's why you have to first perform the sync to grab the new key, lock, and unlock once more when the app detects the newer key. If it doesn't work, we don't use it and you'd be able to unlock with the original key via your older master password.

    Thanks for the clarification. It makes complete sense and isn't weird to me anymore. ;)

    Do you mean after reinstalling the beta, changing the master password via your Mac did work or do you mean reinstalling would use the newer master password but you haven't changed it again?

    Reinstalling the beta made it so that changing the Master Password and taking the steps you provided worked. Prior to reinstalling the beta, the steps you provided didn't work.

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @foad,

    Reinstalling the beta made it so that changing the Master Password and taking the steps you provided worked. Prior to reinstalling the beta, the steps you provided didn't work.

    Huh, that is super weird. That suggests the problem may be related to the way we keep records of your sync state. Maybe the sync state was updated improperly and the app never knew that a new encryption key was downloaded. A reinstall would reset the state but disabling and re-enabling the Dropbox sync would do that as well.

    Can you tell me if you've tried disabling and re-enabling the sync while you had this issue?

  • Apologies for the late reply.

    In general I've had weird things happen with Dropbox sync. Occasionally I have to disable and enable sync because devices will randomly not sync new logins. I think the root issue might be the same.

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @foad,

    Is it more stable now? We've made a lot of changes in our sync subsystem for 1Password 5.2 and we expect this update should fix all the reported issues with Dropbox.

  • @MikeT‌ just installed the latest beta. Putting it through its paces. I'll follow up shortly.

  • MikeTMikeT Agile Samurai

    Team Member

    Great, thanks!

  • A quick update. I installed the latest beta through TF on both my iPhone and iPad.

    On the iPhone everything went smoothly during getting 1P authenticated with Dropbox and the initial sync running.

    On my iPad, the authentication went smoothly but it errored during the initial sync. Disabling Dropbox sync and enabling it again worked.

    So far, everything else is working better.

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @foad,

    Please do not try to rely on disabling and re-enabling the sync each time, it should only be done as the last resort, and only after we ask you to. We need to know what the error was, so we can fix it in the code, and then ask you to try again in a new beta update. Also, by doing this each time, you're resetting the sync state for the vault and would be merging the data again instead of resuming the sync. In other words, 1Password would be downloading the whole vault at once and checking each item against the local database.

    Do you recall what the error said?

    My guess is that you were rate-limited by Dropbox, you were downloading too many items within 1Password in a specific period of time. So, 1Password error'ed out because of this. Waiting a few minutes or an hour would've resolve the error on its own.

  • @MikeT I hear you loud and clear. Thanks for the info. I don't recall the error but I think you're right in that it might have been related to rate limiting.

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @foad,

    Great to know. Hopefully, everything's all good from now on, please keep us informed of any changes.

    Thanks for your help here.

This discussion has been closed.