Master Password change not syncing - can we shut everything down, please?

Hi @thinkthrive,

Below is what I advise. It's going to seem like a lot but after you do all of this you can feel safe again and that's important.

Here is how to fully change the Master Password and force new encryption keys. I will be assume a single Primary vault.

General Warning to all users. This is an advanced topic and you had better know exactly what you're doing. Your data is at risk if you don't.

Exporting your vault(s) to start over in 1Password 5.1 for Mac

1. Launch 1Password for Mac on your Mac and disable Dropbox sync of your Primary vault. You can do this by entering 1Password's preferences and switching to the Sync tab. In the menu option select None. In the confirmation window that appears you can tick the checkbox titled Delete data from Dropbox before clicking Disable Sync.
2. Close the preference window and now use the File > Export > All Items... drop down menu option. You will be asked for your Master Password as a security precaution.
3. When you export it is important the file format is set to 1Password Interchangeable Format (.1pif) and you want to save this somewhere like your Desktop - do not save in Dropbox as this is an unencrypted copy of your vault.
4. Follow the steps in our How do I start over with an empty vault? guide.
5. Follow the steps in our Running 1Password for the first time guide and create a new primary vault. Here is where you decide on a new Master Password.
6. Import the .1pif file you created in step 2. using the File > Import... drop down menu option. Selecting the .1pif folder (not the contents) will enable the Open button.
7. With your .1pif imported, check your vault to ensure everything looks good.
8. If all is correct securely delete the the .1pif folder as the .1pif data is unencrypted and so not safe to keep long term.
9. Re-enable Dropbox syncing in your copy of 1Password.
10. Personally I'd then follow the How do I start over with an empty vault? guide for all the other Macs and then follow the Finding existing 1Password data during setup guide. You should find it picks up the new .agilekeychain straight away though. For iOS devices the guides are How do I start over with an empty vault? and Existing 1Password user.

This will result in a fresh Primary vault on all devices using the new sync data with the new encryption keys and Master Password.

This at least blocks further modifications being visible to the terminated employee but there is more to do. While access to the new .agilekeychain won't do them much good they shouldn't have access to it full stop.

If you all share a single Dropbox account then the password needs changed so they can't access Dropbox at all. If you have a Login item for Dropbox my recommendation would be to update the Login item with the new password you intend to use before you change it. Make sure all of your staff ensure the updated password has synced. Then when you change it on Dropbox they can all access the new password to re-enable access in a way easier than having to contact each person in turn.

If you simply shared access to a particular folder from one Dropbox account to others then you can simply remove their access. In fact if this is the case you can do this before all of the steps above.

Sorry, it still isn't over. You should consider all the accounts stored in your Primary vault at risk until you've systematically changed them all, starting with the more sensitive and working your way down to the least important. There is not a way to remove access to the copy of the vault they have access to assuming the vault is synced to any machine or device that they own. So you will want to change all passwords but only after having created a new Master Password and new encryption keys.

Please take the time to read all the steps thoroughly and make sure you feel happy about what it all entails. Any questions do please, please ask.

Hi @thinkthrive,

I can easily understand why you would be disappointed but I suspect it's a tricky situation. From a commercial perspective I can see why such functionality would be a massive boon. One of the appeals of 1Password, for myself included, was the hands off approach to the data. The application is completely under my control as is my data. Some of our customers would not be happy if there was a way to remotely remove a vault. So while I see your point it is something that would have to be approached very delicately and only under the right circumstances.

It will sound odd but there is one small benefit to being acutely aware that they have a copy of the vault. At any point they could have backed up the vault elsewhere, copied passwords etc. Right now you know you need to change these passwords rather than having any false sense of security and you may not agree with me but I think being annoyed is a much better position to be in in contrast to believing you're safe. The last thing I would want you to do is believe something if it wasn't completely true. It's why I argue against the idea of forcing password concealment in 1Password. It isn't a safety measure because if the password is being entered into a web page then it can be retrieved. If we have forced password concealment somebody will probably believe it isn't possible to know what the password is when the reality is a very small JavaScript snippet negates it.

Sadly we do not have a way to automatically update all passwords. Every website is very different from the URL of the change log in page, if you have to visit other pages prior to the actual page and even the page itself. With that number of variables it is a case of manually changing them one by one. It is an extremely tedious task but it is an important one.

I do apologise that I don't have any good answers.