1Password default Dropbox location for the keychain

Question about Dropbox and public sharing
I've just started using both 1Password and Dropbox and have a question related to the agilekeychain location in Dropbox and security.

The latest release of 1Password's integration with Dropbox provided a "Move to Dropbox" button. Very nice and very handy for setting this up on Dropbox. By selecting Move to Dropbox, 1Password placed the agilekeychain in the root folder of Dropbox. Easy, quick and simple.

My question is, by having the agilekeychain in the root folder of Dropbox is it possible thru some inadvertent sharing operation in Dropbox, I might to expose the keychain to the public that would not happen if, say, the location was in a subfolder? I ask this because, in searching via Google, I see references to issues with sharing with the public and implied sharing inheritance. I just don't want to do something in Dropbox that would inadvertently share the keychain.

Thanks,

Bill Krueger

Comments

  • thightower
    thightower
    Community Member
    edited February 2011
    Hi Bill,

    First off welcome to 1P and Dropbox,

    In re to your questions, the move to Dropbox button will suffice for the vast majority of our users, you are more than welcome to move it to a subfolder if you choose.

    In re to sharing you cannot share the root of your DB folder so with it being in the root you are fine and unless you did so on purpose there would be no way to share the keychain in the root. (It could be done but not easily)

    First off Dropbox offers 3 types of sharing , 1) shared folders where groups of people collaborate on a folder only between DB accounts (private invite only) 2) Shared folder as before but the link is external (this link can be shared and re shared) 3) the last is a true public link and is for all purposes just like number 2 except for individual files

    When you found those google results look like you saw an older bug in the DB system. In that a person shared folder A with user A, he then shared a second folder B (within folder A) with user B. In some cases user B could also see any other info placed into folder A not just what was shared with him.

    Basically I look at it like this don't Create NESTED folder in your share structure and expect to have all kinds of messed up sharing with folks and DB keep it straight.

    The DB team has fixed this if I am not mistaken. Take things slow and learn DB before you go sharing lots of info :)

    What quiet a few folks have done is put all the folder they share inside 1 large folder that doesn't get shared here is a screen shot of mine the folder called "Public Sharable links never gets shared. I only share the sub folder with whom ever needs it. http://bit.ly/eUc71x

    If it makes you easier move the keychain to DB via the move button then create a folder called 1Password and drag the keychain into it (let the sync finish) Then double click on the keychain 1P will ask if you want to switch to this keychain select yes you are all done on this machine.

    Rinse and repeat as desire on the other machine However all you would need to do is double click on the keychain and select yes on them NO MOVING NEEDED

    Maybe I have helped a little and not confused you even more.

    Here is how I have mine setup a folder just off the root called 1Password (original I know) :)http://bit.ly/hZUWmD
  • thightower
    thightower
    Community Member
    edited February 2011
    stu wrote:

    Thanks, Tommy, for the extra info - you're a legend :-)


    Haha, if its about one of my 2 fav subject you know I am gonna reply 1P and Dropbox. :)
This discussion has been closed.