Changing the Master Password how does it work

ntimo
ntimo
Community Member

Hello,

when I change the master password of my Vault. How does it work. I mean are all files and logins uploaded again encypted with the new key?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • hawkmoth
    hawkmoth
    Community Member

    When you change your master password, the encryption keys don't change. There is a discussion about how to go about creating new encryption keys here in the forum. You can read about that in this post.

    It would be nice if AglieBits found a way to generate new encryption keys whenever a new master password is created, though.

  • RichardPayne
    RichardPayne
    Community Member

    It would be nice if AglieBits found a way to generate new encryption keys whenever a new master password is created, though.

    There reason for not doing that is that it would be slow. Every piece of data in the vault would have to be re-encrypted.

  • hawkmoth
    hawkmoth
    Community Member

    I'll stop wishing now...

  • RichardPayne
    RichardPayne
    Community Member

    Don't get me wrong, I agree that it should be done.
    I don't actually see the value of having a speedy master password change that doesn't change the key. The speed is a non-issue for me as master password change is a relatively infrequent event.

    For me, this is the key risk:

    Changing the Master Password should not be a process that takes many minutes during which a power failure or computer crash might leave data unusable.

    However, that is easily mitigated by 1Password taking a backup as part of the master password change process. It would look something like this in my mind:

    1) Backup vault
    2) Store backup vault path in the main vault
    3) Prompt user for new master password.
    4) Create new new master key and encrypt it.
    5) Re-encrypt all of the entries one by one.
    6) Clear backup vault path from the vault

    One the program tries to load a vault then it looks for a stored backup vault path and if present then it informs the user of the error and prompts them with "Restore/Continue/Ignore" options with a good explanation of each:

    Restore: Delete the vault and restore the specified backup (obviously make sure that it exists first)
    Ignore: The error is incorrect. Remove the backup path from the vault and continue.
    Continue: Try to open the vault but leave the backup flag in place. This allows the user to check out the vault before commiting to the Ignore option.

    Regardless of the option that the user picks, the actual backup itself is not removed. It continues to live in the Backups folder like any other scheduled backup so if there turns out of be a problem that emerges further down the line then they can always go back to it.

  • Megan
    Megan
    1Password Alumni

    Hi @ntimo,

    I hope that the link Hawkmoth shared has given you the answers you need!

    @hawkmoth and @RichardPayne ,

    Thanks so much for your feedback here about the Master Password change process. We'll take this into account if we decide to redesign the process.

This discussion has been closed.