Is my master password ever transmitted over the internet?

JonD0H
JonD0H
Community Member

Hello,

I found this little tidbit in one of your support articles: "...Combined with your Master Password, your Account Key works similarly to two-factor authentication (2FA), but is much more powerful. This combination is not only used to encrypt your data, but also to authorize a device. Like your Master Password, it is never sent over the Internet, and your data cannot be decrypted without it. "
This was an support article focusing on the Account Key.

I guess I'm just looking for reassurance that at no point in time, wherever my vault is stored online (DropBox, iCloud, file server, etc.) or accessed from (MAC, PC, iOS etc.), my Master Password, or any other passwords from different vaults, is never transmitted.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @JonD0H,

    That's correct. The Master Password is never transmitted anywhere. It doesn't matter if you're using Dropbox, iCloud, Teams, etc... We use something called authenticated encryption as a means of verifying who you are, which doesn't require that we ever put your password on the wire.

    I love talking about how this stuff works, but I don't want to bore you with details you don't care to know. If you have any specific questions, do let me know and I'm happy to do a dump of information.

    Cheers.

    Rick

  • JonD0H
    JonD0H
    Community Member

    Awesome!

    Thanks for the quick reply to my paranoia!
    Please, do bore me with the details! I'm an IT tech by trade. I love knowing how things work 'under the hood'.

  • Hi @JonD0H ,

    We've got two documents that we think you'll like. The article you first read, regarding Account Keys, is for our 1Password for Teams offering. We have written a white paper which explains the security and design in detail. Especially see the sections (listed on the first page) on "True end-to-end encryption" and "Secure Remote Password"

    https://teams.1password.com/white-paper/

    Regarding the standalone 1Password - the one that syncs with Dropbox, Folder Sync, or iCloud. See the following articles:

    iCloud uses the newer opvault design. Dropbox and folder sync, can use the newer opvault design or older agilekeychain design.
    https://support.1password.com/opvault-design/
    https://support.1password.com/agile-keychain-design/

    The above keychain files are what is stored on sync service providers (iCloud or Dropbox). As you will see, there's no need to ever transmit your master password, and it never is.

    I hope this helps, please let us know if you have further questions.

    Cheers,
    Kevin

This discussion has been closed.