I am currently using 1P 4, in trial period, and android app. I've been reading 1P forum about how 1P online secures the data.
I understand that 1 P servers does not "stores" our data so if 1P ever gets hacked, the hacker lands up with an encrypted blob. Also, it's said that the Master Password and vault is never transmitted.
With these bits already known, I have the following queries, the answer might be a bit technical, but I'm ok with technical answers to secure my data:
If 1P online, does stores encrypted vault and master password is never transmitted, how is the data visible when one logs into 1P ?
Is there a way, I can use 1P online as well as dropbox ? Of course, both these needs to be in synch.
How does 1P app (I use android app), knows which dropbox or 1P online account to point to ? Couldn't find any such setting
Where is the vault located if I am using 1P online ? My disk , I presume. Is the vault on my disk, encrypted there too ?
Every time I try to login to 1P online, it asks for account key also. How can I know if the browser is deleting the account key information automatically, which leads to 1P asking for account key at every logon ?
It seems the only possible way of security breach is from the user's end i.e. if browser is compromised or key strokes are read by malware. Being a security company, could you please guide on how to (a) know if my device - both laptop and phone (Android, Samsung Note 4) is already compromised (b) if the browser is not reading the contents typed in it (c) Some other app does not reads my key strokes.
Just want to make sure nothing is sniffing while I am creating AND using the account key or master password.
You guys rock !! the more I know about 1P, the more I fall in love with it. Kudos to you guys for making it.
1Password Version: 4
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: dropbox