iMac going into apple service to replace bluetooth radio, will my 1pass account be secure?
My new iMac apparently has a bad bluetooth radio rendering mouse and keyboard intermittent. Have to leave iMac with apple service for a few days and they will have admin access. Of course all my passwords and sensitive data is in my 1password account. Will admin access put my 1pass account in jeopardy? Are there any steps I should take to secure it further?
Definitely nervous.
1Password Version: 6.8.5
Extension Version: Not Provided
OS Version: OS 10.13.2
Sync Type: iCloud
Referrer: forum-search:how to secure 1password during apple service on iMac
Comments
-
Welcome to the forum, @ohniner, and good for you for thinking proactively about your data security! Although I'd suggest that Apple has at least an implied fiduciary responsibility to make sure your data (all of it, not just 1Password) is safe and secure, there's no telling what might happen any time someone else has physical access to your Mac.
If you have an actual 1password.com account, you could consider putting it into Travel Mode, which would physically remove the vaults (temporarily) from your Mac, until it's returned to you. However, if you're using standalone (local) vaults, you can still rest relatively easily: your 1Password data is encrypted at all times, which means even if an attacker gets hold of your SQLite data file, it's merely a blob of unreadable ciphertext, useless to man and machine without your Master Password to transform it back to something readable. Assuming you don't leave your Master Password elsewhere on your Mac in a text file or something (you don't, right?!), and assuming you've chosen a long, strong Master Password, you should be pretty safe even in the event of a malicious technician who might be tempted to surreptitiously download your data. 1Password's security model, whether in 1password.com or with standalone data, provides several layers of protection for your most important data.
If you have a 1password.com account, you may wish to empty the caches and local storage on any browsers in which you've accessed your 1password.com account, as your Secret Key is stored there (so you don't need to enter it each time you sign in). Other than that, you should be all set. Good luck with the Bluetooth situation!
- edited to add: if you're using 1Password as a standalone app, it might also be worthwhile to make a copy of your most-recent 1Password data backup to an external hard drive that stays with you. This would only be of value if for some reason your entire hard drive's contents are destroyed or overwritten (or corrupted). In such a case, you could re-install 1Password and restore from that backup. To do this, go to Preferences > Backup and click Show Files. Copy the most-recent backup out to an external drive, and make sure that drive stays with you. Like your regular 1Password data, this backup is fully encrypted.
0 -
Thank You, I believe I'm using 1Password as a standalone app, don't remember ever logging into 1Password.com and yes as suggested my password is a long sentence and yes I back up to an external hard drive using time machine. I will of course do a separate backup as you suggest. Thanks again
0 -
1Password is a terrific piece of software that I feel fortunate to have come across it. My wife and I use it across all our devices and consider it the most important aspect of our systems.
p.s The iPassword team continues to impress, thanks again.
0 -
Thanks for the kind words, @ohniner - we really appreciate it. A lot of people here work very hard to make 1Password the best password manager possible, and it's always a pleasure to hear from one of you out there in the real world that you think we've come close to that mark. Drop by any time if you have questions or issues, and have a great week. :)
0
