Waiting for 1Password 7: standalone versus membership

ClickCardo
ClickCardo
Community Member
edited February 2018 in 1Password 4 for Windows

I'm on latest with Mac/iOS, but am considering not updating those anymore till mythical windows 7 is released. I know that is not secure, but that is how desperate I am. I still do not consider 1password.com as safe as storing on dropbox. I know both sites are encrypted, but feel less of a target on Dropbox and they probably have more security resources than 1password.com

Next month I'll start seriously considering alternative pw managers without knowing there is at least a target date for 7 or a beta. The "Still in development" just isn't cutting it for me much now.

Thanks for the great apple versions, but I need more uniformity across all my platforms.


1Password Version: 4.6.2.626
Extension Version: Not Provided
OS Version: windows 10 FCU
Sync Type: dropbox

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @ClickCardo: No worries! I just wish you'd asked in the first place, as that's what we're here for. It could have saved you some effort -- and maybe frustration. :)

    There's a lot that goes into this, so feel free to ask for any clarifications, but this is a good summary:

    1. Your 1Password data is encrypted locally on your device before it is transmitted.
    2. The server receives only an encrypted blob.
    3. Your Master Password is never transmitted.

    It sounds like security is your chief concern (as it should be), and frankly it's ours as well. Otherwise we wouldn't use 1Password.com either! There's a lot more detail in our security white paper (which is actually a really fun read, even if you're not into cryptography), but I'm happy to break it down.

    Now, you might think I'm talking about 1Password.com specifically there, but that's the case no matter what 1Password setup you use — the only difference being that 1Password.com data is also encrypted using the 128-bit randomly generated Secret Key, which is also never transmitted to us. So there's an additional layer of security there as well that you won't get with Dropbox.

    Indeed, when you use 1Password, AgileBits never has access to your data, regardless of the setup you choose. Even with 1Password.com, your data is encrypted on your device, so all the server ever ends up with is an encrypted blob. And since the Secret Key is created locally, your Master Password is only known by you, and neither is ever transmitted to us, only you have the means to decrypt the data.

    Suffice to say, if someone gains access to our servers and dumps the full database (we've designed 1Password.com with this in mind), they simply don't have what they need to decrypt it, as each individual user alone has the keys to their data. So an attacker won't have that and can't get it from AgileBits, even if they get everything else. So while there's a lot more that goes into making all of this work smoothly, this is something that I think all of us can appreciate.

    Now, that doens't mean we want people breaking into our servers, so, apart from our own efforts, we also participate in external audits and cooperate with independent security researchers to find any flaws so we can fix them.

    Getting back to the age-old "Master Password sync" question, since it's never stored with your data, going back to the beginning of 1Password, what's happening is that the data is syncing, and since that is encrypted using the Master Password and therefore can only be decrypted using it, that can give the illusion that the Master Password itself is syncing...but it's really just the data transformed by it which is. With 1Password.com we're using Secure Remote Password protocol so that only a cryptographic secret (which proves mathematically that you know your Master Password, even though we never did) is sent to us. This cannot be reversed, but this one-way function performed when you created your Master Password as well allows us to confirm that it's the same, even without knowing what it is.

    Anyway, I hope this helps a bit. Be sure to let me know if you have any questions at all! :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks for the extended reply and link to the security white paper. The paper is meaty so I quick checked the TOC and read the first 11 pages. I'm definitely going to dig in at a later time when I have time. However, there are a few question that now come to mind that perhaps you could explain.

    @ClickCardo: Sure thing! I'll do my best. :chuffed:

    Also for all answers could you give a brief explanation comparing 1password.com vs DropBox syncing are affected. Also, please remember mix of windows, mac iOS and users on multiple devices, e.g a user with 6 devices.

    I think it's important to note that none of this should be taken as disparagement against Dropbox. I'm a user myself, and they offer a great service...which is just focused on things much broader than syncing 1Password data. I think they do what they do well; they're just doing something different than what we're focused on with 1Password.com. Also of note, I'm not even saying that Dropbox is unsafe for 1Password users to use to sync their data. I still have a vault there myself (actually many, but only one I use), otherwise we never would have supported Dropbox in the first place, and certainly wouldn't have used it ourselves! We've just taken it a step further with 1Password.com since we realize that we're an interesting target. So we want to make sure that even if someone is able to break into our server and steal the database, they still cannot get into 1Password users' data: since the Secret Key is also used to encrypt it, they cannot even perform a brute force attack on users' Master Passwords, as they would need to guess both.

    1) I vaguely recall some time the past 2 years there was an infamous flaw in HTTPS protocol that forced response from almost all of industry and users. Also it had been undetected, or at least not well known to the good guys, for a year or more. How would that have affected both 1pw.com and DB.com?

    It sounds like you're referring to "CloudBleed". This has no impact on any 1Password users because all data is encrypted locally. But we had a great blog post that went into more detail, especially with regard to the extra layer of protection we're using with 1Password.com, since we have control over how the whole thing works:

    Three layers of encryption keeps you safe when SSL/TLS fails

    2) How does the master password change get synced to different devices, multiple os and same user/cloud-sync-vault? Both 1pw and DB cloud. Right now I change master pw on any device and next time on any other device it's synced and I just login with it. Could you summarize how it works for both server types?

    Sure! If the question is "How does the Master Password sync between devices?" the answer is "It doesn't!" While true, that's not a very satisfying answer. So going a bit deeper, the reason that the Master Password cannot sync with your data is because it is not stored there. That would be terribly insecure, after all — not unlike the CSS encryption keys being shipped in every consumer DVD player, ripe for attack. Instead, the Master Password appears to sync because it is used to encrypt the data. So when the data syncs, only the correct Master Password can be used to decrypt it, since it was used to transform it in the first place. It's a little bit like if you were talented enough to make your own keys, and you memorized the design so that, without sending the key itself, you could ship a box with the lock overseas, and then make the key to unlock it from memory once you got there. Sort of. :lol:

    3a) Also, let's says they unfortunate happens and a different user happens to know your master pw at some point. You have 100's of pw's and they get a few. Obviously if discovered you change the master and start changing the most important pw's first, but don't get them all. If they have all the encrypted pw files can they decrypt much easier the remaining unchanged pw's knowing old master pw?

    I'm not quite sure I follow you here, but suffice to say that if someone has your data and knows the "keys" to decrypt it, it's game over. You cannot revoke either of these from them. The only thing you can do is revoke their access to updates to the data and change your "keys". That way they'd need to get both again to find out your new login credentials to websites after you changed them following the compromise. Does that help? And keep in mind that all of this applies to using 1Password in any form, or any other password manager or encryption. The only difference with 1Password.com is that they'll need two very different "keys" to decrypt the data once they have it.

    3b) Finally say an inside user at some point gets physical access to a device and master pw . After discovery and changing master and device pw are you safe for any pw changed from that point on and only unchanged pw knowable? What's the advice at that point?

    I'd have to ask how they're getting the Master Password in the first place, since that's something only you should know...but it sounds like all of my previous answer applies here equally. Let me know if you have anything to add, or if clarification is needed.

    Again, thanks for the great support you guys give. It was critical at one point when I upgraded an iOS device 1pw version and you helped me get the windows and iOS device DB vaults back in sync in a very timely matter.

    Thank you for the kind words! It's always great to hear when we've been able to help get you out of a sticky situation — especially for me personally, as data loss is something that keeps me up at night. So while it isn't the most exciting feature, my favourite thing about 1Password.com is that members always have an offsite backup of their important data there. So that helps me sleep a bit easier. ;)

    Please know I am now much more amenable to considering 1password.com for sync, but will have to do much more thorough research to decide.

    Sounds good! I think you'll really enjoy digging into the white paper, and we're always happy to answer questions. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    Brenty, sorry I haven't posted again till now, but other matters have consumed my time including studying your answers and more 1PW research. [...] First, if the master is used to encrypt a given pw and the master isn't stored at DB, then it changes does EVERY pw get re-encrypted? I have 100's of passwords encrypted by dozens of different masters. I still do not understand how else it would work.

    @ClickCardo: No worries. That's a great question! In fact, the Master Password itself does not encrypt each and every item directly. If that were the case, it would be incredibly time consuming to re-encrypt everything when you change it. So when you create an account/vault, a long, random encryption key is generated (much longer than anyone's Master Password will be) and that in turn is used to encrypt the data stored in 1Password, and it is encrypted using the Master Password (and Secret Key, in the case of a 1Password.com account). That's still oversimplifying a bit since different vaults will have different keys to facilitate sharing, etc., but all of the details are in the white paper if you're interested.

    A second key point I'm still not sure of is regarding the master pw release to syncing multiple devices for same user. My older experience matches exactly with your answer, i.e. each change of a master pw on one device a would require the old master then new master on all the other devices. Not wanting to change my most recent master I didn't test my memory out, but it seemed when the master last changed on 1 device I went to all the other devices and the new master was immediately usable, i.e. never had to enter the old master. (DB sync). Could you explain this is do I really need to change my master again to verify this?

    It's a bit confusing since there are two ways to use 1Password in general: with or without an account. Using the "standalone" apps with local vaults without an account is more tricky with regard to sync because a 3rd party service is being used in that case, so the app needs to be unlocked (using the "old" Master Password) first to get any changes. While there are obviously cases where that will be necessary with an account as well, it's more seamless in most cases because it we're able to control the sync experience top to bottom much better since we're the ones developing the apps and the service itself.

    Thanks again for all the time spent on non-advanced users like me.
    Rick
    PS : I'm now leaning towards using 1password.com, but still need more time to decide for certain.

    Sure, thing, Rick! Happy to help in any way I can. No matter what you choose, thanks for considering 1Password in the first place, and taking the time to ask questions like these, as others here in the forum can benefit as well...and frankly I enjoy talking about this stuff. ;)

  • bundtkate
    edited February 2018

    @ClickCardo: Brenty is enjoying a well-deserved break, so I hope you don't mind my jumping in here. I do feel like a bit of an intruder. He's set a high bar in this thread, so I'll do my best to live up to his example. The best explanation of Master Password "syncing" for me has always been this blog post from our sync guru and lead developer, Rick. Although this post specifically discusses syncing of standalone vaults, there are a lot of similarities with 1Password.com accounts, so I still find it helps here.

    To put this in more of a 1Password.com perspective, when you change your Master Password on 1Password.com, you're not changing your vault key, you're changing the key that encrypts that vault key. So you enter your new Master Password on a device that doesn't have your new key-that-encrypts-your-key yet. 1Password sees the key it derives from the new Master Password doesn't work locally, asks the server what it's got, sees the key it derived does work there, and grabs a new, encrypted vault key from the server. This vault key is encrypted with a key derived from your new Master Password and replaces your existing local key, so it looks like your Master Password synced up (even though it totally didn't) and your app has everything it needs to unlock your vault (namely, the ability to decrypt your vault key). This is definitely a simplification, but it covers the gist and hopefully the blog post can help with filling in gaps and context.

    Confused yet? Don't worry. It's a complicated process and has a lot of moving parts, so it's definitely tough to wrap your head around. It's a tough thing to explain well and makes my head spin too, so you're definitely not alone. Feel free to ask more questions if you've got 'em. :chuffed:

  • AGAlumB
    AGAlumB
    1Password Alumni

    @bundtkate, @ClickCardo: I find it helpful to think of it in terms of a transformation: the Master Password is used to transform the data by encrypting it in the first place, so using another input will result in failure to decrypt. It's not so much that the Master Password syncs, but that the data which has been transformed by it does; so the correct Master Password is needed in order to successfully reverse that transformation and decrypt the data again. Cheers! :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @ClickCardo: Yep, you've got it! Sorry for not linking to that earlier. It's one of my favourites, but it wasn't clear to me that you wanted that level of detail — and honestly I was thinking about it more in terms of 1Password.com, which did not exist when that article was written. It can be found by searching on our blog...but I guess you'd have to know to look there in the first place. Glad Kate was able to help, and we're happy to answer any other questions as they arise. Cheers! :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    No worries. You're welcome! We're here any time you have questions, comments or suggestions. :chuffed:

This discussion has been closed.