Synch from Mac to iPad/iPhone

Johann_Gruber
Johann_Gruber
Community Member

I ask for help with the following problem: on the Mac I have 1Password 7 and on the iPad and iPhone (IOS12) also 1 Password 7 installed. The problem is that the private vault on the Mac does not sync with the iPad and iPhone. Can you explain the synchronization step by step? Have already tried a lot, unfortunately without success.

Thanks for your help!
Gruber Johann


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @Johann_Gruber

    I'd be happy to help get this situation sorted out for you. A couple of questions:

    1. Do you have a vault named "Primary" on any of your devices?
    2. If you log in at https://my.1password.com/ are you able to see all of your 1Password data?

    Please let me know.

    Ben

  • Johann_Gruber
    Johann_Gruber
    Community Member

    Dear Mr. Ben,
    Thank you for answering me.
    Have 2 problems I would like to discuss with you.
    1. after successful instalation of the password account on the phone (iPhone SE), I suddenly have 2 safes (1.Persönlich and 2. Primary).
    Although I have repeatedly deleted the 2nd Safe Primary, it will be back the next time you enter Password. How can I permanently delete the 2nd vault and use only the 1st Personal Vault I want to sync via iCloud, which is currently not synced?

    1. Online banking requires 3 fields to get started. Unfortunately, 1Password only allows 2 fields. I have often tried to insert a third field, but it was not possible. Maybe you can give me some advice.

    Thank you in advance.
    Gruber Johann

  • @Johann_Gruber

    Thank you for answering me.

    My pleasure.

    1. after successful instalation of the password account on the phone (iPhone SE), I suddenly have 2 safes (1.Persönlich and 2. Primary).

    Although I have repeatedly deleted the 2nd Safe Primary, it will be back the next time you enter Password. How can I permanently delete the 2nd vault and use only the 1st Personal Vault I want to sync via iCloud, which is currently not synced?

    The Personal vault is part of your 1Password membership and is synced via 1Password itself (rather than iCloud). If you log in at https://my.1password.com/ are you able to see all of your 1Password data?

    Online banking requires 3 fields to get started. Unfortunately, 1Password only allows 2 fields. I have often tried to insert a third field, but it was not possible. Maybe you can give me some advice.

    Apple's Password AutoFill feature is how we typically recommend filling forms on iOS, but it can only handle a maximum of 2 fields. It cannot handle a 3rd field. Our own 1Password extension can, in many cases, though. You may wish to give that a try:

    Use the 1Password extension to fill in Safari and apps on your iPhone and iPad

    Please let me know.

    Ben

  • Johann_Gruber
    Johann_Gruber
    Community Member

    Hello Ben,
    Thanks for the answer. I have become accustomed to the insertion in the 3rd field in online banking.
    But I found another annoying circumstance: there are logins where certain symbols and a certain password length are required. The specific length is not a problem. If you now try with the password generator to find the right password with these prescribed symbols, the effort is free. So you're forced to find a password yourself that meets the requirements and that is unlikely to be as secure as the generator creates it. It could be offered the possibility to allow only certain symbols.
    Maybe there is a possibility and that would be very helpful.

    Thank you

  • Johann_Gruber
    Johann_Gruber
    Community Member

    in English
    Hello Ben,
    Thanks for the answer. I have become accustomed to the insertion in the 3rd field in online banking.
    But I found another annoying circumstance: there are logins where certain symbols and a certain password length are required. The specific length is not a problem. If you now try with the password generator to find the right password with these prescribed symbols, the effort is free. So you're forced to find a password yourself that meets the requirements and that is unlikely to be as secure as the generator creates it. It could be offered the possibility to allow only certain symbols.
    Maybe there is a possibility and that would be very helpful.

    Thank you

  • @Johann_Gruber

    That is something that has been suggested in the past. It is something we'd like to be able to offer, but we need to come up with a good way to present it in the 1Password interface. Hopefully that is something we'll be able to do in the future. For the mean time it is possible to continue generating passwords until a suitable one has been generated, and this would be better than using a non-generated password.

    Thanks.

    Ben

  • Johann_Gruber
    Johann_Gruber
    Community Member

    Hello Ben,
    Today I read a very disturbing article about cracking the master passwords of 1Password etc. Can you tell me if there is something true about it. If so, I'll have to get an even stronger master password right away. Thank you. Here is the article:

    Distributed password recovery decrypts 1Password, Keepass, Lastpass and Dashlane
    Elcomsoft cracks popular password manager
    August 11, 2017 | By Timo Scheibe.
    Keywords: Elcomsoft, decryption, password safe, password security, encryption.
    The Russian software development company Elcomsoft has updated its solution Distributed Password Recovery. The new version enables the company to recover master passwords that protect encrypted areas of the popular password managers 1Password, Keepass, Lastpass and Dashlane.

    Experts are thereby able to access the entire database of the software, which in addition to all stored passwords and authentication information of the user can also contain highly sensitive data such as images of user documents, personal information or numbers of credit, giro or customer cards.

    The password managers offer their users the option of securely storing, organizing and using their passwords for authentication in various sources. This has the advantage for users that they no longer have to remember different passwords. In addition, password managers can automatically generate strong passwords for websites or other sources so that both dictionary and brute-force attacks have no effect, Elcomsoft said. The different passwords store the solutions in encrypted databases, which can only be decrypted by entering the master password.

    For example, the four named password managers use strong algorithms to encrypt their password databases and use a thousand hash functions for the master password to map the key to the protected area. This protects the password databases very well against brute force attacks. To further protect against brute force attacks, Elcomsoft password managers use several thousands of iterations to derive the binary encryption key from the text-based master password. This greatly limits the speed of brute-force attacks.

    Using GPU units in AMD and Nvidia graphics accelerates recovery 50 to 200 times compared to a single CPU. Nevertheless, the speed of brute-force attacks is in the range of 100,000 passwords per second. This speed allows the decryption of relatively short passwords, says the software development house. Longer passwords, on the other hand, have to be decrypted with a dictionary attack that uses custom attacks in Elcomsoft Distributed Password Recovery.

    With version 3.40 of its distributed password recovery, Elcomsoft leverages the power of GPU-accelerated attacks across a network of up to 10,000 computers. In this way, the manufacturer decrypts the master passwords of 1Password, Keepass, Lastpass and Dashlane. Once the key is restored, experts will be able to access the password manager's protected databases and view passwords, authentication information, and other data stored in the database. Elcomsoft uses the solution to address its own data for forensic technicians, authorities and companies.

    According to Elcomsoft, distributed password recovery supports Windows 7, 8.x and 10 as well as the corresponding Windows Server versions.

    Further information is available at www.elcomsoft.de.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Johann_Gruber: For perspective, that "research" from nearly two years ago was done using an old vault. Years ago we were using a much lower amount of PBKDF2 iterations to protect against brute force attacks against the Master Password. That was good at the time because our devices were much less powerful, so we didn't want to have to wait forever for 1Password to decrypt our data; and because attackers also had much less power at their disposal to try to use automated tools to guess the password. So we balanced those against each other at that time, and we've continued to increase the strength of that over the years as well to make sure that a) 1Password data is too slow to brute force in a useful time frame and b) that it is fast enough to be usable.

    As far as whether you should be using a better Master Password, I can't really answer that, because it's a very personal calculation:

    • How difficult is it for you to remember/type your Master Password?
    • Is it weak, like a dictionary word or short phrase you chose yourself?
    • Is it something someone who knows you could guess?

    We have a good article here with suggestions on how you could make it better:

    How to choose a good Master Password

    But really the only reasons to change what you have are if it is weak, reused, or compromised -- e.g. someone can guess it, someone already knows it, or it's been taken from you.

    1Password's password generator can create random Wordlist passwords that are really useful because they are both random and easy to remember/type. One useful piece of info is that we ran a context last year which demonstrated that it takes about 6 months for someone to use automated tools to guess a three-word Wordlist password, even with a cash prize, and with hints. So a four-word Wordlist password is a good option because it will be exponentially harder to guess and is only one more word for you to remember. You can play around with that here:

    https://1password.com/password-generator/

    So while only you can determine if you need a better Master Password, hopefully this helps you in that regard. Let me know if you have any other questions! :)

  • Johann_Gruber
    Johann_Gruber
    Community Member

    Hello Ben,

    first, a big compliment for the excellent website my.1password.com. I enjoy this website very much and of course the password manager 1password 7.

    But I also know that I've already written about it, but yesterday I realized again how important the password generator would be with a filter of selectable special characters and that was how it happened: I wanted to change the password yesterday at a government website. After several attempts, the login was blocked for security reasons because the passwords I received from the password generator were not accepted. In the episode I had to forget about the password button again to request a replacement password, which I received via SMS. The difficulty was that this replacement password must be replaced within only 5 minutes in which lower case letters, capital letters, numbers and only certain special characters must be replaced. After several attempts with the password generator, which always generated a password for me that always had some special character that was not allowed, the short time was over and the login was blocked again. It is a very bad situation for me.

    Maybe there is a possibility to realize this wish and I believe that I am not alone with it.

    Thanks and greetings from Gruber Johann.

  • Ben
    Ben
    edited March 2019

    Hi @Johann_Gruber

    Thank you for the kind words. The difficulty here isn't that we don't understand the problem or the desire to find a solution. The difficulty is in determining the correct solution and implementing it. Certainly there are things we'd like to do better here, but it sounds like a lot could be improved on that website's part as well. Their implementation sounds rather onerous and anti-user. We'll continue to brainstorm on our end to see what we can do to improve, but I would suggest also reaching out to the operators of that website to explain the difficulties you had. We're all in this together, and improvements need to come from both sides. :)

    Ben

This discussion has been closed.