Master Password not syncing between devices

I use Windows 10 and 1Password Desktop 7.4.753.

Reset my master password in 1Password.com. On my Windows 10 computers logged into 1Password Desktop with my old password. The alert came up to have me re-authenticate with my new password. Entered the new credentials and it worked.

Next time I go to login to 1Password Desktop can only use old Master Password.

Have this issue on all my Windows 10 computers that use this account. Have tried uninstalling 1Password Desktop, rebooting computer, re-installing 1Password and am stuck with 2 Master Passwords. The new one opens 1Password.com, the old password opens Desktop. Need help please?


1Password Version: 7.4.753
Extension Version: 7.4.753
OS Version: Windows 10 Pro w/latest udpates
Sync Type: Not Provided

Comments

  • Do you have more than one account added to your Windows app by chance, @foutfitters? Or maybe a standalone vault? It sounds like you properly changed the Master Password for this specific account in your Windows app but that the Master Password to unlock your app (perhaps properly) didn't update. 1Password unlocks with the Master Password for the first account or vault you've added to your app so if you've added more than one and changed the Master Password for the second account that you added, that won't change the Master Password that unlocks your app. If you're not sure, here's a nice quick way to check:

    Press Ctrl + D and you'll see something like this:

    Notice those two main headers? One says Wendy Appleseed and the other says AgileBits. Each of those is an account. If you see two headers like that, you have two accounts added. You could also see "On this PC" in place of an account name. In that case, you have one account and a standalone vault. The specifics aren't a huge deal, though. What matters is two headers means maybe two possible Master Passwords.

    If you do see two in your sidebar, let me know. We may need to have you either change the Master Password for your other account or vault or have you sign out of it and sign back in to swap which Master Password is controlling the app.

  • c0z
    c0z
    Community Member

    @bundtkate OP never stated he used or had two accounts. He stated he had two master passwords as a result of having the old master password and the new master password.

    I have the same issue. I have one vault and I have only one account. I feel that if I pay for a service I should not have to deal with dumb issues such as this. If your team cannot create a solid application that synchronizes securely between a client service, web service and your 1Password API to successfully have functions as simple as a master password change, then I don't believe I should have subscribed to your service.

    Furthermore I personally feel that being one to normally use Free Open Source Software that I really went out of my way to give your company a shot. I chose to hand over my financial information and sensitive personal information to you. I know that I might be going over the edge just a little bit but considering of how much an inconvenience this is and to say that this inconvenience is just the first of many possible to come. 1Password's resume so far, within an hour of use, doesn't look so good.

    I'd love an actual solution to this. I also think on a side note that it would be a great idea to aside from posting the security audits your company does of it's products having a CVE tracker available to the public seeing that the code is obviously not open source.

  • foutfitters
    foutfitters
    Community Member

    bundtkate thank you for your suggestions. Yes I do have more than one account in my Windows app. My work account is the one that I had changed the password. And my personal account is the one that ended up at the top of the list. But the strange thing was that it didn't want the credentials from my Personal account, it still made me enter the old master password from my Work account.

    I had tried what you suggested and signed out of the Personal account and then re-added it, to see if I could get it at the bottom of the list, but it didn't work.

    However, what finally worked was removing BOTH accounts, and then adding my Work account followed by my Personal account. Really appreciate your help getting me back in sync!

  • MikeT
    edited March 2020

    Hi guys,

    @foutfitters, that sounds right if we consider the work account is the first account. The first account you add is what you have to sign out to get the app to update to the next account. We'll look at indicating which account is the first account in the UI.

    @c0z, the op did just confirmed he had more than one account as Kate originally suggested.

    I have the same issue. I have one vault and I have only one account.

    You said you have one vault, do you mean you have 1Password.com account with one vault in it or do you mean you have a standalone vault in addition to having 1Password account?

    If your team cannot create a solid application that synchronizes securely between a client service, web service and your 1Password API to successfully have functions as simple as a master password change, then I don't believe I should have subscribed to your service.

    While I agree with you, this isn't as simple as it sounds, 1Password does not sync your master password between devices, it doesn't know any of your passwords.

    What 1Password does is sync the encrypted keysets that is downloaded to each device and can only be decrypted by the local 1Password app's encryption key, which is protected by the master password you enter for the first time. In other words, every single device you use 1Password with has its own encryption key that is protected by the first password you give 1Password. A lot of people use multiple accounts (work, home, etc) and some use multiple standalone vaults and they do not need to unlock with all of the individual password, just the master password like a master key that can unlock any locks.

    When you change your password for your 1Password account (or email address, secret key, etc), 1Password on Windows PC won't know anything until it does a sync, which means you have to unlock with the (old) master password first, then it'll sync with your 1Password account, finds out it cannot decrypt it, it prompts you saying it is not authenticating and you should enter the credentials again. When you enter the new password, it syncs, pulls it into the local app and if it detects it is the first account, it'll replace the app's key as well to be re-encrypted with the new master password. This means, the next time you unlock with 1Password, it'll only work with the new master password.

    [Update] Just to be clear, we do have a limitation where this does not work if you use a standalone vault that's not syncing. We're working on fixing this.

    I also think on a side note that it would be a great idea to aside from posting the security audits your company does of it's products having a CVE tracker available to the public seeing that the code is obviously not open source.

    Just to clarify, the security audits are from third party companies, not our internal security audits. We post them here: https://support.1password.com/security-assessments/

    I'll pass on the suggestion to list the public CVE on our product for our security pages. Thanks!

  • c0z
    c0z
    Community Member

    @MikeT If I could like your post I would. I missed the phrasing of the statement "...computers that use THIS account" which should not have mattered anyway, but alas you stilled answered the question of you are fixing the issue. I will utilize your suggestion of forcing a sync within the app by creating two vaults. I know the security audits are by a third party. It wouldn't make sense to have a PhD if no one else could accredit you lol.

    The whole point of publishing CVE's with a proprietary code base is that you are still being transparent with what your auditors find and you are proving that your team is fixing these vulnerabilities. It would only compliment the security audits.

    Is there an issue tracker that is public for us, the users, to follow the correction of these design issues?

  • MikeT
    edited March 2020

    Hi @c0Z,

    I will utilize your suggestion of forcing a sync within the app by creating two vaults

    You didn't answer my question about if you're using 1Password.com account or you're using one standalone vault. It sounds like you have a standalone vault. If yes, try to remove the vault and re-add it, I suspect that will make it work.

    The whole point of publishing CVE's with a proprietary code base is that you are still being transparent with what your auditors find and you are proving that your team is fixing these vulnerabilities.

    I understand, all I can do is let our security team know about your suggestion. In the Bugcrowd report, it does say that we've fixed all of the findings that was reported to us.

    As far as I know, all CVE reports are already in the database and can be accessed by anyone; here's our list of CVE that affected 1Password in the past.

    Reporting whatever findings we get from our security audits to CVE is a different thing, so I'll pass it on, and we'll see.

    Is there an issue tracker that is public for us

    No, there isn't and at the moment, there is no plan to make any kind of issue tracker public. It's not about transparency but practicality, we had one in the past and it was quickly used against us instead of being a collaborative effort on both sides.

    Instead, we use Bugcrowd as a security bounty program that lets anyone report their findings and get paid as well.

  • Piquesel
    Piquesel
    Community Member

    Hi guys,

    Reposting here instead of duplicating thread!

    I've successfully updated my password connecting on Internet. Everything worked fine and I've download my Emergency Kit. I can now log in on Internet with the new password.
    The client on my Windows machine though still works only with the old password! Pretty scary for a security application :( ! I have the same problem both on my laptop and my workstation (both running Windows 10). At first they asked me to re-authenticate which is what I've done. But after logging out and logging in again, I was only able to log in with the old password. Now both apps on both machines work fine with the old password!
    I have only one Vault. I can freely update information from my Windows 10 client and see the updates on the web connecting via a browser, being of course authenticated with 2 different passwords!
    What's the solution here?

    I'm using 1Password for Windows version 7.4.753 on a Windows 10 Pro machine.

    Thanks,

  • We'd need to look at some diagnostics from your PCs at this point, @Piquesel. I suspect you do have something extra in your app, but it may be not be readily obvious except under the hood. I see far less of this these days (almost none, in fact), but we've had issues in the past where something like a ghost account or an old standalone vault could continue having an impact on 1Password without it being apparent to y'all. These are things that were fixed in the sense that they can't happen moving forward, but where we were sometimes unable to correct any existing cases automatically without risking data loss. One thing to keep in mind is that this is only going to be the case on your local devices. Anyone trying to sign in to your account from a new device would be unable to do so without your new Master Password.

    So, let's take a peek at those diagnostics. I'd like to ask you to create a diagnostics report from your Windows PCs:

    Sending Diagnostics Reports (Windows)

    Attach the diagnostics to an email message addressed to support+forum@agilebits.com and include a link to this thread in the body of the message.

    You should receive an automated reply from our BitBot assistant with a Support ID number.  For bonus points, post that number here and I can track down the diagnostics and ensure that this issue is dealt with quickly. :+1:

    Once I see the diagnostics I'll be able to better assist you. Thanks very much!

  • Piquesel
    Piquesel
    Community Member

    Hi,

    thanks for your reply.
    I've sent the diagnostic report and the reference to the ticket is: [#SVE-45738-824]
    FYI: my laptop is new and 1Password has been freshly installed on it.

  • ag_ana
    ag_ana
    1Password Alumni

    @Piquesel:

    Thank you! I confirm that we have received your report. We will take a look at it and get back to you via email as soon as possible :+1:

    ref: SVE-45738-824

  • Piquesel
    Piquesel
    Community Member

    My answer to your support via email.

    So, don't bother. I've found a workaround. I uninstalled 1Password and reinstalled it. It asked me for all the information including the new password which did the trick.By the way, your uninstallation procedure is weak IMO. Uninstalling from Windows just delete the App directory. It keeps backups, data and logs directory in your AppData\Local\1Password directory. As a result, the bug is still there and the app keeps working with the old password.As mentioned before, I had no problem on my Mac, so I still believe you have a nasty bug on the Windows client.Your support is disappointing: you should have an out of the box procedure to tell the user: please uninstall the software and try to reinstall it, and your uninstallation procedure should be improved. Many standard procedures prompt you to know if you want to keep local data or not. In this case, the risk is very little since all the data are on the cloud.Anyway, sorry to say that after using 1Password for many years, I'm going to start looking for another secure password solution. You've been pretty inefficient on this case in IMO. If I've done something wrong on my side, I'll be happy to know it, but I guess it's going to take a few more days before you answer this email...Oh well!

    You can close this thread.

    Thanks.

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for the update @Piquesel! I am glad to hear that uninstalling and reinstalling helped solve your issue. I will not close this thread since you are not the one who opened it originally, but I am glad to hear that the issue is resolved.

    Have a great day!

  • c0z
    c0z
    Community Member

    I unsubscribed and will no longer be using 1password since this problem still exists and none of the solutions provided are sane.

  • ag_ana
    ag_ana
    1Password Alumni

    Sorry to hear this @c0z! If you could reply to the questions that MikeT asked you a few months ago in this discussion, we will be happy to help :+1:

  • c0z
    c0z
    Community Member
    edited October 2020

    @ag_ana I originally had one 1Password account with one vault and a initially synced application locally stored vault on my local system (only one device). After I found out that the master password was out of sync one of the methods of trying to force a sync was by creating more vaults online and re-installing the local application, but neither one did work.

    Also it's worth noting that I MikeT did answer the question that I did not explicitly answer with "... try to remove the vault and re-add it, I suspect that will make it work." and it did not work.

  • ag_ana
    ag_ana
    1Password Alumni

    @c0z:

    Thank you for the additional information! Do you still have a local vault on this device, in addition to a 1Password account added to the 1Password app?

  • c0z
    c0z
    Community Member

    The 1Password account that I created, the online vault (the default), is the same one within the application. Though it's worth mentioning that I already permanently deleted my account.

  • Greg
    Greg
    1Password Alumni

    @c0z: I am sorry to hear that! I wish you had reach out to us via email, so we could take a closer look at your setup.

    1Password 7 for Windows is designed in such a way that it uses the Master Password for the first 1Password account or local vault that has been added to the app. However, even if you delete the first account/vault, the Master Password that you use to unlock the app will not change. You will need to start over with 1Password 7, set it up from scratch, and then add your vaults/accounts in the right order.

    If you ever decide to give 1Password another try, please let us know. We will be happy to help. Thanks! :+1:

    ++
    Greg

This discussion has been closed.