Automatic re-enroll after OS reinstall

Kobes
Kobes
Community Member

Hi, recently I had my Mac reinstalled by our it department. Then I set up 1P again from the App Store and on first start it recognized somehow my account.

I was wondering how 1P could be set up properly this way while the master key (with the part even I don’t know) is stored locally only.

The only thing I could probably imagine is that this part is stored in the apple keychain and that I set up iCloud before 1P and thus, the master key was present on my Mac. Is this what happened?

Comments

  • Lars
    Lars
    1Password Alumni

    @Kobes - well spotted! :) Yes, it's because you set up iCloud first, and so any 1Password licenses OR 1password.com accounts you have are stored there. It's important to understand that only the fact that these exist are stored there, NOT your Master Password or the encryption keys to unlock your data. But yes, we've been trying to make it easier to make it easier to locate your 1Password account even on new devices. :)

  • Kobes
    Kobes
    Community Member

    Ok, thanks for confirming my suspicions. I just checked my keychain as well and found the secret key (not my master password, if anyone reading this might get concerned) part of my credentials in there, so that explains why everything was pretty simple to set up.

    Nice work!

  • Lars
    Lars
    1Password Alumni
    edited January 2019

    @Kobes - yep! Your Secret Key is stored on your device anyway, often multiple times if you have both a 1Password app and have signed into your account in a browser. Although it's called a Secret Key, and it shouldn't be shared with anyone else, it's not encrypted because it's designed to live only on your own device(s). This prevents a hacker who managed to compromise OUR servers/database and obtain your data from needing only to guess your Master Password; they would need to know which data was associated with which user, and then they'd also need your Secret Key, which is never transmitted to us in any form and lives only on your device. :) Glad I could help explain!

This discussion has been closed.