Presenting a smaller target: Self-hosted 1Password vaults
Hello! Long-term user & adorer of 1Password, but I'm on a bit of security kick lately, and I've realised that despite all my efforts, I still have a colossal vulnerability, which is 1Password itself: I absolutely must be able to easily sync between my devices, so I need a sync mechanism, but despite my faith in Agile Bits, 1Password's servers are a huge target, just because of the popularity of the product.
This isn't at all a criticism of 1Password.com's security, but it's a juicy target and if the bleeding NSA can't even keep their stuff safe from thieves, I feel like my best option for keeping myself and my family safe is to present a small target, which means hosting my own password database on a locked-down private VPS, or better yet, a server that's only on our local network and not internet-accessible.
Where do the 1Password team stand on self-hosted vaults lately, with support for something like SFTP built into 1P products? I feel like this is my only option for maximising my security. I understand that there are other open source products out there, but 1Password's user experience is unparalleled, and I dearly love it.
Absolutely content for this to be a premium-priced add-on.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
We did at one point evaluate integrating WebDAV sync into 1Password and it proved to be an infeasible solution (largely due to performance and reliability reasons). But we've developed something better now and it's where we're focusing our time and energy. With a 1Password membership your data is never sent to Dropbox and is encrypted not only by your Master Password but also your own personal Secret Key. This additional key adds 128 bits of entropy to your derived key, and by using the Secure Remote Password protocol we ensure that no information about your Secret Key nor Master Password is ever transmitted to our servers. The end result is even if someone manages to steal this encrypted data from our service, it's infeasible for them to ever be able to brute force it.
Aside from the improved security, the other aspect about hosting your data on our system is syncing is much faster and more reliable. For years we battled hard to make syncing work well with third parties and while we did make it pretty good, things are so much better when we have control of both sides.
There are just too many benefits for us to ignore and as such we won't be adding additional sync methods. If you haven't studied the benefits of the Secret Key I'd highly recommend doing so:
About your Secret Key
additionally we have a technical white paper on our security design that may be of interest to you:
1Password Security Design White Paper
Ben
0 -
Thanks for the detailed reply, Ben! I certainly understand and sympathise with the decision to focus on keeping everything entirely under your control.
I have read the white paper (and thank you to your team for creating such a document) - it's impressive, but I do still remain skittish about what happens if 1Password.com is ever compromised. Today's tech may not be able to do anything with the data - assuming there have been no bugs introduced along the way, of course - but I'm not sure we can reliably predict the capabilities of future adversaries, and once the data's out, it's out; there's no help in upgrading security after the fact. Perhaps a low-probability event, but the consequences are hideous, as I keep everything in 1P.
So: I don't wish to be obnoxious, but if you're keeping a tally somewhere of requests for self-hosting (even if it's just a compiled server binary!), please add my notch.
Thanks!
0 -
Thanks for the detailed reply, Ben! I certainly understand and sympathise with the decision to focus on keeping everything entirely under your control.
@michaeltyson: With one important exception: your data. While we control the experience on the client, server, and protocols, only you ever have control of your data since no one else possesses the "keys" to it: it's encrypted locally before being sync'd, and the "keys" to decrypt it are never sent to us. Sorry to split hairs, but that's a crucial distinction. :)
I have read the white paper (and thank you to your team for creating such a document) - it's impressive, but I do still remain skittish about what happens if 1Password.com is ever compromised. Today's tech may not be able to do anything with the data - assuming there have been no bugs introduced along the way, of course - but I'm not sure we can reliably predict the capabilities of future adversaries, and once the data's out, it's out; there's no help in upgrading security after the fact. Perhaps a low-probability event, but the consequences are hideous, as I keep everything in 1P.
It's certainly something we should, and are, all concerned about. That's why we've set things up so that we never have to "keys" to anyone's data. Even if the server is broken into and encrypted data is stolen, it isn't of any use to the attacker in the foreseeable future. They cannot perform a brute force attack on the Master Password because the (128-bit, randomly-generated) Secret Key is also needed to decrypt the data. That's not an argument to use a bad Master Password, but we want to make sure that someone making the mistake of using a weak or known Master Password (say you used it for some other website which got compromised) is still safe with regard to 1Password.
You're right that we can't predict the future, but the AES cypher isn't new, has withstood the test of time and attacks on it, and we're not all just going to wake up one day and have quantum computers. So even though it will almost certainly come to pass in the future that it will become feasible to brute force what is in use today for encrypting data (in 1Password, your OS, and beyond), we're not waiting around for that to happen; we're continually keeping up with the research in this area and have been making tweaks to how we do things all along to stay ahead of the curve. What was super hard to computer efficiently on hardware ten years ago has become accelerated since then in newer chips. That sounds like it may be a bad thing if you're only thinking about it from the perspective of bad guys having more efficient tools at their disposal today, but by the same token we can increase the computational difficulty of decrypting the data as well, so that, to you, it doesn't seem to take much longer, but a lot more work is done behind the scenes than was in the past. The good guys also benefit from advances in technology. :sunglasses:
So: I don't wish to be obnoxious, but if you're keeping a tally somewhere of requests for self-hosting (even if it's just a compiled server binary!), please add my notch.
Will do. It's really helpful to know that. There hasn't been a lot of interest, but we'll continue to evaluate as we get feedback from others as well. Thank you! :)
0