1Password X with multiple accounts
I am trying out 1Password X and somewhat confused by having multiple (team+family) accounts.
When I click the icon within a login and then use the keyboard shortcut to unlock, the only password which works is my family account master password. Then only family account items are offered.
When I look in settings both vaults are showing, but the Team vault is listed as locked.
Is there a way to unlock both vaults with a single master password, as I do in all the other instances of 1P? Ideally I'd like to use the same local password I use on my devices since that's what I'm used to but if I need to use one of these that would be workable also.
I'm currently on Chrome 73.0.3683.86 (Official Build) (64-bit) under OSX 10.14.3.
1Password Version: 7.2.5
Extension Version: 1.14.2
OS Version: 10.14.3
Sync Type: 1Password X extension
Comments
-
@hesspaul: You can unlock multiple accounts with a single Master Password...if they all use a single Master Password. ;) You can easily change it in your account profile on the website:
https://start.1password.com/profile
When you enter a Master Password in 1Password X, all accounts that can be unlocked using that Master Password will be. Cheers! :)
0 -
I'm a little chagrined with the idea of going back to the old habits of using the same password for multiple accounts because it's convenient. It wasn't needed in your previous products. Is this something you might change as 1Password X matures?
I realize my keys are different for the two accounts which helps, but it still feels like a step in the wrong direction ....
0 -
@hesspaul: To be clear, no one is suggesting you reuse passwords for websites. I'm saying use the same one Master Password for 1Password. We've been recommending that for over a decade. ;) Doing so allows you to use a longer, stronger one: it's easier to memorize and get used to typing; and it will also be harder to guess, even using technology, than two shorter passwords.
You're right in pointing out that you've got a unique (128-bit, randomly-generated) Secret Key for each account, so I guess the question I have is, what specific kind of threat do you have in mind here that gives you pause?
We can certainly consider changes to 1Password X as far as having it not use the Master Password to unlock specific accounts, but that seems to contrast with your concern, and frankly a lot of users have told us they like being able to only unlock, say, the work account by having a different Master Password. Most people separate work and personal stuff, and some folks actually need to give their company their Master Password as part of emergency planning in case something happens to them, so they don't want that to also unlock their personal data.
I can see your perspective too, of course, but it seems like you could get the result you're looking for by using a single long, strong, unique Master Password. Food for thought. :)
0 -
@brenty thanks for your response. I used your question to think through my concerns and try to itemize what is making me uncomfortable, but in the process I just learned from the discussion here that even on the web site the Secret Key is not transmitted to 1Password but instead only used locally within the web app as part of the decryption algorithms. I assume this is also true during 1Password X usage? This helps a lot to resolve the more important parts of my concern.
I wanted to leave that link here for future visitors to know there was a resolution since, unless I end up still uncomfortable after rethinking with this new info, I probably won't followup here trying to itemize my prior concerns. :-)
(from the other thread):
All of this is happening on your device locally. The 1Password web app is downloaded and runs in your browser, not on our server. So, just as with the native applications, no secrets are sent to us. The Secret Key only exists on your device unless you store it somewhere else; our software never transmits the Secret Key or Master Password. It's pretty cool, actually
0 -
@hesspaul - likewise, thanks for thinking proactively and critically about your own security and for being willing to share your thoughts here for others to benefit from.
The Secret Key is indeed a big part of the magic behind 1password.com (and therefore, 1Password X); it protects you if WE were to get hacked/compromised, and it ensures that not only your Master Password (which is hopefully long and strong) but also this randomly-generated key which is never transmitted to us work together to secure your 1password.com account. That's also why using the same Master Password in multiple 1password.com accounts isn't the security hole it might appear at first glance: because in each account, it's being combined with a different Secret Key to derive the actual encryption keys to your data.
...unless I end up still uncomfortable after rethinking with this new info, I probably won't followup here
No worries! While this forum exists mainly to help 1Password users with issues they may be having with 1Password, understanding and feeling comfortable with how it works is certainly a part of that. So feel free to ask questions if you have them. Have a great weekend! :)
0