iOS iCloud vault query

[Deleted User]
[Deleted User]
Community Member

I was wondering if I could have my vault placed on usb stick ? In the app I see a back up option that allows it to be stored in I tunes sharing . Does that mean I can connect my phone to I tunes via usb cable to the laptop and download it from I tunes into the computer ? And if so how would I add the vault in future , would I just transfer it to my phone using I tunes ?

Kind regards
Stan

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @1pwdfan: Thanks for getting in touch. It's a good question. But no, that isn't possible. 1Password for iOS cannot read and write to an external drive, and iTunes file sharing doesn't work that way; it's just meant as a way to backup/restore your data if something happens to the device. I'd encourage you to give a 1Password membership a try, since it includes not just automatic offsite backup for your encrypted data (so you don't have to remember to backup at all), along with all of the apps and updates, without a need to manage licenses or configure sync: even if all your devices are lost, stolen, or destroyed, you just need to sign into your account to access your data there. I've lost data in the past, and I wouldn't wish that on anyone. Let me know if you have any other questions!

  • [Deleted User]
    [Deleted User]
    Community Member

    Cloud storage would probably be my best bet . Thanks for your very detailed response .

    Originally I was very paranoid about keeping sensitive info online , but given the security architecture of 1Password combined with good safety practices it seems virtually impossible for anyone to hack me .

    All data is just scrambled mathematical jibberish on their servers , and the password is never transmitted to 1pw ?

    Many thanks
    Stan

  • [Deleted User]
    [Deleted User]
    Community Member

    Just signed up

  • AGAlumB
    AGAlumB
    1Password Alumni

    @1pwdfan: You're very welcome, and likewise, thanks for getting back to me! I understand completely. We wouldn't want our own data stored on the server either if it couldn't be done securely, much less putting our livelihoods on the line! So that was the first thing on our list when we started looking to run our own 1Password service online.

    Anyway, you're on the right track! The way it works is that you choose a Master Password (not news to you), and you get a unique Secret Key generated on your device during sign up. These together are used to encrypt your data locally on your device, so that only encrypted data is sent to the server and stored there. Finally, but most importantly, the "keys" to your data -- the Master Password and Secret Key -- are not ever sent to us. So only you ever have the means to decrypt your stuff. You can read more about how all of this works in our white paper:

    1Password security

    And if you have any other questions at all, just let us know. We don't mind talking about this stuff, as you can see. :lol:

  • [Deleted User]
    [Deleted User]
    Community Member
    edited April 2019

    I’ll have a look at the security white paper , thanks.

    I’m enjoying my subscription , beautiful and mighty secure software .

    I use a vpn a lot but I always turn it off when I open 1Password , I suppose that’s good safety practice ?

    Also has 1Password ever been hacked ?

    Last pass did years ago but all the hackers got was meaningless blobs of numbers I think .
    They must have known or unless they hoped someone who worked there might be lazy and kept something unencrypted or forgot to fix a vulnerability

    You guys should introduce a 3/5 year subscription plan , I’d happily pay .

    I rarely pay for software but this kit is invaluable to me and compared to other managers it’s far more customisable . I like how you can edit entry’s and create custom fields which most mainstream password managers lack. Plus I love your 2fa integration for web services , it’s very very helpful and I love the auto fill feature for that . Whenever I log into discord , I don’t have to do anything . One password fills all the details for me including the two step authentication randomly generated code , It’s effortless !

    I use to get so nervous having to memorise so much info then ultimately occasionally I’d forget a lot of password and have to continual reset them .’it’s nice just to throw them all into a vault and forget about it and avoid the stress of remembering a billion passwords and pins like a computer can.

    My friend uses a password manager and he tells me he keeps his online banking data on it , he has over 60k in cash in one account so he really does trust it. Anyway I’m not going to ponder anymore on wether password managers are secure or not. It’s evident that the security architecture is robust for 1pwd and the only way someone could access an account is through a key logger or if someone precariously wrote the password down . I use IOS though with apple store apps so I doubt I’ll have any trouble with key loggers and I have 2fa set up anyway.

  • [Deleted User]
    [Deleted User]
    Community Member

    1 password is secure by design , I’m thrilled to have my subscription enabled today .

    I know someone who keeps his banking details on it and he has 60k worth of funds , so he really does trust it !

    Beautiful software , great customisation options !

    This really does making logging in anywhere even with 2fa codes effortless

    Thanks for your input

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited April 2019

    @1pwdfan: Totally! 1Password is much more convenient than even when I was practicing poor security and typing a weak password I used everywhere. So great to not have to type passwords anymore, and I'm able to use strong, unique passwords for good security without that being a pain! :lol:

    Anyway, I think the other cool thing about 1Password is that you've got control over your security since you alone choose and know the Master Password. But in addition to that there are other layers of security as well. More on that in a bit. :)

    I use a vpn a lot but I always turn it off when I open 1Password , I suppose that’s good safety practice ?

    I think there are good reasons to use a VPN. But you shouldn't need to turn it off when you use 1Password (unless it's making you unable to sync for some reason!) And with 1Password accounts, you've got multiple layers of security no matter what, just by using 1Password:

    Three layers of encryption keeps you safe when SSL/TLS fails

    As with the Secret Key and Master Password, I'm not suggesting that you should not use all the tolls at your disposal. After all, you're probably doing stuff online other that just using 1Password, so it's good to use a VPN when on someone else's network, etc. But 1Password has your back with its security even if some of your non-1Password security is broken. :sunglasses:

    Also has 1Password ever been hacked ?

    Nope! Certainly it's been demonstrated that it is possible to get into a 1Password user's data when you have a copy of that data and know/guess their password, and that has sometimes been reported as 1Password being "hacked", I think you'll agree that isn't really a reasonable assessment.

    As I mentioned earlier, even if the database were stolen from our server, that wouldn't allow the attacker to access the data, since only each individual user has the "keys" to decrypt it. That said, we still don't want anyone to steal encrypted data from us. Apart from our own work securing and monitoring the service, we participate in external audits and cooperate with independent security researchers to find any flaws so we can fix them.

    You guys should introduce a 3/5 year subscription plan , I’d happily pay .

    It's certainly something we can consider. However, you can already purchase 1Password.com gift cards (some at a discount) upfront and use those to get a similar result:

    https://1password.com/giftcards/

    And you're right about iOS: having the OS and App Store be so locked down helps a lot with avoiding malicious software, and because apps are isolated from each other and even 3rd party keyboards are disabled in password fields, keyloggers just aren't a thing there.

    Anyway, I hope this helps. Cheers! :)

This discussion has been closed.