re-installed iOS app (new phone). 1Password didn't ask for secret key during setup - master pw only

agustya
agustya
Community Member

Hi - I've been using 1password (1password.com family account) and recently moved from an iPhone 6 to an iPhone Xs. I am setting up the Xs - I didn't restore from a backup. I went to the App Store to download the 1password app. As expected the cloud icon indicated that my Apple ID had previously "purchased" this app. After downloading, during setup, suprrisingly, the 1password app knew about my family 1password.com URL (despite this being a fresh phone). I'm assuming some customer data gets pulled along via the Apple App Store - I didn't love this but it's understandable.

What I'm really curious about and a little worried now about is that during setup on the new phone I was never asked for my Secret Key. Isn't the Secret Key supposed to be required for all new installs of 1password / any new use of it from an unknown device?


1Password Version: 7.3
Extension Version: Not Provided
OS Version: iOS 12.2
Sync Type: 1password.com
Referrer: forum-search:new install didn't require secret key

Comments

  • Hi @agustya,

    When iCloud Keychain is enabled for your iCloud account 1Password will sync your sign-in URL, email address, and Secret Key with iCloud Keychain. From our "About your Secret Key" guide:

    Have peace of mind if you lose a device. Encrypted copies of your Secret Key are stored in your device backups and keychains to provide data loss protection. If you have iCloud Drive enabled and lose your Mac, iPhone, or iPad, you can restore from a backup and unlock 1Password with just your Master Password. It’s the same for Android backups.

    The most common threat to people's information security when using 1Password in my experience is the loss of access due to losing / forgetting their credentials. Because of the way our system is architected we never have access to anyone's Secret Key or Master Password and we cannot reset them either. As such the loss of either of these pieces of information would normally mean the complete loss of all contents of 1Password. By storing encrypted copies of the details outlined above in iCloud Keychain (when iCloud Keychain is enabled) we significantly reduce the chance of losing data.

    any new use of it from an unknown device?

    I would say that it isn't an unknown device, because it is signed into your Apple ID, and your Apple ID should be protected by 1Password.

    I hope that helps!

    Ben

  • agustya
    agustya
    Community Member

    Ok - That makes sense - the device backup part I was aware of but didn’t realize the secret key synced with iCloud Keychain

    Is there a way to purge my 1password data and encrypted copy of secret key from iCloud keychain (and any other keychain), and make it never sync things anywhere outside 1password.com? Since I already am using 1password.com’s cloud, I want to ensure my data is not stored in anyone else’s cloud. I understand it’s encrypted - but in my example, if someone stole my Apple ID credentials and set up a new device with access to an old one, they would need only my master password to get access to my vault on a new device. Sure, it’s a corner case, but my understanding is that the whole point of the secret key is to ensure that new device setups or instances of access to my 1password account are secured. I don’t want to trust apple or anyone else - only 1password!

    I have my secret key stored in a safe place so losing it isn’t a concern - I would like to prioritize knowing exactly where any data of mine is stored and being conservative about it - thanks!

  • @agustya,

    Is there a way to purge my 1password data and encrypted copy of secret key from iCloud keychain (and any other keychain),

    Other than using a Mac to delete the data from iCloud Keychain and then disabling iCloud Keychain on all devices there is not.

    and make it never sync things anywhere outside 1password.com?

    Just to be clear: 1Password data isn't synced anywhere outside of 1Password.com with a membership, but the sign-in address, email address, and Secret Key are.

    Since I already am using 1password.com’s cloud, I want to ensure my data is not stored in anyone else’s cloud.

    It wouldn't make sense to sync these items with 1Password.com since you need them to access 1Password.com. It would defeat the purpose.

    I understand it’s encrypted - but in my example, if someone stole my Apple ID credentials and set up a new device with access to an old one, they would need only my master password to get access to my vault on a new device. Sure, it’s a corner case, but my understanding is that the whole point of the secret key is to ensure that new device setups or instances of access to my 1password account are secured. I don’t want to trust apple or anyone else - only 1password!

    In that case you may want to consider disabling iCloud Keychain.

    I have my secret key stored in a safe place so losing it isn’t a concern

    That's great to hear. Most people aren't so diligent, despite urgings from us to do so.

    Ben

  • To add, If you have a Mac that's signed into the same Apple ID as your iPhone you can delete those saved credentials using the Keychain Access app and looking for com.agilebits.onepassword.B5Credentials.

    Ben

  • agustya
    agustya
    Community Member

    Thanks!

  • You're welcome. :)

    Ben

This discussion has been closed.