1Password on Mastodon

Longtime user but suddenly I'm locked out & can't even get online without Secret Key. Catch 22 here.

susanna42susanna42
Community Member

I've used 1Password from Day 1--EVERY VERSION-- but suddenly I'm locked out on iMac desktop, & my master password not recognized. I can't even get online without my Secret Key. But because have to be signed into 1Password to find Secret Key, It's a catch-22. I thought I'd purchased Password 7, (App Store probably) but there was no Emergency Kit--and none appears in my downloads. I can access 1Password on my iPad and iPhone, but Secret Key appears nowhere there. I'm very worried because my iPad Pro was stolen several days ago and I want to change my master password immediately--Help!


1Password Version: 7--latest
Extension Version: Not Provided
OS Version: Os 10.14.6
Sync Type: iCloud
Referrer: forum-search:Longtime user but suddenly I'm locked out & can't even get online without Secret Key. Catch 22 here.

Comments

  • LarsLars Junior Member

    Team Member

    Welcome to the forum, @susanna42! I'm sorry for the trouble. A few things, but first things first: regarding your stolen iPad Pro, I'm so sorry; that's awful. :( In addition to the physical loss and having to pay to replace a device, there's all this worry about data loss/theft as well, so I completely understand the instinct to want to change your Master Password.

    But hold off on that, and I'll tell you why: this is literally one of the situations 1Password was designed for. 1Password wouldn't be very useful if its security relied upon hoping that bad guys never get hold of your devices or data. Instead, we design 1Password under the assumption that an attacker has already gotten access to your data somehow, and what you've described is one of the easiest and most low-tech ways to do it: steal a device of yours. Any competent attacker who comes into possession of a device of yours and who really wants to target your data specifically (and not just strip/sell the device for its cash value) will extract the raw 1Password data file and run password-cracking software on it. This is precisely why we tell users to choose a good, strong Master Password and not share it with anyone else. Assuming you did this - chose a good strong Master Password and didn't share it with others or leave unencrypted copies of it laying around on your hard drive - then the computing power to brute-force guess your Master Password and gain access to your 1Password data is beyond the reach of virtually everyone. I'm not trying to make light of your situation or tell you everything's fine...just trying to talk you off the ledge here. If you had a weak Master Password or it's been disclosed to others, that might be a different issue. But assuming you used best practices with your Master Password, your 1Password data is probably the safest thing on that stolen device. I'd be more worried in such a case about other things - documents stored unencrypted on the hard drive, photos, etc. But I'd feel pretty safe about my 1Password data. I guess what I'm saying here is: don't panic.

    Let's try to get you back into your data on the devices you still have.

    You mentioned you thought you bought 1Password 7 for Mac from the Mac App Store, but users can't purchase version 7 for Mac outright from the Mac App Store because we don't sell version 7 as a standalone purchase there. Users wanting a standalone license need to use our version and purchase through our FastSpring store. You can download version 7 from the Mac App Store, but unless you have a 1Password membership/account, your data will be in Read Only mode if you have standalone data.

    Did you recently upgrade from 1Password 6? to 1Password 7 on your Mac? If so, when you upgraded, did you create a 1Password account/membership? You would only have a Secret Key (and an Emergency Kit if you created a membership)? Or did you just let version 7 import your older standalone data?

This discussion has been closed.