How to disable online sync / login to keep passwords local only?

steaven
steaven
Community Member

Hello

I am going to upgrade and migrate my 1password data from 6 to v7.
But I am looking for a way to keep my data local only without share them online.

I know ... everything is encrypted but you never know.

By the way ... a option to lockdown Weblogin and/or sync would be great for users how don't want to use them.
Can be the Weblogin turnt off?

Keep going with that great product.

Steaven


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @steaven!

    If you are currently not syncing your data anywhere, upgrading the app from version 6 to version 7 will continue keeping your data locally ;)

    If you plan on creating a 1Password Membership instead, as part of the upgrade, make sure you keep your data inside your existing Primary vault so it's not synced to your 1Password account.

  • steaven
    steaven
    Community Member

    Hi @ag_ana

    I would normally prefer to use 1Password 7 without 1Password Account Membership and just pay my subscription. In general, I missed clear settings to disable that web service https: //my.1password. because I simple don't need it. Is there no possibility in the options?

    Of course I trust that the people behind 1Password do a good job. However, the fact that something could possibly be syncronized online without me wanting to do this makes me a little nervous.

    I would like another license management that allows more control over what is matched online wherever.
    I hope you understand exactly what I am about. English is not my best language.

  • Ben
    Ben
    edited April 2020

    Hi @steaven

    I understand the hesitation, however 1Password membership was built with security in mind from the ground up. All of your data is encrypted using keys only you have before it is synced:

    About the 1Password security model

    In fact we've even gone so far as to include a special "Secret Key," which is generated by your computer when your account is created, and your data is encrypted with that in addition to whatever Master Password you choose. This makes even offline attacks against the data stored on 1Password.com impractical:

    About your Secret Key

    In short you're protected even from us by not just policy but also by encryption. There is no way for anyone to access your data without both your Master Password and your Secret Key, which are never transmitted over the network and are never seen by our servers.

    my.1password.com isn't like a traditional website where you give it your password, the server checks if the password is right, and then either lets you in or not. I like to describe it as a "web app" vs a "website," as that is a more accurate description. Though you enter your credentials into this web app, they do not leave your web browser.

    I hope thatI hope that helps. Should you have any other questions or concerns, please feel free to ask.

    Ben

  • steaven
    steaven
    Community Member

    Hi @Ben

    I tried to transfer data local on the same Mac from 1Password 6 (Appstore Version) to 1Password 7. I have an 1Password Account because the ways to get 1Password7 more or less require it. But if I try to Import Data the only destination shown up is to my online account and I can't select the local Primary safe. As far as I know.

    Is there no way just to point on a 1Password 6 Backup and import it to 1Password 7?

  • @steaven

    Accounts are the way forward, yes. You can import your existing data into 1Password 7 (and your account) using the File > Import menu in 1Password for Mac.

    Ben

  • steaven
    steaven
    Community Member

    by the way Regardless of whether it is encrypted or not, wouldn't it be better to let the user decide where he wants to store by default his data? I personally would have found an option to activate the online account instead of vice versa better.

    Please don't get me wrong. I really like 1Password and like to use it. Personally, however, I feel better letting the user choose yourself than making the decision for him.

  • steaven
    steaven
    Community Member

    Hope I have been able to clearly communicate the content.

  • steaven
    steaven
    Community Member

    No matter what I do the backup files or the 1Password.opvault are gray out (not able to import) in 1Password 7.

  • Ben
    Ben
    edited April 2020

    Many of the functions of 1Password would not work at all without 1Password.com. That is one of the primary reasons we developed the membership service in the first place. We found 3rd party sync services didn't offer the flexibility we needed in order to build out 1Password. As such membership is the defacto for 1Password now. Membership isn't just a "sync" service. Membership is 1Password.

    No matter what I do the backup files or the 1Password.opvault are gray out (not able to import) in 1Password 7.

    If the backup is an OPVault then you may find that double clicking on it produces a better result than importing. Double click on the OPVault file, which should create a Primary vault in 1Password, and then move the contents from the Primary vault to the Personal vault. Once complete, delete the Primary vault:

    https://support.1password.com/migrate-1password-account/#set-up-your-other-devices

    I hope that helps! Please let me know how it turns out.

    Ben

  • AllenH
    AllenH
    Community Member
    edited May 2020

    I too question where I want to save my data. I think since this is a security company, this should be an understandable concern from the security conscious user. We've all seen major houses have data breaches, and no matter how good a company hopes to be, there have been problems in the past. (This is why often some users only choose programs that have open code for review by the community before using it. I don't personally go to that level, but I can understand that level of concern.) I think what we're asking is some control over whether data is sent to a server for storage or not. I can easily see a situation where there are different levels of security, different security models and different acceptable security concerns (like availability across a family vault with a lower secure password). I moved over to subscription to try out the service recently, and unfortunately every historical password was sent to the servers for access via the website. I definitely didn't want that to happen, so that's a bit concerning.

    Is there a mode of operation where we can choose to store passwords only locally, use vlan sync, and choose which passwords get sent to the website interface and family sharing settings? It seems like there is, but possibly the default is to send everything to the web-interface?

    I think that's the concern of the poster above (and is also my concern).

    Thanks for your thoughts, and for listening. It's the sign of a good company- one that understands the concerns of the users. (and is also being willing to be honest if my use case, or the ones above, are not useful for the company to concern itself with - i.e.- the user base is too small, and the product is "not for us")

    Thanks for your thoughts!

    edit- quick edit here- since there are moves in congress to seriously alter the encryption landscape- forward thinking is often the model here for users as well- what happens if a back-door is mandated? will there be disclosure from the company? a warrant-canary? The trust in the system to store everything has to be the highest possible trust.

  • AllenH
    AllenH
    Community Member

    Is there a use-case or method where we can prevent the uploading of the whole vault to the servers/website interface (or even just the website interface)? I understand that the company sees a cloud-based approach as the future... but the company started as a local-storage, local-syncing focus.

    With congress trying to change the encryption landscape, we're all a bit concerned about disclosures, methods, etc., and control of high-trust systems.

This discussion has been closed.