understanding safety of cloud based sync (not the tech, just the results)

hi, taking this topic here from twitter. just trying to get my hands around the safety of moving from a private sync type product like SpashID to 1password. i am not saying that the splashid product is perfect security, but my understanding is that the entries are in a file, which remains encrypted local to the device, local to your mac, local to your pc, etc. with your product placing the file, keychains, files, whatever they are on icloud or dropbox, - without all the tech details - is that as safe if not better? in one model someone has to get a hold of the file to try and break it, in the other model it's out there already, with basic password security keeping someone with the tools from downloading the file to crack. no?

Comments

  • jpgoldberg
    jpgoldberg
    1Password Alumni
    Hi Harvey,

    Your 1Password data is encrypted locally. We never write decrypted data to the disk.

    Is it possible that I've misunderstand what you were asking?

    Cheers,
  • khad
    khad
    1Password Alumni
    Welcome to the forums, harveyb! Along with what Jeffrey wrote, I would add a few more things.

    [font=helvetica, arial, sans-serif]When people think about data security they mostly think about keeping their data secret, but along with data [/font]confidentiality[font=helvetica, arial, sans-serif] there are two other very important kinds of data security. One is data[/font] integrity[font=helvetica, arial, sans-serif] which means that no one can accidentally or maliciously modify your data. The third kind is data[/font] availability[font=helvetica, arial, sans-serif]. When security specialists talk about “CIA” they are talking about Confidentiality, Integrity, and Availability.[/font]

    [font=helvetica, arial, sans-serif]“[/font]Availability[font=helvetica, arial, sans-serif]” means that you have access to your data when you need it. For the data that we are talking about the threats to availability are rarely malicious. To throw out even more jargon, a malicious attack on availability would be a “Denial of Service” attack, but we'll focus on the more realistic threats to availability, some of which we see during the course of our customer support. Before you bail on reading this post, take a moment to imagine what would happen if you suddenly lost access to your 1Password data.[/font]

    [font=helvetica, arial, sans-serif]One threat to availability, about which we can do very little, is when people forget their master password. As we describe in our user guide, [/font]there is no back door[font=helvetica, arial, sans-serif], nor are there any secrets that we hold which would make password recovery easier. This is one of those trade-offs in security: In the interest of maintaining better confidentiality of your data, there is no mechanism to decrypt your data without the master password. But that is a topic for another thread. [/font] :)

    [font=helvetica, arial, sans-serif]One of the most heart breaking losses of availability that we see coming into customer support is either due to disk/device failures or accidental removal of 1Password data. The solution is, of course, to maintain good backups before the data loss occurs.[/font]

    [font=helvetica, arial, sans-serif]Just as the old adage about motorcycle riders and accidents, there are two kinds of computer users. Those who have experienced a catastrophic disk failure (or a lost iPhone) and those who will. Disks and disk controllers do fail. Computers get lost or stolen, and accidental removal of data do happen. Application cleaners, such as CleanMyMac or AppZapper, are the most common culprit for unintended removal of 1Password data on the Mac, but we've heard stories of users (or their children) accidentally removing 1Password from iOS devices as well. Good backups are the only way to prepare for such events.[/font]

    [font=helvetica, arial, sans-serif]So cloud syncing actually helps immensely with data availability. But does it affect data confidentiality?[/font]

    Your secrets in your 1Password data are safe wherever they are stored. Although we don’t recommend making your 1Password database publicly available to the world, we have designed it so that your username and password data (along with other secret data stored within it) is protected no matter whose hands they fall into. For this and other reasons we are very confident when we recommend cloud syncing of 1Password data with Dropbox. The remainder of this document goes into increasing detail about the security measures in place and issues surrounding them.
    1. Your master password is never transmitted from your computer or device.
    2. All 1Password decryption and encryption is performed on your computer or device.
    3. The 1Password data format was designed to withstand sophisticated attacks if it fell into the wrong hands.
    4. Dropbox provides an additional layer of encryption.

    You can read more in our "Security of storing 1Password data in the cloud" document which has been written to specifically address this concern.

    Of course, I can't think of many other better ways to show how strongly your 1Password data is protected than by pitting it against the pre-emeinent password cracking tool John the Ripper. That is exactly what we have done not too long ago. The short version is that your data is extremely well protected as long as you use a strong master password:

    1Password is Ready for John the Ripper

    If you are not sure about the strength of your master password please consider the tips we have posted for creating strong and memorable master passwords. You may be surprised by the technique:

    Toward Better Master Passwords

    It is great that you are thinking about these things. Please do let us know if you have any additional questions or concerns.
This discussion has been closed.