changing master password

I realize you can't regenerate a lost password for the master password but is it possible for me to change the password that I selected since I don't think it is strong enough?

Comments

  • Never mind - I found my answer.
  • khad
    khad
    1Password Alumni
    edited December 2012
    Great news! Thanks for letting me know that everything is working well. :)

    In case anyone else comes looking for the answer to your question later, I'll post a link to the section in the User Guide:

    Changing your master password

    It sounds like you were changing your master password for a good reason, but for anyone else coming across this thread in the future, I want to specifically point out the last section in that link:

    Only change your Master Password if it is weak and needs to be made stronger or if it is also used for something else. Your 1Password Master Password isn’t like a typical Login password, and so security advice that tells people to change passwords regularly does not apply to things like your 1Password Master Password.


    In technical terms your 1Password Master Password is an encryption password instead of an authentication password; the advice used for one does not apply to the other. Once you have a strong, memorable, and unique Master Password you should not change it.


    If we can be of further assistance, please let us know. We are always here to help!
  • Glad it works for most people...
    I've run into a strange problem. I started using 1P some time ago, installed it on several machines, shared using dropbox - all worked. Then i decided to change master password. I did that on some machine, and expected it to propagate to others via dropbox. It did on most machines. On one though, it asked to enter old password first, but then all worked ok.

    But there is now one machine, which does not accept new password. It does accept old password. And all the rest works. Meaning - i create some item on one machine (with new master password), and after dropbox sync it appears on other (with old master password).

    Which brings up the question - how is this possible if master password is used for encryption? When i create an item on one machine it is supposedly encrypted using NEW master password. Then it is transferred to the other machine using dropbox. Dropbox can not decrypt these files (at least i hope so). Then on second machine i have files encrypted using NEW password. It should be impossible to decrypt then using OLD password. Nevertheless, it still shows me updated items.

    Any explanations?
  • khad
    khad
    1Password Alumni
    When you enter your master password, 1Password attempts to decrypt the encryption key which is 1024 bytes of random data generated when the data file was created. If the master password is correct, then the key is provide. Otherwise, nothing is returned.

    If the keys file has not been updated it will still accept the old master password.

    Are you still having trouble? If so, is the issue in 1Password for Windows (and not Mac, iOS, etc.)? Is the issue in 1Password for Windows itself, or is it in the browser extension(s)?
  • baga
    edited January 2013
    1. According to Dropbox, files are in sync.
    2. I zipped/copied/compared dropbox directory myself - files seems to be in sync indeed. All match, except some files like ...\Dropbox\.dropbox.cache\2012-12-30\contents (deleted <blah-blah>).js which exist on one machine, but not the other. But all of the differences are in \.dropbox.cache\ dir. Supposedly 1Password does not even have access to this place. All files accessible to 1Password are identical.
    3. On machine A i have to enter OLD master password in order to unlock data.
    4. On machine B i have to enter NEW master password in order to unlock data.
    5. All works and is stable, meaning i can create/modify item on machine B, and after dropbox sync'ed data, it becomes visible/accessible on machine A.

    Password change happened ~2 weeks ago. Machines were rebooted several times since. My environment:
    • Dropbox 1.6.11 (both)
    • 1Password 1.0.9.305 (both)
    • Windows 7 64bit (A - HomePremium, B - Professional)

    The fact that data are visible and updated on both machines, tells me that both machines have access to 'main' 1024 byte encryption key. My understanding was that it (main key) is stored in a file encrypted using master password. Obviously i was wrong, because EITHER of the old (macine A) or new (machine B ) master keys is sufficient to gain access to all data.

    So, how does it work?
  • khad
    khad
    1Password Alumni
    Is the issue in 1Password for Windows itself, or is it in the browser extension(s)?
  • Application. I don't know how it was in browser extension. Besides, after i renamed dropbox folder to 1Password.agilekeychain (so that it works on dropbox site), old password does not work any more...
  • svondutch
    svondutch
    1Password Alumni
    Where is 1Password accepting the old master password? Application or browser extension? What browser extension? (IE or Firefox or Chrome or Safari).

    I'm guessing 1Password is accepting your old master password in Firefox or Chrome. In that case, the solution is to un-install our add-on from Firefox or Chrome and then re-install it.

    Instructions are here: http://help.agilebits.com/1Password3/uninstalling_extensions.html

  • Where is 1Password accepting the old master password? Application or browser extension?

    Application. I mention this in ever post...
  • khad
    khad
    1Password Alumni
    old password does not work any more...

    It sounds like everything is working well now. Is that correct? My guess is that the data just wasn't completely synced. Once you renamed it that forced everything (including the keys) to be synced anew.
  • khad wrote:

    It sounds like everything is working well now. Is that correct? My guess is that the data just wasn't completely synced. Once you renamed it that forced everything (including the keys) to be synced anew.

    It is working now, correct. However, it was synced completely when old password was unlocking the database. As i explained, i copied whole directory by hand, and verified that all files on two machines were identical. And i changed some items on one machine, waited for dropbox to sync, rebooted both, verified that directories are identical again, and it was still old password on one machine and new one on the other.
    But now that i can not prove it, i am not sure what can be done.
  • khad
    khad
    1Password Alumni
    If everything is working properly now it would be hard to troubleshoot an issue that no longer exists. Please do let us know if you have any further trouble, though.
This discussion has been closed.