2FA Lost PC

I have read through the material and the support community but cannot find this precise case: If my account has 2FA with eg Authy and the PC is stolen, I understand that I could go online from another device and deactivate the stolen device or require 2FA on it for its next login. My question concerns the case where I might not know the device was stolen for several days (eg, left at home during traveling). So, now the thief has my PC and let's say he cracks the PC password and somehow cracks the 1PW Master Password. Then he has full access to 1PW vaults since the device and the browser was previously authenticated. If there was an option to enable 2FA on every login, yes that would be an extra step that I'd have to take every time and might be called security theater, but given the above case, 1PW's 2FA is no help. (Yes I know the PC password and the 1PW Master Password are the lines of defense here, but why have 2FA as an added security level if it's not used?) Appreciate any enlightenment, thanks.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:2FA Lost PC


  • @jlt122 If the PC has already been used to login to 1Password then it contains a copy of your password database and Secret Key. So someone who has access to your PC, knows your device password and knows your Master Password will be able to access your database.

    1Password uses 2FA as a means of preventing someone with access to your Master Password and Secret Key from downloading a copy of your database from 1password.com. It operates on the server side and is based on authentication rather than encryption. Incorporating an additional authentication step in the 1Password app on an authorised client device does not help because an attacker already has the database and could just bypass the 2FA by opening the database using decryption software.

    Its possible to devise a 2FA scheme based on encryption and hardware security keys. However, that increases the costs for users, greatly increases the risk of them locking themselves out and is not currently supported by 1Password.

    I know you know, but for anyone else coming across this thread: to protect your 1Password database from local attackers; set a strong Master Password, set a strong device password and, if your device supports it, enable storage encryption.

  • @missingbits -- thanks, couple followup points if you don't mind ... you said (paraphrasing) that adding an additional authentication step on an already authorized device does not help (in the stolen device case) because someone who has stolen the device and hacked into the device password and the 1Password master password has access to the 1Password database and could open the database using decryption software. I think that's your point. I understand the logic of the point. However - is the encryption 1Password uses so easily cracked? To me, who is not an expert in authentication, it seems that a customer cannot protect their stolen device via 2FA because the 1Password encryption is easily decrypted, and so for purposes of a stolen device, 1Password suggests strong device and master passwords, whereas other software, and the industry as far as I can tell, says 2FA/MFA is the way to go.

    I'm also a bit confused by the statement that 1Password recommends device storage encryption. Yet you said the encryption that 1Password uses can be decrypted by an attacker. One side of that argument says that 2FA is not used because it doesn't add anything since 1Password can be decrypted, while the other side of the argument says your best defense if to use device encryption. Huh? What am I missing. Is the 2FA/MFA that, e.g., LastPass uses to solve the case of a stolen PC also useless?

  • plttnplttn
    edited February 23

    The reason why other software and the industry as a whole recommend 2FA/MFA is because it's a stronger form of authentication.

    Authentication: "I'm @plttn, can I get my cute pictures of cats, here's my password". Adding 2FA turns that sentence into "I'm @plttn, can I get my cute pictures of cats please, here's my password, and the color of the day". However, someone could impersonate me, and say my secret password and the color of the day. 2FA drastically raises the bar for authentication, but 2FA doesn't really change anything for encryption. Additionally, authentication is based on trust. The person handing out my pictures of cats could just give it to someone else without properly checking their credentials, and there's nothing I could do about it. An important note about 2FA, it cannot perform decryption operations.

    Encryption: "hey person claiming to be @plttn, here's an encrypted blob of your pictures of cats, if you're actually @plttn you can decrypt them". This has no trust in the person holding my blob of cats involved. If I type in my master password, I can open my encrypted blob of my pictures of cats. The person holding my blob of cats could give it to whoever they wanted, and I could trust that no one could open my pictures of cats. (this is mathematical trust that no one could open it, not a social construct of trust)

    The catch (and why 2FA is only applied for the first login to a device) is where these two interact. Remember, 2FA provides authentication, it doesn't provide encryption. 2FA requires a two way communication with a server to be secure, no matter how it's implemented otherwise it becomes pointless. TOTP (the 6 number one) requires an time algorithm and a seed to be in sync (ignoring U2F completely because the spec is only designed for https full stop). The naive solution is "check the TOTP pin against the client", well now your client by definition has to know the algorithm and your seed to verify your OTP, and logically can't store that encrypted because otherwise how do you decrypt your vault, so there's potentially a copy of the algorithm and the seed in the clear on your computer. This isn't very secure for obvious reasons, so let's move the OTP seed down the chain one.

    So we say "okay, what if we store the seed in the database, decrypt on the master password, then we've got the seed, and ask for an OTP and check if they match, and then allow the user to view the database". Well now you have the problem of trust. That 2FA is now a "pretty please don't reveal my database to the user, even though some of it has been decrypted", and isn't providing any actual security since the database is either completely in the clear in memory, or maybe in a more complicated implementation, only decrypting the part that holds the OTP seed (which has the same problem as the last paragraph).

    So now we go "okay, checking the TOTP against the client is a terrible idea, what if we check against the server, this way we don't have to worry about the seed ever being in the clear on the client when the user isn't fully authenticated/decrypted". Well now we're getting somewhere. The seed isn't in the clear anywhere on the computer, and there's no way of really attacking it while it's decrypted to try and get at the seed, because it's just not there. Of course now there's a few new problems. Problem 1: 2FA isn't adding any decryption strength to the vault, it's just asking Agilebits servers "can I open this vault?", so we have to trust Agilebits to not send back a "sure go ahead" if the OTP is wrong. Problem 2, which I consider to be the bigger nail in the coffin for every unlock needing 2FA: "what do we do if the computer is on a plane, or in the jungle, or airgapped?" Do we just not allow the client to ever open a vault at all if it can't contact Agilebits? That seems fairly annoying from a user experience point of view, so clearly we have to do something better. Well I guess if we can't contact Agilebits, we should just skip the OTP prompt and decrypt so the user can get access to their vaults. And there's the rub. If you make it so that you can access the vault without internet without checking an OTP, well now the attacker with physical access to your device can just turn off wifi, pull out the ethernet cable, blackhole Agilebits URLs so they're unreachable, etc etc to remove the need to check 2FA. This ignores the fact that the 1Password vault format is relatively (if unofficially) well documented, and an attacker with access to your device could just attack the vault using a third party tool that can open 1Password vaults (if given the correct Master Password and Secret Key) without ever having to check any OTPs.

    the tl;dr: 2FA is great at authentication, but requires trust. 1Password is based on trusting Agilebits as little as possible, so 2fa every time doesn't add anything, and in many cases would actually add friction.

  • edited February 23

    @jlt122 It's not that encryption is easy to hack. 1Password use industry standard encryption libraries that are available to anyone. This is much more secure than baking your own encryption algorithms because they have been used and checked by lots of people. To do otherwise is security by obscurity and risks inadvertently introducing weaknesses and backdoors. However, this means that anyone with access to your Master Password, Secret Key and password database can open the latter.

    You are responsible for securing your Master Password and Secret Key; 1Password has no knowledge of these. 1Password is responsible for only giving your password database to someone with your Master Password, Secret Key and, where it is enabled, your 2FA credentials. To put it another way: the opening of your password database is secured by encryption; the download of your password database to your device is secured by authentication.

    You're right that the industry is focusing on 2FA/MFA right now. This is because most online services don't encrypt the users data and so authentication is the only protection they provide. You have to trust the service provider not to give your data to someone else, this is not the case with 1Password because they cannot read your data. Only the person(s) holding the Master Password and Secret Key can read the data due to encryption, but this relies on you securing these. So in a way 1Password is providing a security mechanism and its up to you to use it wisely, i.e. use a strong Master Password and don't give it to anyone else.


    I don't speak for 1Password and I've not seen them recommend device encryption. That was my own response to your particular concern. All my devices are encrypted because I don't just have 1Password on them. The data I store on my home PC is at least as valuable to an identity thief as the data I store at 1Password. So it it protected with storage encryption which also protects my 1Password database.

    I moved away from LastPass mainly because of the unclear security model and multiple recovery mechanisms creating unnecessary backdoors. However, I also didn't like the security theatre of repeating 2FA every 30 days on every device. Anyone with access to the device who knows the Master Password can export the whole database during that 30 day period and then use the data forever more without any restriction. Even after the end of the 30 day period they could still use decryption software to recover your passwords.

  • ag_yaronag_yaron

    Team Member
    edited February 23

    Hey @jlt122 ,

    I think we can clarify this by defining what sort of attacks are available for an attacker and what are the best methods to protect yourself from them.
    An attacker has two basic options: Attacking remotely (online) or attacking locally (with physical access to the device).

    2FA was made to prevent the first kind - online attacks, which are the most common ones by a mile, by adding another layer of authentication to the signin process. It does not encrypt or decrypt anything, and therefor is useless when we talk about a local attack when someone has physical access to your device.
    So our main goal here is to help keep your data secure on our servers by preventing unwanted attackers from being able to access your account online, even if they somehow obtain your Master Password and Secret Key. That's where 2FA comes to the rescue.

    If an attacker gains physical access to your device, as @missingbits explained so thoroughly , your Master Password and your operating system's defenses are the front line. Your operating system allows you to lock itself with a password, and it also allows you to encrypt your entire hard drive, which is very recommended if you fear for your data, since the operating system's password can be easily bypassed by removing the hard drive from the computer and connecting it to a different computer, which will reveal all files on that hard drive. But if the hard drive is encrypted, then the files are inaccessible even when using this method.
    Your Master Password is what it all comes down to if an attacker got his hands on a copy of your 1Password's database (if the hard drive is not encrypted and he bypassed your operating system's password). The complexity of cracking your Master Password depends on the strength of it. If you fear your Master Password is not strong enough, you can always go to 1Password's generator and create a new one, then change it on your account. We usually suggest strong worded/memorable passwords because they are easy to remember and type, but are very strong: https://1password.com/password-generator/?type=memorable

    Cracking passwords is only as easy as the password's weakness. If it is a password you made up, if it is too short (e.g. under 12 characters) or if it was already found/cracked online somewhere in another website that was breached, then there's a good chance someone will be able to crack it, if they can actually get physical access to your computer. Keep in mind that all of this is just a huge amount of IF's; if someone steals your computer and if they know what 1Password is and if they can bypass your computer's password and if your hard drive is not encrypted and if they have the knowledge and means to crack your Master Password and if your Master Password is not strong/long enough, only then they'll gain access to your local data.

    Same things for your 1Password.com account; If someone knows you are using 1Password and if they are able to obtain your email AND Master Password AND Secret Key and if you don't have 2FA enabled, then they'll be able to access your account.

    The more if's you have the less likely this can happen. :chuffed:

  • @missingbits @plttn @ag_yaron - thanks guys - a Master Class.

    Read it all, couple times so it sunk in. :) Clearly I was focused too much on 2FA, rather than on the full scope as described above - which needs to solve for multiple variables including authentication, encryption, online attacks, local attacks, access when internet not available (requiring a local db), the security of recovery mechanisms, device/operating system security, and as @ag_yaron summarizes getting a whole lot of "if's" in place.

    I'm switching from LastPass, beefing up device password, likely encrypting the hard drive, and relieving myself of the misguided comfort of constant 2FA for my passwords. And I may start 2FA-ing other sites using 1Password's or Authy's capabilities. Thanks!

  • Meant to add ... 2FA-ing via 1Password or Authy other sites where the data is not encrypted and so they just use SMS 2FA.

  • Great discussion, folks. Helps to shed unwarranted sense of invulnerability. Layers, lots of layers to this game.

  • ag_yaronag_yaron

    Team Member
    edited February 23

    Glad I could help, and also thanks to @plttn and @missingbits for participating :)

    @jlt122 Other websites often don't need to encrypt anything besides your password, and you don't need to decrypt anything in order to access your data on the website (e.g. you don't need your local supermarket website to encrypt your saved shopping list). It is fine that most websites only require authentication and not encryption in most cases. 2FA is that extra something that prevents a remote attacker from accessing your account even if they obtain your username and password.

    It is always best to use a TOTP (temporary one time passcode) via 1Password or Authy than an SMS one because phone numbers and SMS's are vulnerable too to some extent, but that's a whole other story :chuffed:
    It is still better than nothing, so use that if no other options are available.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file