Please critique my plan for securing crypto keys with 1Password

Hi Team hope you are all well

Please check this plan for any serious points of failure... Bear in mind:

  1. That a physical copy of our private keys, is not ideal because I and my family travel a lot.
  2. That all of us in the family trust each other 100% with each other's finances.
  3. The biggest risk IMO is user error, e.g. mistyping seeds, and loss of a physical paper/steal copy.

Theoretical plan...

  1. We set up a Family Account, with our computers all running VPNs.
  2. We enable 2FA across the board
  3. We create a shared folder for each member that contains our:
  • emergency keys and master password
  • a screenshot of our crypto seed phrases (we delete the image, empty trash, and wipe our clipboard as soon as it's uploaded)
  • a secure note backup of seed phrases i.e. typed out (in case the image file becomes corrupted).

I understand that if a hacker manages to compromise one of our accounts we are all screwed, however, this seems almost impossible with 2FA and VPNs implemented.

Looking forward to your feedback.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_anaag_ana

    Team Member

    Hi @Danas!

    I just wanted to share a couple of documentation pages with you, which you might find interesting since you are thinking about the security of your accounts:

    About the 1Password security model

    Your 1Password credentials are the most important things to protect:

    How to keep your 1Password account secure

    And this is a page on 2FA and 1Password. 2FA is important, but since 1Password relies on encryption, it's important to understand exactly what 2FA protects you from:

    Authentication and encryption in the 1Password security model

  • @Danas I'm not sure what you mean by crypto keys and crypto seed phrases. Does crypto key equal 1Password secret key? And crypto seed phrase mean 2FA TOTP seed or long term secret?

    If so, this seems like a good plan for not ever getting locked out! I'm not sure what the VPN adds because your connection to 1Password is already triply encrypted. The benefit is that it will hide from your ISP that you are connecting to 1Password. The downside is that you share that same information with your VPN povider.

    An alternative approach is to make everyone a Family Organiser. So anyone can recover the account for anyone else without knowing their master password or secret key. The security benefit is that you wouldn't be able to see into each other's private vaults and an attacker gaining access to one of the accounts would only be able to access the private vault of that account.

  • ag_anaag_ana

    Team Member

    @missingbits:

    I'm not sure what you mean by crypto keys and crypto seed phrases. Does crypto key equal 1Password secret key? And crypto seed phrase mean 2FA TOTP seed or long term secret?

    Unless I misunderstood, I think they are referring to keys related to cryptocurrencies. And now that you mention it, I remember a blog post that we wrote about this some time ago, which could also be interesting:

    How to use 1Password to manage cryptocurrency

  • Thanks 1password team!

    I'll have a good read of those materials and write back if I get stuck.

  • ag_anaag_ana

    Team Member

    Sounds good @Danas, we are here if you have any questions :)

  • I've been trying to decide if I want to store my seed phrases in 1Password. The current line of thinking is that you never store them digitally. I have two hand-written card with my seed phrase and I keep them in my house. But if it ever burns down, I'm screwed. I guess I'm trying to decide if it's safe to store it in 1Password. I save everything else in it, so I'm probably being overly paranoid not doing it.

  • ag_anaag_ana

    Team Member

    @jwhitted:

    If you want to keep this information printed out, and not stored digitally, you can always make a copy in another physical location. Or would you like to only keep one printed copy?

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file