Emergency recovery upon death

awolfe
awolfe
Community Member

Hi guys, I've tried to research how 1Password deals with access receovery upon death. In past threads, I've seen some replies that it's in the pipeline... but I don't see anything about release dates. Is this something that's included in this new Version 8 release? Can you please speak to how and when such a feature would be implemented?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • Hi @awolfe

    It is an important topic, and I'm glad folks are thinking about and planning for it before it is too late. The Emergency Kit remains the recommended solution for passing along your 1Password data in such an event. We would recommend printing a copy, filling in the Master Password, and storing it either with your will or in a safe location such as a bank deposit box or fire safe.

    Ben

  • smartboy
    smartboy
    Community Member
    edited January 2022

    Hello Ben, as awolfe was mentioning a long list of questions/answers, I also see all the questions and it is quite confusing sometimes. Now you said the Emergency Kit is the only proposition that is proposed by 1password. I am not very happy with that situation because you expose the master password and the secret key in one pdf and you have to put this pdf in a very secure place. And then this is the chicken/egg story... May be in the US, you also have some legal issues but it is like giving my printed emergency kit to a foreigner. I like the idea to send an email to a trusty person after my death. What does it mean after my death from the 1password point of view ? It means after a period of inactivity. We normally use 1password every day. 1password should know that we are using it each time I should enter a password. So, let say I don't use 1password for 7 days. Then automatically, 1password will send my master password to my trusty person (predefined). What do you think ?

  • Hi @smartboy:

    Great question! The short version is simply that we don't have the ability to decrypt your information or provide anyone else with your account password: About the 1Password security model

    What other password managers tend to offer is a key escrow solution. A key to your encrypted data is then encrypted itself. This key is encrypted using the public key half of a keypair. The person you have selected as your emergency contact has the private half of the keypair in their password manager account. When this individual requests access for digital legacy reasons, you receive notifications to stop the recovery process, and if you do not stop it in time, your encrypted data key is sent to the individual, and as they have the private key, they are able to decrypt the key, and then decrypt the password data sent by the password manager as well.

    The catch with this method though is when you distill it down, in the event of you being incapacitated, your data is not protected by cryptography, your data is protected by access controls. The only thing preventing the password manager service from sending your encrypted key and your encrypted password data to the emergency contact is trust. There's no cryptographic lock preventing them from doing it, it's just a promise.

    This is definitely something people have asked for before. If we do implement a feature like this, it has to be designed with the care and cryptographic security we expect from 1Password. I hope that answers your question!

    Jack

This discussion has been closed.