Migrating from local vaults to 1Password 8?

Hi all,

Currently a 1Password 7 user that uses purely local vaults, and I'm looking to migrate to 1Password 8. But some complications are involved...

  • My personal credentials/secrets I'd like to migrate to 1Password 8
  • My work-related credentials/secrets cannot be migrated due to various security policy restrictions at the companies I work with. Those will either have to remain on 1Password 7, or (more likely than not) moved over to another password manager that still supports local vaults (thinking KeePass currently, no final decision yet).

So I'm trying to figure out the best way to do this. Thus far all I've done is gone through my Vaults and ensured all of the work-related credentials are in separate vaults from my personal credentials—I've also gone through my recycle bins on these Vaults to ensure no cross-contamination.

So... a few questions:

  • Can 1Password 8 read local vaults and upload them to 1Password.com? Or do I need to do complete that migration before I upgrade?
  • Should I outright remove the work-related vaults from my machine to ensure they don't get uploaded to 1Password.com?
  • Can 1Password 8 export to a KeePass database or at least a CSV file? 1Password 7 doesn't seem to have any export functionality on Windows.
  • Is there added metadata stored within my local vaults that may contain work-related materials that I need to be concerned with before I go through this process?

Or perhaps it is just better to ask a blanket broader question: How should I do this migration??

I also use 1Password on my macOS laptop. Obviously 1Password 8 hasn't been released yet on macOS, but that is available to me to help me through this migration if I need to use some of the added functionality built into the macOS version of 1Password.

Thanks!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • 1Password 8 does not support vault migration whatsoever , there only seems to be an export option ( running windows 11 ) 1Password have been trying to discourage local vaults for years. I have tirelessly searched for vault importation but cant find it and during further inspection of articles online it appears 1password have abandoned local vault support.

    If your work doesn't permit you to upload confidential information and files onto a cloud based password manager as you mentioned, then I would recommend sticking with 1password 7 for those work-related vaults or use keepass.

    keepass is recommended by the swiss, French and German governments for data security , so if you were going to use something other than 1password then, yes keepass. I personally use 1password for everything, they're white paper and technical specs are very comforting and reassuring.

    I don't believe a local vault that's imported would ever go online without your permission, its not something that just happens automatically.

    I would double check though, on 1password 7 make a local vault then import it again. Once you've done this log into 1password.com via the web browser and check if its on the web, however I'm 90% sure your local vaults aren't automatically uploaded. I haven't used local vaults for a long time, so I cant really remember.

    I dont think any metadata of importance is visible in an encrypted state , other than time creation the windows user who created it etc...

  • ALSO , yes keepass accepts 1password imports. 1 Password has a special export format.
    https://support.1password.com/1pux-format/
    1 Password 8 deals with the 1pux-format , but 1password7 does various export file types like .txt and .csv

  • PeterG_1PPeterG_1P

    Team Member

    Hi @Ragnar_Kon , thanks for taking the time to let us know about these considerations you're facing. I'd like to connect you with our migration specialist team that handles these very issues. If you can send a brief email to [email protected], and include a link to this discussion, they should be able to help you navigate the process. You've already so clearly laid out the situation here that they should have a great basis to get started! 👍

  • edited November 24

    Just in case anyone come across this... the whole migration process is super simple and I was making a big deal about nothing.

    When you first sign in with your 1Password.com account, it asks if you would like to migrate all of your credentials. In my case I obviously picked "No". From there it's literally just drag and drop between your local vaults and your new online vaults.

    I only ran into two issues:

    1. My Yubikey security key didn't work at all on my 1Password Mac client (7.9.1), still don't know why. The Windows 7.9.1 client doesn't support security tokens either, but I believe that is a known limitation.
    2. If your credentials have file attachments, they don't automatically delete from your local vaults after you have moved them to your online vault. I have no idea why, but I assume it is a bug. I didn't realize it at first and ended up with 5 copies of the same credential on my online vault from me trying to move the same credential over multiple times.

    Now the next task for me is to figure out how to export my local vaults that cannot be imported to 1Password.com to a format that KeePass understands/supports.

  • edited November 24

    Does 1Password 8 Windows not have local vaults? I have 1Password 7 Windows at work, and I see the vault hanging out in my filesystem. At home, I'm using 8, and I see no such folders. Did they disappear, or just move?

    If local vaults are gone, if everything in cloud-based, I'd like to know what the plan is if 1Password has an outage.

  • PeterG_1PPeterG_1P

    Team Member
    edited November 24

    @Peter_Wang These are great questions! I'm happy to assist.

    1Password 8 is based on the architecture of our 1Password.com service, which means that it does not have the kind of standalone local vaults that license customers have historically used. However:

    1. That doesn't mean that all the data is "in the cloud" (and thus at the mercy of a potentially dodgy internet connection). While our servers do maintain an encrypted copy of a given user's database, each device where you use 1Password also has a local 1Password database on it. That means that you can be out on a boat in the middle of the ocean, open your cell phone, and successfully unlock your 1Password app even though you don't have cell phone signal.

    2. Having a local database on each device also provides redundancy as well. For example, if you use 1Password on a laptop and a cell phone, you have 3 copies of your data available: the one on the phone, the one on the laptop, and one in our servers. Keeping all this in sync without making extra work for you is part of what the 1Password.com system does.

    In terms of outages, there is also redundancy within our servers as well, although again the fact that you can open your data directly from the database on your device is of primary importance.

    And for anyone who's curious, we actually have a site where you can check out our uptime and where scheduled infrastructure maintenance that might impact availability is announced. Currently we have a 100.0% uptime average. 😎

    https://1password.statuspage.io/

    I hope this provides some helpful context about how 1Password 8 (and 1Password.com) work. We understand that being able to access your data is important. 👍

  • edited November 24

    That's very helpful to know that you have high-availability cloud and a local database. I'm going to shut off my Wifi and see what happens. :)

    PS - Works great!

  • PeterG_1PPeterG_1P

    Team Member

    Thanks for the test, @Peter_Wang! My pleasure to assist with your question. 😃

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file