Confused about Masterpasswords

tiantai

Several weeks ago when I changed my masterpassword, I encountered some confusion which I hope to get a clarification for so I can understand what happened. Here are the 1Password versions I use:

• On my MacBook Air — 1Password 3.8.20 for Mac (eagerly awaiting upgrading to v4 when it comes out and if money is available!!)

• On my old iPod touch — 1Password 3.x for iOS (the latest version for v3; not upgradable to v4 because iPod touch is too old)

• On my iPad 2 — 1Password 4.x for iOS (latest version for v4)

The main data file is stored on Dropbox and iCloud in order to facilitate syncing across all devices

Now I'll give you the details which led to my confusion. And, because I got confused, I'm sure some of the details of what I'm relaying is a bit mixed up; bare with me!

• Several weeks ago, I decided to change my masterpassword. I don't remember on what device I changed it on first, but I think it was on the iPad which uses 1Password 4.x for iOS.

• Later, when I went to use my old iPod touch, I realise 1Password on my iPod touch wasn't syncing with Dropbox. I went to update the new masterpassword and it seems like there are two different kinds of masterpasswords: one use to access the Dropbox file, and another to access the iPod touch 1Password program? In any case, I couldn't figure out what was going on and decided to do a total reset and start anew. Finally, 1Password on my iPod touch was working, so that was good.

• Later in the day, I went to my computer to use 1Password and entered the new masterpassword. It wouldn't work! So I entered my old masterpassword and that worked. Then I noticed that 1Password was indicating that it was no longer syncing, so I had to update the old masterpassword to the new masterpassword.

So all of this has me very confused:

1. Even after updating my new masterpassword on one device, it seems when I go to the desktop version, to open the file I first have to use the old masterpassword, and then manually update it to the new masterpassword? Isn't this a security flaw? Imagine I found out someone figured out my masterpassword. Then, I go change the masterpassword on one device but can't access the other two because I'm not near them. The perpetrator who still has access to my old masterpassword can still get to the old version of the password files?

2. The 1Password 3.x on iOS confuses me because it seems to use several types of masterpasswords? There's the 4 digit unlock code to open 1Password. Then, there's a masterpassword to unlock high security items. Then, there's a masterpassword used to sync with Dropbox? I'm confused!!

As a result of reading the recent Hashcat blog post, I'll be embarking on changing my masterpassword to a much better one. But, before I do it for the 2nd time, I'd like to know what is the proper way to change these masterpasswords on all my devices so that syncing still works. And do clarify what's up with all that confusion :) Thanks!

khad

1Password 3 for iOS allowed a separate master password to be set. 1Password 4 changed this, so the master password in 1Password 4 for iOS will be the same as 1Password for Mac.

Just change your master password in 1Password for Mac. It will then be changed in 1Password 4 for iOS as well. Then you can change your master password (and optionally 4-digit PIN) in 1Password 3 for iOS.

Since you changed your master password for your data file, you'll also need to reset Dropbox syncing in 1Password 3 for iOS.

I think the only confusion is stemming from using the old version 3 of 1Password still. In 1Password 4 the master password is updated automatically if you change it on your Mac and Dropbox doesn't need to be reset since it is authenticated differently.

Please let me know if that doesn't work for you.

tiantai

Thanks! I'm glad to finally get a reply! :) I also looked at another post on Agile Lounge about best practices to changing a master password. That post was very helpful and I finally got an even stronger password as my new master password on all three devices. WHEW!

khad

Awesome! We've been a bit busier lately and normally reply to all inquiries within 24 hours. It can take a bit longer during peak times, but I'm glad you got it sorted out. Let me know if there is anything else I can help with. :)

Cheers!