Master Password and iCloud Keychain

CanUK
CanUK
Community Member

I'm new to 1Password and since all my passwords are stored in one place I obviously created a complex 1Password Master Password.

Questions:
1. Is it advisable to store the 1Password Master Password in iCloud Keychain? I have written down the master password and key on paper for safekeeping purposes. However, having the master password stored on the iCloud keychain allows me to open the 1Password on my iPhone when the fingerprint reader does not recognize my fingerprint (that happens).

  1. If there is no issue in storing the master password on iCloud Keychain, can you have iCloud Keychain create the master password for you?

1Password Version: 7.9.5
Extension Version: Not Provided
OS Version: Mac OS 12.2.1; iOS 15.3.1

Comments

  • Hello @CanUK! πŸ‘‹

    I don't recommend storing your 1Password account password in iCloud Keychain. The account password is the "one password" that you should memorize while 1Password takes care of remembering all of your other passwords. Storing your account password in iCloud Keychain isn't advised for a variety of reasons including:

    • It increases the risk of someone else discovering your account password.
    • If you rely on iCloud Keychain to fill your account password instead of periodically typing it in then you might forget the account password and be locked out of 1Password if something happens to your iCloud Keychain.

    If you're looking to create an account password that is easier to type in and remember then we have a guide here: How to choose a good 1Password account password

    Let me know if this helps. 😊

  • CanUK
    CanUK
    Community Member

    I was planning to store it in iCloud Keychain and then turn off the feature in autofill password, In the event that I have to recover the master password, I would turn it back on to access it.

    I have a paper copy of the master password and secret key. However, I was looking at an easier way to retrieve the master password in the event I do not have the paper copy.

    How about storing the paper copy in the iCloud?

  • @CanUK

    Thanks for the reply. If you have iCloud Keychain turned on then 1Password already stores the equivalent of your Emergency Kit (your email address and Secret Key) in iCloud Keychain in an encrypted state. This is done to backup your Secret Key and to make it easier to setup 1Password on new devices.

    Regarding the account password: my recommendation is that you create a unique and memorable account password that you commit to memory. You can download and print your Emergency Kit, write down the account password on the printed copy, and then store the Emergency Kit in a personal safe or lockbox for emergencies. But your account password should be something that you can type in from memory whenever 1Password prompts you for it.

    Let me know if you have any questions. πŸ™‚

  • CanUK
    CanUK
    Community Member

    Thank you for the response.
    I believe I read somewhere that you should give a paper copy of the emergency kit (the key but the master password) to a trusted individual in case you lose your paper copy.

    I'm wondering, notwithstanding the fact that the person you give the emergency kit is trusted, can a person not gain access or change your master password with your secret key?

  • CanUK
    CanUK
    Community Member

    Sorry forgot to mention, I was told to turn off the iCloud KeyChain and if you have passwords on it you should erase them. You should only have 1Password turned on in autofill password option.

  • Ben
    Ben
    edited February 2022

    can a person not gain access or change your master password with your secret key?

    The Secret Key alone is not sufficient to access your account or make changes. The account password would be required as well.

    Sorry forgot to mention, I was told to turn off the iCloud KeyChain and if you have passwords on it you should erase them. You should only have 1Password turned on in autofill password option.

    Correct; we generally recommend only having one password manager (1Password) enabled. Having multiple (1Password+iCloud Keychain) is likely to lead to confusion and duplicates.

    Instructions on turning off saving/filling to/from iCloud Keychain can be found here:

    Ben

This discussion has been closed.