How do I prevent 1Password v7 (Mac) from uploading my vaults to the 1Password server?
How do I prevent 1Password v7 (Mac) from uploading my vaults to the 1Password server? I want to store my vaults on iCloud or Dropbox but not on the 1Password server.
1Password Version: 7.9.3
Extension Version: Not Provided
OS Version: MacOS 10.15.7
Referrer: forum-search:How do I prevent 1Password v7 (Mac) from uploading my vaults to the 1Password server?
Comments
-
Hello @jon76! 👋
Can you tell me a little more about why you'd like to use iCloud or Dropbox to sync your vaults? Do you already have a 1Password account or are you using a licensed version of 1Password? If you have a 1Password account then I recommend letting 1Password.com manage your vaults since that's a much more secure and reliable option than using the older standalone vault system.
I look forward to hearing from you. 😊
0 -
Thank you for your response.
I have just upgraded from version 6 standalone to a version 7 subscription.
Storing the vaults on Dropbox or iCloud appears more secure because an intruder would require the Dropbox or iCloud password in addition to the Master Password. Storing the vaults on the 1Password server would give an intruder full access with only my 1Password account password. I am aware of the Secret Key but that info is stored in the browser until the user clears their browser history. If someone were to gain access to my computer then all they would need is my 1Password account password to gain access to multiple vaults. That is not as secure as storing the vaults in Dropbox or iCloud. I have memorized my long 1Password Master Password and would very much prefer to not have my vaults guarded by a second password on another server.
I am aware that I have the option of syncing with Dropbox or iCloud but it appears that the vaults would still be on the 1Password server. The user should have the option of storing their vaults elsewhere, exclusively. I hope that I am incorrect about this, so that is why I have asked: How do I prevent 1Password v7 from uploading my vaults to the 1Password server? Is it possible to select which vaults are or are not uploaded to the 1Password server?0 -
Thank you for the detailed and thoughtful reply! You mentioned the Secret Key and I wanted to take a moment to explain why the Secret Key is one of the reasons why storing your data in your 1Password account is more secure than using a third-party sync service. Unlike standalone vaults that are only protected using your password, your 1Password account data is protected and encrypted using a secret that is derived from both your account password and your Secret Key. A regular user's password is usually about 40 bits of entropy (a measure of how strong a password is) because passwords need to be memorized, this puts a ceiling on the security of your standalone vault. On the other hand, the Secret Key (which does not have to be memorized) has 128 bits of entropy which makes it impossible to guess or crack using today's technology.
You mentioned that Dropbox or iCloud protect your standalone vault with their own password but your password for those services is an example of authentication whereas the Secret Key is an example of encryption. This makes a world of difference when it comes to protecting your data since encryption protects your data using math (cryptography). You can read more about authentication vs encryption here: Authentication and encryption in the 1Password security model
Using a 1Password account to store your items also gives you access to the following features and security enhancements:
- More secure encryption data format and authentication process
- Two-factor authentication (2FA)
- Family sharing
- Secure sharing of items even with people who don't use 1Password themselves
- Item history
- Automated data backups
- Account recovery
- The ability to fill and save items using 1Password in the browser on the desktop and in Safari on iOS
It's for all of these reasons (and more!) that the next version of 1Password for Mac will only support 1Password account vaults.
Storing the vaults on the 1Password server would give an intruder full access with only my 1Password account password.
1Password account data is protected using both the Secret Key and the account password. If a malicious actor was to compromise our servers then they would still need both your Secret Key and your account password in order to transform your data from encrypted gibberish to human-readable data.
I am aware of the Secret Key but that info is stored in the browser until the user clears their browser history. If someone were to gain access to my computer then all they would need is my 1Password account password to gain access to multiple vaults
Can you clarify this a little further? If you've installed the 1Password for Mac app then an attacker with access to your Mac, and with knowledge of your password, would be able to unlock the 1Password for Mac app with your password regardless of whether you were using a standalone vault or a 1Password account.
All that being said, you can enable the creation of standalone vaults by following these steps:
- Open and unlock 1Password for Mac.
- Click on 1Password 7 next to the in the menu bar.
- Click on Preferences.
- Click on Advanced.
- Check "Allow creation of vaults outside of 1Password accounts".
You can then create a standalone vault by clicking File > New Vault > New Standalone Vault.
I hope that helps. 😊
0 -
Though a standalone vault can be created in 1PW7, surely this is going away in 1PW8.
;sur
But there is the possible self-hosting option if that ever comes to fruition. See https://survey.1password.com/self-host/0 -
The 'Allow creation of vaults outside of 1Password accounts' setting was the correct answer.
I am disappointed that this feature will apparently be discontinued in the next version.
Great app. Thank you.0 -
I'm sorry that you're disappointed. You can read more about our decision to go all in on 1Password.com here: What is the future of local/standalone vaults? — 1Password Support Community
Let me know if you have any other questions or concerns that I didn't address above. 😊
0
