Why do I need a strong Master Password?
Comments
-
There are many ways an attacker could get your data file besides from Dropbox. In fact, as it seems that you are already aware, Dropbox is probably the least likely way someone would obtain your data file. Often we look at a security system (such as 1Password or even the way in which we protect our homes) and focus on the strongest parts of the system. Attackers won't try to get your data file from Dropbox. That would require too much effort. Depending on the attacker, it might be much easier to steal your laptop or use it when you weren't paying attention. Or you might lose your iOS device. From our "Toward Better Master Passwords" blog post:
Your 1Password master password is extremely important. Although we take steps to thwart automated password crackers you should still use a strong, memorable master password. Password cracking tools are becoming more powerful every year, and too much is at stake in your 1Password data. Given the strength of the encryption we use, your master password is likely to be the weakest link in your 1Password security. Don’t be too scared of that. Given how strong everything else is, it would be practically impossible to use and remember a master password that is actually stronger than 1Password’s encryption.
I encourage you to read the remainder of the post for our recommendation on creating a Master Password that is both sufficiently strong and memorable.
If you are not sure of the length you would be most comfortable with, there is a handy chart in our blog post about the password cracking tool John the Ripper which I also recommend reading.
I hope that helps. Please let me know if you have any other questions or concerns. It is great that you are thinking about these things.
0