1Password on Mastodon

Sync options

Community Member
edited June 2013 in iOS

I thought the whole idea of 1Password was to keep your passwords to yourself...

I am very disappointed I cannot sync my phone with my desktop over wifi anymore.

1Password 4 is a 16 dollar downgrade.


  • khadkhad
    1Password Alumni

    Wi-Fi syncing never made it into version 4 since it was very brittle. You can review the Wi-Fi Sync Troubleshooting Guide yourself to see just how many things could go wrong.

    And this list didn't cover everything as we still have customers with unusual network configurations and have never been able to sync via the old Wi-Fi method. It's very frustrating to the users and for us.

    There are some valid use cases at the moment where direct sync is needed, though. For example, a really nice fellow from China emailed us explaining that the Great Firewall prevents all Dropbox access and he's been using Wi-Fi syncing as a workaround until iCloud syncing is available for Mac. We told him to keep using version 3 for now until iCloud support is available for Mac.

    Then there's the user experience itself: even when Wi-Fi worked it was cumbersome. You had to start 1Password on each device and trigger the sync. If you added new accounts and forgot to sync (or remembered to sync one device but not the other), you'd be without your data.

    For 4 years, all we heard about Wi-Fi sync was that it is a huge source of problems and disappointment for our customers. We rewrote 1Password from the ground up for version 4. There is no code shared with version 3. Re-implementing Wi-Fi sync again was never on the list.

    The iTunes File Sharing is more secure than Wi-Fi sync and does not have any of its connectivity issues. It is less convenient though. So we looked at ways to make things easier and have now rolled out USB syncing in beta form.

    If you cannot use Dropbox, you will be able to use iCloud in the new year when it's available on Mac. If you are unable to use iCloud and Dropbox and the iTunes File Sharing doesn't suit your needs, USB syncing is a great option.

    We're always evaluating new sync options, and we are very pleased to continue to offer a solution via USB where you can sync without relying on a central server but without all the heartache that Wi-Fi caused.

    All that said, Dropbox syncing is extremely secure.

    From the moment we designed the Agile Keychain data format we ensured that it was able to withstand an attack should your data fall into the wrong hands, either as a result of a Dropbox breach or if someone physically stole your computer. As such, we use AES encryption with PBKDF2 key strengthening to protect your sensitive 1Password data as well as many other mechanisms to stop an attacker from ever accessing your information and we detail this here:

    Security of storing 1Password data in the cloud

    So, as long as you use a secure master password that you don't use elsewhere, your 1Password data is incredibly safe even when stored on a service like Dropbox. If you're not sure about the strength of your master password, please do take a look at our recent blog post on this:

    Toward Better Master Passwords

    I can't think of many better ways to show just how strongly 1Password protects your data than by pitting it against the pre-eminent password cracking tool John the Ripper. We did exactly that:

    1Password is Ready for John the Ripper

    But the choice is yours to make. You can sync via USB if you are cloud averse. :)

    1Password USB Syncing

    If we can be of further assistance, please let us know. We are always here to help!

  • macmanmacman
    Community Member

    After I saw the article titled "Dropbox hack allows bypass of two-factor authentication" I'm not sure sure I believe the "Dropbox syncing is extremely secure" statement. :)

  • thightowerthightower
    Community Member
    edited July 2013

    Last line of the article states it has since been patched. - that article was http://thehackernews.com/2013/07/hacking-dropbox-account-vulnerability.html


    http://www.slashgear.com/dropbox-hack-allows-bypass-of-two-factor-authentication-05289228/ says

    "However, the security team that found the vulnerability is already said to be working with Dropbox to fix the bug."

    Furthermore keep in mind your data is alway encrypted in the keychain. Even on Dropbox's servers etc.

  • khadkhad
    1Password Alumni

    Sorry for not being clearer, @macman. I assumed it would have been obvious from the context, but that sentence probably could/should have read:

    "Dropbox syncing 1Password data is extremely secure."

    The point of all the links that followed that sentence is that even if Dropbox is breached, an attacker still does not have access to your 1Password data.

    If you have any further questions or concerns, please let me know.


  • mattonemattone
    Community Member

    I'm currently using Dropbox syncing between my home Mac, my iPhone (iOS 1Password 4), and my work Mac. This has worked great. The company I work for changed their policy and disallowed access to dropbox. Now I have my work Mac 1P out of sync with my 1P database.

    1. What's the best way to sync these different databases into one?
    2. What's the best syncing option long term w/out using Dropbox? USB, iCloud, or manually reset the work Mac with a new import every couple days? Other options?


  • khadkhad
    1Password Alumni

    Hi @mattone,

    Good questions. If I were in the same situation, I would use USB syncing for now and iCloud (if that's an option for you) when 1Password 4 for Mac is released.

    I hope that helps. Please let me know.

This discussion has been closed.