Secret Key in 1Password Vault?
Hello I have the trial of 1password and testing it.
I have a question about the Secret Key with Masterpassword. by default it cames with the installation in the 1password vault, but is that not a security issue?
Should I delete it and save it in another cloud or print it?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
It's secure. It's similar to physical vaults and physical vault keys where you might keep currently unused additional vault keys in the vault itself. It's only possible to access it, if you already authenticated yourself and signed in.
But it's important to store it additionally in some place external to 1Password, because you need it if you add a new device and at the same time don't have a signed in device.
For disaster recovery, print it, write the master password on it and in case you activated mfa for your 1Password account, also add a printed version of the mfa QR code. This enables you to get access to your 1Password account again even if you lose access to every computer device.
In general, make sure you store it in a place you still have access to, even if you sign out from every 1Password client and browser session, to avoid a circular dependency.
1 -
Thanks for the assist here, @Tertius3.
@Dax1, as mentioned above, the details of this account item are safe in 1Password.
Further to the comments above, you can save your Emergency Kit and write your account password in the space provided to ensure you always have access to your account:
I also wanted to provide a link to one of blog posts that discusses: Where to Store Your 1Password Emergency Kit
If you have any other questions, just let us know!
1
