iPassword should not ask for "Master Password" on initial iCloud installation

nmarshall
nmarshall
Community Member

Hi

The User Guide says that when I first install 1Password I should be offered a choice between "I'm a new user" and "I've used 1Password before".

However, instead of this it immediately displayed a message about searching iCloud and then asked for my Master Password.

This caused a bit of an issue, as I have just set up 1Password V4 on my iMac and iPad (both new installs - I have not been a user of version 3) and have different passwords on each (the desktop one is longer and uses more shifted characters), so there is no such thing as an "iCloud Master Password" - the concept makes no sense in such an environment.

I guessed it might be the iPad password that was wanted (it was an even bet, but that failed, so I tried the one I used on the iMac, which did work and everything appeared to sync. I then changed the local Master Password on the iPhone to be the same as the one I use on the iPad, which again seemed to work fine.

However, I was so convinced that I must have done something wrong that I deleted the app from the iPhone and reinstalled it, hoping to see the "initial choice" screen, but once again it went straight in to searching for iCloud. When it asked for the Master Password I entered the one from the iMac, which had got me in to the database before, but this was not accepted. This time it wanted the one from the iPad and it had retained that password, so I didn't need to change it after the installation. [I had been using all three devices in the meantime, so I don't know which was the last password I used, which may be significant...]

I have seen various other discussions regarding iCloud and unrecognised passwords or being asked to use out of date passwords, but nothing that precisely matched my circumstances. I've got everything appearing to work, so don't need a fix, but I do believe that there's something badly wrong with the current way things work. I'd welcome your comments.

As an aside, I made the choice to use a slightly modified password on the iOS devices (still 20 characters long) as I felt that the risk was lower in relation to them as they are always with me and can be remotely wiped if they are stolen (and I really didn't want to have to shift to the third level keyboard to type one character...), whereas the desktop machine was more vulnerable to unnoticed access. Does this make sense?

Regards

Nick

Comments

  • Megan
    Megan
    1Password Alumni

    Hi Nick, (@nmarshall)

    I apologize for the confusion when setting up your devices. After installation, 1Password will check for data in iCloud first, and if data is found there, it will be loaded automatically, without the new user screen. This is something that we are considering changing in the future, as we have had several users comment that it is not intuitive.

    I think the trick here, if I understand you correctly, is that you are currently maintaining two separate databases. With 1Password 4, a database has 1 Master Password across all computers and devices. So, to keep your data synced across your Mac, iPad and iPhone, you would use the same Master Password for all. By setting 2 different Master Passwords, you will have two separate databases that will not automatically sync.

    This is perfectly fine, it will just require you to decide which sync solutions you are using for which database, just so that things don't get confused. For example, you could keep your iOS database synced via iCloud and use Dropbox to backup your Mac data.

    One final note about your passwords, I'm glad to hear that you are thinking about the security of your data, and wanting to be sure your Master Passwords are secure. :) The best protection for your data, across all computers and devices, is going to be a really strong Master Password. This doesn't mean though that you need a long, unrecognizable string of characters, numbers and symbols. We have an article that discusses how to create great passwords using random words (which are both easier to remember and type!) You can check that out here if you'd like to learn more:

    http://blog.agilebits.com/2011/06/21/toward-better-master-passwords/

    Please let me know if you have any further questions - I know that's a lot of information :)

  • nmarshall
    nmarshall
    Community Member

    Megan

    Thanks for the response.

    I don't want to tell you how your product works, because I'm a brand new user and I haven't the faintest idea how it works, but I can tell you that what you say does not match my experience. It seems to be rather more subtle (and perhaps tied to the order of login to the iCloud database?).

    Here's some extra / clarifying information that the developers might find useful:

    1) I have 1Password set up on all three devices (Mac, iPad, iPhone)
    2) I did not intend, when setting up, to maintain two separate databases. All I did was to log in to iCloud when prompted. I was never even given the opportunity to set up a new database, which was why I raised the query in the first place.
    3) The Mac database has a different master password to the two iOS devices
    4) All three devices are set to sync only via iCloud

    Despite your comment that it can't be happening, I have just synchronised the data between all three devices (I've just tested this by adding a new entry on each device and now all three have all three entries).

    I then deleted an entry from the iMac and the iPad and these deletions rippled across.

    When I came to delete an item from the iPhone it hung and had to be force closed. When I logged in again I found that it was no longer synchronising, although the iPad and iMac (with different passwords) were still happily sharing data.

    All very odd. Perhaps at this stage it was indeed looking at a different database.

    Anyway, your comments and the recent behaviour of the software have persuaded me to delete everything from the iOS devices and to start over again, this time using the same password everywhere. Given the random nature of what happens with different passwords I'd agree that you need to be rethinking how things get set up and actively preventing the use of different passwords on different devices.

    Apart from this, I'm very impressed by how the software is working, but I look forward to the next point release when things settle down and the last of the gremlins are killed!.

    Regards

    Nick

  • Megan
    Megan
    1Password Alumni

    Hi Nick,

    Thanks for doing that testing for us ... I have to say, I'm not quite sure how you were able to get things synced using different Master Passwords!

    I think your decision to start over and use the same password across all devices will ensure a much more reliable syncing process in the future. I am passing your case along to our developers though, to see if it helps them in their gremlin hunt.

    If you run into any snags using this new sync process, please let me know! :)

This discussion has been closed.