Storage of PW's for Secondary Vaults
Are the passwords for secondary vaults covertly stored in the primary vault? If the answer is yes, then I ask: if a specific secondary vault is deleted, is the password for that vault automatically deleted from the primary vault as well?
I would love the capability to set preferences for each vault as to whether it can be opened by a primary vault or not. I have a "top secret" vault that I don't want to automatically open as a secondary vault, but also don't want as my primary vault. I would like to open it just occasionally, and to always require its specific PW to do so. I realize you folks are still developing multiple vault functionality...
Comments
-
Hey @jasper2014
Yes basically, its not the direct password but a key derived from it. (in my understanding) Yes again from my understanding the password etc are removed. This is one of the comments from the staff @sjk http://discussions.agilebits.com/discussion/comment/97982/#Comment_97982 Its the best example I could find on the subject matter.
You suggestion has been mentioned a couple of times. Since I am but a user like yourself I don't have any insight into the development.
0 -
Thanks, thightower, for your comment and the link to related discussions. However, I'm hoping an agilebits employee can comment on whether passwords (or encryption keys) for secondary vaults are stored in the primary vault (I assume yes), and whether they are deleted from the primary vault when a secondary vault is deleted. Users need to know where copies of the keys are kept and what happens to them.
After searching both Support, and also the Discussion forum, I think documentation for the Multiple Vaults capability needs improvement. I love the concept, but am feeling cautious with it because I'm not clear how it works. I don't want to inadvertently create "backdoor" entry points for secondary vaults.
0 -
Hi @jasper2014,
I'll admit, although I'm an AgileBits employee, I'm not quite qualified to answer your question. The intricacies of our cryptography sometimes elude me. So, I'd like to direct your attention to a post by our security expert that discusses the issue. I hope it helps to explain things, but please let us know if you have any further questions.
As far as the lack of documentation goes, I do apologize. Our team is working to get all our support articles updated for 1Password 4, but with so many new features, it has been a bit of a daunting task. We very much appreciate your patience. :)
0