Access Log / Invalid Password Log

davegarratt
davegarratt
Community Member
in Mac

Is there a file somewhere which logs the use of 1Password ? My laptop died and had to go away for repair recently and I wondered if it was possible to determine if anyone had tried to use the application ?

Comments

  • Megan
    Megan
    1Password Alumni

    Hi @davegarratt,

    Great question! We did some testing here, and it doesn't look like our current logs keep a record of such things as failed login attempts - or at any rate, they aren't written into our current Diagnostic Report. I have passed your request along to some of our coding gurus, perhaps this is something we could include in the future, it certainly does sound useful!

  • Jasper
    Jasper
    edited January 2014

    Hey @davegarratt (and @Megan),

    If the repair people (or anyone else) really wanted to break into your 1Password data, they could just copy your 1Password database over to their own computer and attack it any way they please without your knowledge. Only if the attacker tried to enter your master password directly into the 1Password app would it would be logged (if such a feature existed). But I think it would be easy to bypass the logging, therefore making such a log not so helpful. If somebody really wanted to attempt to break into your encrypted data, they would most certainly not actually enter passwords attempts into the 1Password app. They would use a separate program to try and break your 1Password data without actually using 1Password, which would easily bypass any logging function built into the 1Password app.

    Does that sound correct, Megan?

  • Megan
    Megan
    1Password Alumni

    Hi @JasperP and @davegarratt,

    You're right JasperP, attackers have methods available which will bypass the app entirely, making such logs less than 100% accurate.

    I've mentioned this elsewhere, but it bears repeating here as well: the best protection for your 1Password data is a strong Master Password. A great password ensures that, even if your data does fall into the hands of some unsavoury characters, the likelihood of them being able to crack your password approaches impossible.

    You can read more about keychain security here: http://learn.agilebits.com/1Password4/Security/keychain-design.html, and learn how to create passwords that are strong and easier to remember and type in our article: Towards Better Master Passwords

    If you have any further questions, don't hesitate to ask :)

This discussion has been closed.