iCloud syncing and master passwords
Can you explain how the master password works with iCloud and iCloud syncing (or point to an article)?
I had a Mac (10.9.2) and 2 IOS7 devices all running Password 4 and syncing successfully via iCloud. I have a relatively simple password on the IOS devices. I changed my master password on the Mac to a 5 word dice word password. It's long, but fairly quick to type on a keyboard. I thought that this would change the iCloud master password also.
Then when I added another Mac, and set it to iCloud sync, it recognized that a file was there and prompted for my iCloud password. However, the strong one I had set on my other Mac did not work. The simpler one set on my iPhone did, indicating the iCloud master password is not what I thought it was.
Is it possible to have different master passwords on the IOS devices from the iCloud master password?
What I'd like to accomplish, if possible, is to have a simple master password on the IOS devices, (say 9 random alpha characters) that is easy to enter on those little iPhone keyboards, but a strong master password for the iCloud file.
I am assuming that it's pretty difficult to crack an iPhone master password since you have to enter on the keyboard. However, a password file stored on the Internet can possibly be fetched and heavy-duty cracking hardware applied to it.
Can I accomplish what I hope? Is my security assumption on the needed strength of iPhone master passwords valid?
Comments
-
Hi @dfz,
It is not possible to have a multiple master passwords in 1Password 4, though there is currently a bug where the master password doesn't sync between Macs.
You can only use one master password for the same data file that you sync across devices. Different master passwords weaken the entire security system in 1Password, and we gained a lot of security improvements just by simplifying it with one master password everywhere.
Keep in mind that if your phone was stolen, your 1Password data file could get into the wrong hands, and if you don't have a secure master password it will obviously be much easier to crack.
I'd recommend that you manually update the master password on all your devices to the same one.
0 -
OK. Didn't realize there was a bug involved. Single strong password it is, then. Thanks.
0 -
Jasper, why do you recommend changing the master password on "all devices" to the same one? My understanding is the the master password on my iMac is the actual one that encrypts the master key. So the password for 1Password on my iPhone and iPad are merely passwords to open the app, not encrypt the master key. I use dice words for my master password, which are fairly easy to type on a keyboard, but would be a pain on my iPhone and iPad (although I have a pretty secure password for those).
0 -
Jasper, based on what you said, since 1Password cannot synchronize a master password across devices, we can therefore have several different "master" passwords. This is odd concept, since "master" indicates precedence. Does any device take precedence, or is the master key re-encrypted with each device that may have a different "master" password?
0 -
Hi @cozmot,
Like I said above, it shouldn't be possible to have a multiple master passwords in 1Password 4, but there is currently a bug where the master password doesn't sync properly using 1Password 4 for Mac. This should hopefully be fixed soon.
Your data is encrypted with a randomly chosen encryption key when you first set up your 1Password data for the first time - this is your "master key". Your master key is what gets encrypted with your Master Password. When you change your Master Password, you are changing how the master key is encrypted. You are not actually changing the master key. If you are synching using the Agile Keychain format (Dropbox sync uses this), then a Master Password change only changes the contents of the encryptionKeys.js file within your 1Password.agilekeychain. There are good reasons for designing things this way. You will find that other high security systems, such as PGP, SSH, SSL certificates, and disk encryption systems all work the same way. A random key is generated when people first set things up, and then their passphrase is used to encrypt that key.
1Password 4 does not use the Agile Keychain directly for its regular operations; instead it uses a local data format (encrypted SQLite database) that is optimized for quick searches and so on. 1Password 4 does "import" and "export" changes to and from this local format to the 1Password.agilekeychain. The local and sync formats will use different parameters for encrypting the master key that are best suited for their different environments. So the encrypted key can't simply be moved from one to the other.
When you change your Master Password, it will make the change in your local SQLite database, and also in the Agile Keychain. It can do this only when your data is unlocked because it needs to re-encrypt your master key with the new Master Password. Roughly speaking, "being unlocked" means that 1Password has your decrypted master in its memory. The Agile Keychain will then have its master key encrypted with the new Master Password. That will spread to other systems that you sync with via Dropbox sync. What 1Password cannot do is actually "import" the Master Password change from the sync format into the local format. So what we are seeing on the other devices when you change your Master Password on some other system is that the local format is keeping the master key encrypted with the old Master Password. 1Password is still able to read and write changes to the sync format because it is able to decrypt the master key (from the local format), even though it isn't able to decrypt the master key in the sync format.
If you would like to learn even more about what goes on under the hood, the key derivation section of the 1Password data format specification explains, in gory detail, the relationship between your Master Password and the actual encryption keys: http://learn.agilebits.com/1Password4/Security/keychain-design.html
0
