Strategies for Main Password retrieval
The Situation: On my insistence, my father installed 1Password and used it for everything. He passed away this weekend. He was the type of dad that did all the family's tax returns (online) and all his and my mother's banking, bills etc
He had told me and my siblings the main password ages ago but none of us remember it and the clue isn't helping us yet. It is evident from the written instructions he left that he was sure that we all knew it.
I fully understand that the main password is actually an encryption key and as such cannot be retrieved. So this leaves us with trying to remember or guess the password.
My two questions are:
Does 1Password give unlimited verification attempts?
How can I put my father's copy of 1Password onto my siblings computers, iPads etc so that we can have the most monkeys bashing away, trying possible passwords?
Comments
-
There is not a limit to the number of times you can attempt the enter the master password.
I'm not sure what to say about installing 1Password on everyone's devices. As I remember my own experience when installing my own copy on a new device, you need to know the master password, in order to import the data. It seems to me that everyone will be stuck at the beginning. Maybe in this case, that would be OK, because whoever among you is able to import the data will be the one who discovered the password. But perhaps I'm missing something.
0 -
Hi @TomSafety,
I'm sorry to hear about your loss.
To answer your questions:
1) 1Password will allow unlimited attempts. Which will be great for your manual attempts.
2) How to move this data over to another machine...
The easiest way to move this data over to another machine is to restore from one of the auto-backups that the app has done. The location of the backups will depend on which version of 1Password he was using. If he was using the Mac App Store version of 1Password you should be able to find backups in ~/Library/Containers/2BUA8C4S2C.com.agilebits.onepassword-osx-helper/Data/Library/Backups
If he was using the AgileBits Store version of 1Password, the backups would be stored in ~/Library/Application Support/1Password 4/Backups
These files will have names with dates indicating when they were done. You can take one of these backups then restore them via 1Password > Preferences > Backups on another Mac.
If you'd like to use an iOS device for your tries then you can get the backup onto an iOS device and restore it by using iTunes' File Sharing capabilities to add the backup file to 1Password on iOS, then using Settings > Advanced > Restore from Backup. I just tried it here and it worked.
Restoring from a backup does not require the old password as the restore process is quite literally a database swap. It'll relaunch afterwards and the app will be using the older database.
I hope this helps. Let us know if there's anything else we can lend a hand with.
Rick
0 -
Thank you for your condolences. Given that he left instructions down to the tiniest detail he would be mighty annoyed to know that we can't remember the one word that would make everything easy!
When you say: "Restoring from a backup does not require the old password as the restore process is quite literally a database swap." I assume you mean that the password is not required to move the data across but would be required to open the database in 1P. Correct?
If so, can't I just copy his keychain to Dropbox and point a copy of 1P at it and get the same result? i.e. are backups just old copies of the keychain?Before you answer I am also going to paste replies to another post in an attempt to unify the discussion because you might just need me to refer to those posts.
Tom
0 -
As mentioned above I wasn't getting very far with this topic for a while so I started attacking it from a different angle. I wrote:
I currently use a 1P account ("Account A") on Dropbox to sync my devices. I temporarily need to access another 1P account ("Account B") but first I have to try all the master passwords I can think of. Can I copy Account B's keychain to another folder on Dropbox and point one of my devices to it? Once I have opened the account can I export the logins etc into a vault on Account A?
Account A is mine and Account B is my Dad's.
Drew AG replied:
It sounds like you are currently using 1Password on a Mac, and sync your Primary vault with Dropbox? If so, you will have a 1Password.agilekeychain file in Dropbox which corresponds to your Primary vault in 1Password. Do you also have another .agilekeychain file on your Mac or in Dropbox which you need to open in 1Password?
If that is correct, and assuming you're using 1Password 4 or 5 on your Mac, you should be able to simply double-click the other .agilekeychain file to add it as a secondary vault in 1Password (you'll be prompted to enter the master password for that vault/keychain file). You should then have 2 vaults in 1Password.
Do you also need to sync the secondary vault to other devices via Dropbox? Do you want to merge the data from that vault into your Primary vault, so all the data is in just your Primary vault?Now that I have unified the threads here and you all have the whole picture can you give me the best strategy? If I understand it correctly it sounds like I can arrive at the situation where I have 1P on my machine with two vaults in it (on Dropbox), one that I use normally with my master password and one that I access contains my Dad's database that I will be able to access when we finally work out what his main password is.
Thank you for all your help so far. As you can imagine this is quite a major stress that I'd like to resolve.
Tom
0 -
Hi @TomSafety
rickfillion's post was assuming you weren't already running 1Password on the devices in question so I'm glad you've merged these two.
If your father was synchronising to Dropbox and you have access to the agilekeychain then you have two approaches.
- If somebody hasn't run 1Password before you want to follow rickfillion's suggestion. Each time they open 1Password it will ask them for your father's Master Password and they can attempt to guess it as much as needed.
- If somebody already uses 1Password and has their own primary vault and Master Password then double clicking on your father's agilekeychain would result in 1Password attempting to add it as a secondary vault. It will ask you for your father's Master Password and if you were successful it would add it as a secondary vault.
If you can access the agilekeychain from a Dropbox account then it's also the case that people wouldn't need 1Password to attempt to open the vault. Instead you could use 1PasswordAnywhere and anybody with a browser and access to this Dropbox account could attempt to guess the password.
I don't know if it will make any difference but we have a couple of hints aimed at trying to remember forgotten passwords, those hints can be found in our Help! I forgot my Master Password page.
If this post raises more questions please do post back.
0 -
Thank you all so much for your help. I am going back to his house in a few days and will set it all up as you have directed. We will get there sooner or later!
This whole experience has taught me that 1Password's greatest strength can also cause disaster if you haven't got a good strategy in place for changes in circumstances. I have already put my master password in a place that would become accessible if something were to happen to me (and not before!). Finding the right balance between security and service to loved ones is not easy but worth doing.
I'll let you know if, or when, we crack the code!
0 -
We all wish you and your family the best of luck in regaining access to you father's vault and like the others I offer my condolences.
You're quite correct, because our goal is to ensure nobody can gain access (or at least make it as technically difficult as possible) it does mean that should the worst happen gaining access is nigh on impossible even if you have a good starting point. Given what you've learned from this I'm going to link you to something you and others you know may find useful. It's The 1Password Emergency Kit: Version 3.0, a handy PDF created by a fan of our work. The idea being to keep a copy sealed with a will so you know the contents are safe. You may find such a document useful or you may find you've replicated all of its functionality already.
Good luck.
0
