change pw on iOS 1Password app ?
I expected that changing the main password on the Mac would change it for associated iOS devices (after syncing). I did need to use the new password to sync (using wi-fi), but on the iOS devices the old (simple one to get setup) is the one that works.
I haven't found anything in the app settings to change the password (the manual describes how to change passwords within 1Password). So, the main 1password password on the Mac is not the same for iOS apps.
Thanks for any assistance. Cheers !
Comments
-
Okay, found it. Problem solved.
0 -
Guess, I'm confused now. I thought the idea was to have one password that was used in conjunction with 1Password to encrypt the data. (The password is not used for access to the app, but to encrypt all the data.) How does this work with both the old and new password ? I'm missing something here.
0 -
I'm not sure I can explain this in technical detail, but when you change your master password, the encryption key doesn't change. It somehow becomes associated with the new password, but doesn't "forget" its connection to the old one. This means that your data continue to be accessible under the older password and under the new one. That seems like a slight reduction in data security to me. There have been several forum participants who have requested that the software be changed so that a password change also initiates re-encryption. I believe that is under consideration by the developers, but I have no idea if it's feasible or will be implemented.
All that said, your change in master password should sync to your other devices, but that sometime fails for some users, and then they need to make the change manually on the devices that don't update properly. I assume that's what you've discovered when you say you've solved the problem.
It is possible to force re-encryption of the database. It takes a few steps, so it isn't convenient. If you want to pursue it, post back and I'll try to hunt up the instructions. Edit: I see that this is in the iOS section of the forum. When I've re-encrypted my data, I've done it on the desktop. I'm not sure how or whether you could do it if your only devices are mobile.
0 -
Hi @touchDown,
I just wanted to chime in here to clarify a couple things about the master password:
When you set up your vault and choose a Master Password, that password is used to encrypt a key, and that key encrypts the data in the vault. Changing your master password does not change the key, it simply changes the password that encrypts/decrypts the key.
If you change the master password on your Mac, the change should be reflected in 1Password for iOS after the sync. But the 1Password app doesn't sync until it's opened and unlocked, which means you'll need to unlock it with the old master password first. Please follow these steps on each iOS device that is still using the old master password:
- Unlock 1Password on your iOS device with the old master password
- Allow it to fully sync
- Once the sync is complete, go to Settings > Security > Lock Now
- Try to unlock 1Password with the new master password
If it works as expected, 1Password for iOS should now accept your new master password. If that doesn't work and it still accepts only your old master password (and 1Password on your Mac only accepts the new one), that is part of an issue our developers are looking into. In that case, the workaround is to manually change the master password on your iOS device(s). To do that, open the 1Password for iOS app and go to Settings > Security > Change Master Password. You'll need to enter the old master password, then it will ask for your new one. Once you've verified the new password, it will ask you to change your hint.
I hope that helps, but please let us know if you have more questions about it. :)
0 -
Thanks, guys.
It seems like what I'm looking for now is a way to force re-encryption of the database (as mentioned by hawkmoth). I chose a simple password to get started and get the program working on all my devices. Then, I saw the blog on how to choose a good password. Changed it and started to load the database with info. I wonder, if it's better to start over and create a new database with the strong password ?
0 -
Also, it seems like there would possibly be some added protection, if one starts with a super strong (hard to remember password), then immediately change it to a strong password (easier to remember). That way, the data itself it difficult to attack (against the super strong password). And, in this scenario, there would be a benefit to deterrents (block after so many unsucessful attempts 10, 100, 10000, ...) that are build into the app (against the strong password).
Cheers !
0 -
Hi @touchDown,
As @hawkmoth mentioned, it's definitely possible to re-encrypt your 1Password data, it just takes some extra steps. You'll need to do most of the work on your Mac, rather than on iOS. To give you a brief summary, you'll need to export your data from 1Password for Mac to a .1pif file, reset 1Password so you can start over with a brand new vault (which will generate brand new encryption keys), and import your data from the .1pif file to the new vault. Then, on your iOS devices, you'll need to delete & reinstall 1Password and set it up to sync.
You can find a list of specific steps to do all that in this post.
If you're interested in reading some more technical information about all this, you can take a look at this post.
Hopefully it all makes sense, but if you have any questions about that, please let us know.
@hawkmoth, I'm guessing those are the steps you had in mind, but please feel free to jump in if you have anything to add. Thanks!
0 -
@Drew_AG - Yes, those are the steps I had in mind, although it has been long enough ago since I did it that I couldn't remember them and didn't want to mislead anyone with my hazy memory. I have not changed my master password a long time and don't anticipate the need ever to do so again, unless you folks decide to disclaim your advocacy for Diceware!
Also, I need to try to remember the details about the encryption key.
One thing I would add regarding the .1pif file is that it is definitely not encrypted. One should be careful with it. Once a user is finished, it should be placed in the trash and securely deleted.
0 -
Drew,
I followed the instructions at the link you posted. That went fine.
Now, I'm only concerned about my password being snatched by a Vulcan. * Watchtower activated *
Thanks, guys.
0 -
@touchDown I would be more afraid of the Jedi mind tricks ;) Glad @Drew_AG and @hawkmoth could help.
0
