Remove secondary keychain - Dropbox Sync
This is my previous set up.
Work computer:
Primary Vault - Keychain with work-related only
Secondary Vault - personal keychain only
Personal computer
Primary Vault - personal keychain only
Secondary Vault - Keychain with work-related only
Both keychains are stored on Dropbox for synching/backing up purpose.
I recently quit my job and figured I can just remove my personal keychain from that dropbox account and move it to my personal dropbox account, my personal keychain would not be accessible via the work laptop. However, I just found out that even after removing the keychain file itself that the 1Password app is directed to, 1P still somehow shows all the items. Basically, it doesn't "get lost" as I expected after removing the keychain file.
Is there a way to delete the keychain file so that the 1Password in my previous work computer would not have access to my person keychain (secondary) anymore?
The thing is since whoever have access to the work keychain (primary) will also have access to the secondary keychains, all of my personal information is left in the open.
Please note that I don't have access to my work computer any more.
Thank you,
Comments
-
Hi @agileung,
However, I just found out that even after removing the keychain file itself that the 1Password app is directed to, 1P still somehow shows all the items. Basically, it doesn't "get lost" as I expected after removing the keychain file.
That's normal because of how 1Password separate the sync data and the local app's database, basically two data stores. This allows 1Password to be resilient on making sure any sync issues does not propagate to your main database that contain all of your vaults at once.
When you removed the sync file, the data is still in the local database but 1Password can no longer sync it as it doesn't have the sync file anymore. To remove it, you have to delete the vault as well. To do this:
- Open 1Password, unlock the primary vault, and switch to your secondary vault.
- Head to the 1Password Menu > Delete Vault.
After that, 1Password no longer has any data left, except in the backups for a short period of time. Once 1Password makes its 30th backup after the deletion of the said vault, there will not be any backups that can restore the secondary vault.
I recently quit my job and figured I can just remove my personal keychain from that dropbox account and move it to my personal dropbox account, my personal keychain would not be accessible via the work laptop.
As long as the data file is no longer in your business account, no one can use it. Plus the person would need to know the vault password to add it to their 1Password app, so it is not possible to simply use that data file without the vault password that only you would know.
Please note that I don't have access to my work computer any more.
Did you delete your 1Password data there before returning it or at least wipe the laptop?
0 -
I did not realize the fact that 1Password save a copy of my keychain in its local database. I did not delete my personal 1Password keychain from the Delete Vault menu option.
However, I did remove the keychain from DropBox so it's no longer synching the data.After playing around with it, I do realize that my keychain is vulnerable of being accessed since it is a secondary keychain. (the work keychain is the primary keychain, and by design, anyone who has access to the primary keychain will also have access to the secondary keychain even without the password for the secondary keychain)
Do you have any other suggestion for me in this case?
Thank you
0 -
Hi @agileung,
Each vault has its own sync settings, which means each vault would need to be shared separately. In other words, unless you gave out the master password for your personal vault to others in the company, no one else would have been able to add your personal vault to 1Password on their computers. (And that's assuming you had your personal vault in a shared folder in Dropbox - which you may not have done.)
If I understand your setup, only 2 computers were set up to sync your personal vault - your personal and work computers. Your personal vault may still be accessible on your work computer since it is the secondary vault there, but at least that means only people with access to that computer would have any access to your personal vault.
My suggestion would be to contact someone at that company who has access to that computer, and ask them to delete your personal/secondary vault from 1Password (by following Mike's steps above). That person could even delete the backups for the 1Password data on that computer (and make new backups after your vault is deleted) so they can't restore your personal vault.
In addition to that, it's probably a good idea to start changing your passwords for your logins as soon as you can - especially if you're not sure who has had access to your work computer since you returned it.
I hope that helps! Please let us know if you have more questions about that.
0
