Master Password change and sync

mreider
mreider
Community Member
edited April 2015 in iOS

I have 1Password on Mac1 at home.
I have 1Password on Mac2 at work.
I have 1Password on my iPhone in my pocket.
This could be a poem, but it's not.

All of these sync with DropBox.

I changed my vault master password for Mac1 and Mac2.
I did not change my master password for my iPhone, nor do I see how to? <---- (?)

Things are working fine. I am just mystified.

Knowing what I know about software (I am an engineer). I assume that the master password is used to encrypt the vault file. But this can't be the case since the master password is different on my iPhone.

Can someone tell me (1) how to change the master password on my iPhone, and (2) how the heck this thing is still syncing with different master passwords on the same vault?

Thanks!

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited April 2015

    @mreider: Sorry for the confusion! In 1Password for iOS you can change your Master Password under Settings > Security.

    And the short answer to your question regarding the password change is that, while 1Password for iOS may not have the new Master Password you set up on your Mac (yet!), it has the Dropbox token and encryption key from when you connected it and decrypted using your Master Password the first time.

    If you're itching for a more detailed explanation, check out the AgileKeychain design:

    Hierarchy of Encryption Keys
    In order to allow you to change your password without needing to decrypt and re-encrypt the entire Agile Keychain, an encryption key hierarchy was created. Instead of encrypting data with the password directly, a random key of 1024 bytes is used. This password is generated by cryptographically appropriate random number generators, relying in part on true random numbers where the operating system supports that. This key is stored in the encryptionKeys.js file, encrypted using PBKDF2 from the user’s Master Password.
    By using such a huge random key, your password can be changed by simply decrypting and re-encrypting the keys stored in encryptionKeys.js.

    I hope this helps. Let me know if you have any questions! :)

    P.S: Love the poem, by the way! ;)

This discussion has been closed.