Found all the passwords in naked ASCII??
Finder has just found contents.js in 1Password>1Password.agilekeychain>data>default in all it's plain ascii glory. Should this have happened? I read somewhere that the local device is 'trusted' but when I opened another Finder window I was unable to access the folders below 1Password.agilekeychain. I'd expect consistency here and thus I suspect I've slipped through a security wrinkle? I'm slightly surprised that passwords and stuff is not stored in encrypted form - but then I'm not that techi.
Thanks
Comments
-
Hi @head4heights,
What you've found is the index file,
contents.js. This is deliberately unencrypted and was a design decision at the time. You can learn more on our open format from our Agile Keychain Design page. As you can read, the title and URL are unencrypted. With the advances in computing power since then this decision doesn't make as much sense which is why OPVault encrypts everything which you can read about in OPVault Overview. It's taken us longer than we anticipated to complete this transition but we are closer than before (you can go backwards sometimes in software development). Once 1Password for Android supports OPVault we should be close to the transition. For those that wish and aren't Android users they can move to OPVault now with the correct steps.Besides the title and URLs though, everything else is encrypted.
You may very well have follow up questions so if you do please ask :smile:
0 -
"For those that wish and aren't Android users they can move to OPVault now with the correct steps"
OK. I'm interested :)0 -
Hi @head4heights,
Glad to hear you're interested! :) To start using the OPVault format for Dropbox or Folder sync in version 5.3 or 5.3.1, you can follow the steps here: Can I switch to OPVault from Agile Keychain?
If you have questions about that, just let us know!
0
