Questions about the AgileKeychain and OPVault formats on Windows
I am evaluating 1password as my possible future vault and have a question about the file format (at least on Windows).
When I saved a password in a test vault it turned out that the file 1password saves is actually.. A directory.
Why is that so?
Secondly , is this directory what needs to be saved/backed up? Is it a safe directory, contents encrypted?
I ask , because I was able to open some files and though I didn't find my password in plain text ;) I did find plain text names of the sites the password is assigned to.
So this would make it possible to list the sites I visit and have an account with!!
Is this true?
Comments
-
A directory. Why is that so?
@kekmen Historically, your 1Password vault is a directory because having every (Login) item in a separate, individual file makes things sync better to Dropbox.
Is it a safe directory, contents encrypted?
@kekmen Yes. Your 1Password data is encrypted.
I did find plain text names of the sites the password is assigned to
@kekmen Correct. In our agilekeychain database format, the title and the URL of your (Login) items are unencrypted. This is by design. Our newer database format (aka opvault) doesn't have this problem -- everything in opvault is encrypted.
So this would make it possible to list the sites I visit and have an account with!
@kekmen Correct. An attacker knows what web sites you have an account with. However, he does NOT have access to your passwords because everything both the title and the URL is encrypted. Should this be a problem for you, then my advice is to migrate your agilekeychain to opvault. Thanks!
0 -
Hey, thank you for the answer. That explains a lot.
The question is, why did 1Password choose to save the database / vault in the old format in the first place?
I am new to the app, when I launched the app 1st time I was asked to create a vault, which I clicked yes, obviously!
Is there an option to choose the 2nd format during creation?
0 -
why did 1Password choose to save the database / vault in the old format in the first place?
@kekmen Because not all of our apps are ready for opvault. We're waiting for our Android app to catch up.
Is there an option to choose the 2nd format during creation?
@kekmen Yes. When you create a new vault you can click on the drop-down that reads "save as type" and then change this from agilekeychain to opvault.
0