About opvault design and the changing of master passwords[No need to change as long as MP is strong]

dwk
dwk
Community Member
edited June 2015 in 1Password 4 for Windows

Hi,

I recently changed my old agilekeychain format into new opvault format for increased security.

When I was using agilekeychain format I knew that changing my master password was not a good idea.

Is that still the same with the new opvault format?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • MikeT
    edited June 2015

    Hi @dwk,

    I'm not sure where you got the impression that changing your master password is not a good idea, that wasn't the impression we meant regarding to master passwords.

    What we meant is that as long as your master password is strong, you don't need to change it often because we already encrypt your data to the strongest possible levels and we strengthen your password as well. But if you have a weak master password, then yes, you must change it right away and remove your older backups. The point we were making is that our core foundation is strong to the point you don't need to change your password because it wouldn't change anything.

    Nothing changed with the new OPVault format regarding to having to change your master password; the master password must be strong at all times anywhere and there is no exception to this rule, even for mobile devices that may be further protected.

  • dwk
    dwk
    Community Member

    I have another follow up question.

    When I look into my opvault's default folder I see 18 (.js) files and 1 (.write) file.

    Is it normal to have .write file in the default folder?

  • Hi @dwk,

    Is it normal to have .write file in the default folder?

    Yes, it is normal. It's our method of ensuring we have write permission to your data folder. This is only useful on Windows as we have other methods we can use on other platforms to ensure such permissions.

    If we can't change or write to the file, we know we don't have permissions. It won't affect how 1Password works in general as we won't parse it.

  • dwk
    dwk
    Community Member

    Thanks !

  • You're welcome!

This discussion has been closed.