How data is stored within app
I have been using 1Password Pro on my iPhone for a year now. I really like the product and enjoy the convenience of having all my passwords in one easy-to-use location. However I am also concerned about this password data geting compromised and into the wrong hands. I have already configured all the proper security settings for my iPhone and the app itself. My question is the actual data file containing all the password data that is stored within the iPhone. How is this data file secured? Is all the data within the file encrypted? To what encryption strength? Is the name and location of this file documented anywhere, such that a rogue app could find it and send it somewhere else in the background without my knowledge?
To add a few more technical details: 1Password for iOS is using a format similar to the one used on Mac or Windows. The only difference that instead of the individual files, the items are stored in SQLite database. The encryption key is protected with your master password using AES-128 encryption with PBKDF2 (1,000 iterations). The item data is encrypted using AES-128.
If we can be of further assistance, please let us know.
We are always here to help!
The encrypted data is always stored locally. If you use Dropbox, a copy of the encrypted data is stored on their servers to use as a *cloud* server to sync between your iOS devices and your computers.
If you do not use Dropbox or Wi-Fi for the sync purposes, than nothing enters or leaves the 1Password app on the iOS devices.