1password key chain data content being exposed
I noticed that the contents of my 1password keychain data file is being stored in plain text - as a single CVS like format - I am guessing that this is not supposed to be the case - can anyone provide any suggestions on resolving this ?
Thanks
1Password Version: 5.3.2
Extension Version: Not Provided
OS Version: 10.10.5
Sync Type: Dropbox
Referrer: kb-search:contents showing in dropbox
Comments
-
Hello @Tony H,
That should most definitely not be the case and if you see any file like that I can only assume that at some point either you or somebody with access to your copy of 1Password has exported your vault and saved it somewhere it probably shouldn't be. When you export a vault it has to be in an unencrypted state as that's the whole point of exporting. It is a vulnerable piece of data though so it should only be stored for as long as it's required before it is securely deleted and ideally never stored anywhere accessible via a network connection.
Whatever this file is it isn't part of the Agile Keychain and can be safely deleted right now. If you have concerns it sadly may be prudent to go on a spree of password changes so you can feel safe once again. Now you may have a few follow up questions so please do ask if you do.
0
