1password anywhere only offers me the html file for download, not the login screen anymore
Hey there,
I'm using 1pw on the Mac and while I've been cleaning up my Dropbox, I moved the 1pw files from the old "Public" folder to an "Apps" folder.
I then made the html file publicly available via a link, but when I open this link I only get the DB page, offering me to download the file. Only when I am logged into the DB web interface in the same browser, I get the 1pw anywhere login screen. This of course defeats the purpose of 1pw anywhere, as I don't know my DB password and could not login on any other computer :p
What should I do now? Is this a problem with DB, as it worked fine in the old "Public" folder and they show the download page?
Thanks in advance :)
Markus
1Password Version: 5.3.2
Extension Version: Not Provided
OS Version: OS X 10.10.5
Sync Type: Dropbox
Referrer: forum-search:1password anywhere html download
Comments
-
Those are good questions! I can help explain why it's working that way:
I moved the 1pw files from the old "Public" folder to an "Apps" folder.
That's good, because as a general rule of thumb, you should never keep your private data in a folder named "Public". Fortunately, even if someone were to acquire a copy of your 1Password data file, it would be extremely difficult (approaching impossible in a human lifetime) for them to actually gain access to your passwords without your master password.
Also, please note that if you manually moved the .agilekeychain package to a different location in Dropbox, you'll need to update your sync settings in the 1Password app so it can continue to sync changes.
I then made the html file publicly available via a link...
I'm not sure which exact option you used in Dropbox, but the .agilekeychain package in Dropbox contains your 1Password data, so you really wouldn't want to make any part of that data "public". It doesn't sound like you're trying to share your 1Password vault with someone else, so if you used one of the "share" options for that file in Dropbox, I recommend un-sharing it.
...but when I open this link I only get the DB page, offering me to download the file. Only when I am logged into the DB web interface in the same browser, I get the 1pw anywhere login screen.
That's correct - the 1Password.html file alone will not work to view your 1Password data. Your 1Password data is made up of hundreds of smaller files, and the html file is simply the web interface that allows you to access the rest of the files that are contained in the .agilekeychain folder from Dropbox. Opening the 1Password.html file from your account on the Dropbox.com website allows access to the other files in the .agilekeychain.
This of course defeats the purpose of 1pw anywhere, as I don't know my DB password and could not login on any other computer
Although you only need to remember one password (your master password) to unlock your data in the 1Password app, there are some circumstances when you might need to remember another password. In this case, in order to use 1PasswordAnywhere with the data stored in your Dropbox account, you'll need to log into your Dropbox account, which will require your Dropbox password. Similarly, if you need to enter a password to unlock your Mac, you need to do that before you can access 1Password on that Mac, so you'd need to have that password memorized.
If you don't want to use the Dropbox website to access 1PasswordAnywhere, you can copy the .agilekeychain package to a USB flash drive, and use it from there on another computer. Please see the following knowledgebase article for more information about that: Local file restrictions in 1PasswordAnywhere
Is this a problem with DB, as it worked fine in the old "Public" folder and they show the download page?
I've never tried that myself, but if the same thing worked when the .agilekeychain was stored in the Public folder of your Dropbox account, I imagine that folder works differently as far as permissions to access the other files from the html file. But I don't recommend keeping your 1Password data in the Public folder, so hopefully my above suggestion will be helpful for you.
If you have more questions about that, please let us know! :)
0 -
Hi Drew,
thanks for your long comment. Seems like I am using 1pw anywhere longer than most :D I've seen this article on the Dropbox page https://www.dropbox.com/help/16 , that explains it all.
Dropbox deactivated public folders in October 2012, surely they wanted to prevent people from using DB as a hosting service. After all, that is what the 1pw anywhere html file and all the associated folders amount to, just another website, but hosted by DB. (And back then it was not "not recommended" to keep 1pw files in a public folder, it was the greatest idea ever and making 1pw comparable to Lastpass.)
So idiot me cleaned up his DB and made things orderly, but at the same time I destroyed one of the key features of 1pw :( Having to log into the DB web interface to get to the 1pw anywhere page makes no sense at all for me (really long DB password, plus 2factor auth switched on for DB).
It is not your fault, of course, DB just changed their features. Is there another way for me to fix this, e.g. by hosting the file myself on my own server? 1pw seems not to include FTP sync settings or something like that?
Kind regards,
Markus0 -
Hi Drew,
great news for the few people that still have a real old style "public" folder in Dropbox available (in the web interface this folder has a globe on its icon, if it doesn't, you don't have it, but you might get one as outlined here at the botom of the post https://www.dropbox.com/help/16).
So provided you have a public folder:
- Copy the "1Password.agilekeychain" folder into it, as before (e.g. you can move it from the DB "apps" folder).
- (Don't forget to change the location in the settings of your 1pw apps.)
- Using the DB web interface, browse into this folder and go to the 1Password.html file.
- Now right click on it and select "copy public link". Do NOT click on the share "link to file" feature (on the right side).
- Now you have a direct link to the file and not to a preview page, which would only offer you a download of the file.
This direct link to the file should render the 1pw anywhere webpage, wherever you open it. You can use an URL shortener or save it in your bookmarks. As long as the 1pw encryption works as promised and you don't give this link around, you should be fine :)
So I'm back to where I was before. Thanks for nothing Dropbox >_<
Kind regards,
Markus0 -
Greetings @derzornigemarkus,
It's a tough one, improving security is usually a good thing but it can also be a tightrope between security and useful features at times. You seem to understand the risks so you can at least make an educated decision.
Should they remove the feature completely I suspect your easiest option for creating a similar environment would be to use Folder Sync to a local folder on your Mac and set up some some kind of automated service that watches the folder and uses FTP to upload? I'm a bit hazy on the specifics but I think that should be possible.
0 -
Hi Adam,
thanks for your reply. Your suggestion was something that I had in mind as well. As 1pw anywhere is read only anyways, this should work fine. Only downside is that changes made on mobile (iOS or something) would require a sync via DB back to the machine, on which this FTP upload job is running, followed by the FTP upload. With the DB public folder solution it is almost instantaneous. Generate login on iOS, wait a second and you have it in 1pw anywhere on the machine you are sitting in front of. Pretty sweet 8-)
But how can you guys call it "1pw anywhere" if it requires a further password (which thanks to your great software is freaking long)? :p
Kind regards,
Markus0 -
If syncing with 1Password for iOS is a concern, you can always try Wi-Fi sync, which can be enabled at the same time as the Folder sync option in 1Password 5 for Mac. I know it's not as easy as the way you used to have everything set up, but I wanted to mention it as an option if you decide to try the Folder sync / FTP upload idea.
But how can you guys call it "1pw anywhere" if it requires a further password (which thanks to your great software is freaking long)?
Well, having to enter another password doesn't mean it isn't available "anywhere", right? ;)
But all joking aside, requiring "a further password" is really just the nature of using a separate service (like Dropbox) to sync and/or host your .agilekeychain. Having your .agilekeychain in Dropbox's Public folder was a way to avoid that, but it was essentially a compromise that sacrificed a bit of security in order to make it more convenient to use.
By the way, thank you for the link to Dropbox's support site article about the Public folder! I didn't realize new Dropbox accounts don't include that folder, so I suppose that means I've been using Dropbox for a long time, too. ;)
Anyway, thanks so much for your ideas & thoughts about all this, it's definitely an interesting conversation!
0 -
Thanks to you, Adam and Drew, for the fine customer service as well :pirate:
Now with everything back to normal, I'm a happy (long time) user again :) Maybe one day you will support more ways to sync (FTP, Google Drive...), but with the keychain being such a huge folder full of crypto stuff, this surely is anything but easy.
0 -
@derzornigemarkus: Thanks for your support! On behalf of Drew and lil bobby, you are most welcome!
Indeed, we hope to add more sync options in the future, but only after choosing and testing carefully. Thanks for letting us know you'd like other options too! :)
0
