Account Key and Security

Scuba629
Scuba629
Community Member
in Business and Teams

is there a way to invalidate an account key?

or a notification that an attempt was made to login to my account from a location that wasn't recognized?

I like that the key is stored on my device but that could lead to a some issues. My work PC could be hacked or an administer could take the account key. Or my iPhone or laptop could be taken from my house.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • roustem
    roustem
    edited November 2015

    You can invalidate the Account Key if you start and complete the account recovery process for that team member. That would generate brand new account key as well as the encryption key pair.

    After that, all devices will have to be re-registered.

  • Scuba629
    Scuba629
    Community Member

    So I plan to use this for my family. Lets say they take mine and my wife's laptop. What are my next steps? Do I have to then go to a friends house to start the recovery process for both accounts? As the account admin am I also considered a team member?

    Would it be easy to re-register my iPhone and other devices without a PC?

  • roustem
    roustem

    The account admin is a team member with additional privileges.

    For the family account, I suggest to make both your wife and yourself to be the owners and members of the recovery group. This would allow you to recover your wife's account and will let your wife to recover your account if needed.

    You should be able to start/complete recovery from any computer that you trust (including your friends' computers).

    During the recovery a new account key will be generated and you can use the new account key to re-register your devices.

  • Scuba629
    Scuba629
    Community Member

    would my wife and I be able to "trust" another computer from just our iPhone(s)? The only devices we would have trusted would be our work PCs, laptops at home, and iPhone/iPads. It would seem we might have to go to work to reset the account key for both accounts. If we could use our iPhone or iPad to trust our friends PC that would be best.

  • dteare
    dteare

    Hi Scuba,

    At the moment it's not possible to "trust" another computer from just your iPhone. Your Account Key is used as a second factor during device registration and it is used during the encryption of your data, so "reseting" it is an involved process.

    In your example you talked about an Administrator taking your Account Key. If you can't trust the machine you're running on and you'd be at risk no matter what you do. With that said, if you did use the machine, you could de-authorize the work machine and that would delete the local copy of the Account Key.

    I hope that helps.

    Cheers!

    ++dave;

This discussion has been closed.