Emergency Kit
FYI, this comment is applicable to 1Password as a whole, not just Families.
First, I'm a big fan of 1Password. Couldn't function without it.
But I think your Emergency Kit is a serious weakness, and the whole idea should be reworked.
The Emergency Kit contains, in plain text, the URL through which a person can access all my protected information, along with the email address, account key, and master password which are supposed to form a multi-part key needed to unlock that information. Users are advised to print out the Emergency Kit and store it in a "safe place". Several of your own moderators specifically recommend keeping it in a user's wallet.
Keeping that information in a wallet violates Rule #1 of password security, which would be bad enough if it were just the login info for one account. But that single piece of paper gives someone access to everything I have. All logins, credit cards, bank accounts, etc. In my case they would even have scanned copies of my identification. It would be insane for me to carry the Emergency Kit in my wallet.
Keeping it locked up in my house, or on a flash drive, only makes me feel slightly less uncomfortable. The bottom line is, it's a serious security vulnerability to keep all pieces of that info together anywhere. I'm sure you will agree.
I'd like to ask you to start thinking about a better solution than the current Emergency Kit form. I already know my own email address and master password, as all users should. so instead of your current Kit, I've printed out a sheet of paper that only contains the URL & my account key, with no other information, not even identifying labels. I've given that to a trusted person who has no idea what it is. In an emergency, that person can text me or tell me over the phone those two bits of info which I can use, along with the two bits I have in memory, to login on any computer.
To be honest, I could probably just carry the URL and account key in my wallet, minus my email address and master password. The URL and account key alone would be useless to anyone who had access to my wallet.
The bottom line is, it doesn't do any good to secure all my important data in an encrypted app (or website) which nobody can break into, but then carry all the keys to that vault in plain text on a single piece of paper in my wallet. Or anywhere else for that matter.
Please take this as an urgent feature request.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
In an emergency, that person can text me or tell me over the phone those two bits of info which I can use, along with the two bits I have in memory, to login on any computer.
What if due to the emergency you are unable to communicate in any way, or even died?
However, I'm also uncomfortable about writing down everything (in 1 place), so looking forward to other contributions in this discussion.
0 -
At the end of the day it is up to the individual to decide what level of security they are willing to live with. We try to give folks the best tools possible to make what we would consider the best decisions, but we can't stop folks from putting their Master Passwords on a billboard in front of their house if they'd like to. ;)
To be honest, I could probably just carry the URL and account key in my wallet, minus my email address and master password. The URL and account key alone would be useless to anyone who had access to my wallet.
This is similar to my own approach. I don't carry it on me, but I have my emergency kit printed out and stored without my Master Password. I'm willing to accept that if I forget my Master Password I will have to have another owner on my Families account start the recovery process for me.
I think the way we originally intended the emergency kit to be used was for it to be printed and stored in a safety deposit box, or other similarly protected storage. It wasn't intended as a daily carry item. As the name implies it was to be retreived in an emergency (e.x. all of your devices evaporated). If you still have access to one of your devices, it can tell you your URL and account key (and present the QR code for scanning).
Good discussion here though, I'll be interested to see what other folks come up with.
Ben
0