Wi-Fi syncing multiple vaults requires Primary vault

Drew_AG
Drew_AG
1Password Alumni
This discussion was created from comments split from: Forced subscription model coming?.

Comments

  • Mork
    Mork
    Community Member

    Thanks Ben.

    I'm also hopeful that soon I'll be able to sync via WiFi non-default Vaults between mac and iPhone so I can use 1P on the iPhone with the data I want based on how I have it stored. As I understand it, you MUST currently (still) sync the default vault on the iPhone, which is never what I want to do. I need control over the vault to sync.

    Thanks again! :)

    Jim

  • Drew_AG
    Drew_AG
    1Password Alumni

    Hi @Mork,

    Thanks for your feedback about Wi-Fi sync! Since that's a different subject than the one in the previous discussion, I've moved your message to a new thread. I hope you don't mind!

    Secondary vaults can sync to iOS via Wi-Fi, but you're correct that doing so requires the Primary vault to be synced as well. Without getting into too many technical details (I'll leave that to our developers), the reason for this is related to the relationship between Primary and secondary vaults in the Mac and iOS versions of 1Password, and how keys for the secondary vaults are encrypted/decrypted.

    We've received other requests to sync secondary vaults independently of the Primary vault via Wi-Fi, and perhaps we'll be able to do that in a future version at some point, but my understanding is that doing so is much more difficult/complicated than it seems. That's not to say it won't ever happen, but if it does, it probably won't be soon. But I'll be happy to forward your feedback to our developers so they know you're interested in that!

    If you have more questions or need anything else, please let us know. Cheers! :)

  • Mork
    Mork
    Community Member

    This sounds like a technical design goof resulting in complicated-to-modify software, but I can't be sure.

    The "user goal" should have better been considered.

    As it stands now, I need to change how I work to use your software.

    The software should be the other way around.

    I wish I had not gotten 1P iOS. I've never really been able to use it.

    Thanks,

  • Megan
    Megan
    1Password Alumni

    Hi Jim ( @Mork ),

    Thanks again for sharing your thoughts here! I’m sorry that this is a bit frustrating for you.

    This sounds like a technical design goof resulting in complicated-to-modify software, but I can't be sure.

    I can see why it would seem that way, but one of the reasons that we made this decision was to keep things simple for our users. With multiple vaults, there’s the potential for users to have any number of different vaults with different passwords. To ensure that users still only needed to remember one password, we gave the primary vault the ability to unlock all secondary vaults. For me, this is what makes multiple vaults a really powerful tool for sharing: I can have a vault shared with my husband, another shared with my parents, and innumerable vaults that I need for work, but I can still see all my data when I unlock 1Password with my one Master Password. (The All Vaults view introduced in 1Password 6 makes this even more awesome because I no longer have to switch between all these vaults to see what I need to.)

    For now, I do apologize that this means you’ll need to change your workflow a little bit, but if you’d let us know a bit more about what you’re trying to achieve, we might be able to make some suggestions that can make this transition a bit easier for you. I’m confident that we’ll be able to find a solution to give you the convenient security of 1Password without a lot of hassle. :)

  • Mork
    Mork
    Community Member
    edited April 2016

    Bottom line: I don't want to store my primary vault on an iPhone. I find the best way to secure data, which at some point could be compromised, is to not have it on the device to begin with.

    So, what I would like to have would be a "play" (secondary) vault that I would use (if I could use it) on the iPhone for things like email passwords and other.

    As I understand it, 1P is still at 128 bit encryption vs. 256 bit, but I could be wrong about that.


    My "workaround", as I guess what I'd have to do, would require moving all my passwords from my primary vault to a new secondary vault and then the primary vault as my little sync vault for iPhone. Since I don't want to go through all this to accomidate your design decisions, I just use 1P locally. My 1P on the iPhone has been gathering dust for a couple years.


    The actual workaround should be to allow the user to pick which vaults to sync without the gymnastics. Clearly, I'm in the minority here.

    In any case, speaking as a software dev myself, the way the software is now actually makes it more difficult to use, not less - at least with my defined "USER GOALS" (source: Alan Cooper "About Face" -- a book on user interface design. Alan was the father of Visual Basic. He has another book called "The inmates are running the Asylum" - some of the same basic issues discussed.)

    Thanks

  • Megan
    Megan
    1Password Alumni

    Hi @Mork,

    Thanks for explaining your desired setup, I can certainly share your thoughts with our development team so we can keep it in mind when we look at how to improve multiple vaults in the future, but I don’t believe that major changes to Wi-Fi sync are on our to do list at this time.

    I can completely understand the desire to keep some items off your mobile devices. At this time, the solution would be to swap up your primary and secondary vaults, and use the primary as the ‘play’ vault, as you call it. It does sound a bit like gymnastics, but the process shouldn’t be too effort intensive. Here’s what I would do:

    • Create a new vault called “High Security”.
    • Move all items from your primary vault into this new vault.
    • Move all items from your other secondary vault to the primary vault.
    • Delete the other secondary vault from your Mac and other devices.

    1Password does have the ability to move multiple items at a time, so you can bulk move all your items in one go. Just select all the items, right click and select Share > vault name > Move.

    I’m sorry that I don’t have a better answer for you here, but if you do decide to switch things up and make use of 1Password for iOS, this should help you on your way. :)

    ref: OPI-2320

  • Mork
    Mork
    Community Member

    Thanks for your reply.

    I deleted 1Password from my iPhone as I've never been able to use it as desired.

    Thanks,

  • Drew_AG
    Drew_AG
    1Password Alumni

    Hi @Mork,

    I'm sorry to hear you're no longer using 1Password on your iPhone! I'm not sure if that's because of not being able to exclude the Primary vault from a Wi-Fi sync or if you ran into other issues with the iOS version - if the reason is having to include the Primary vault during Wi-Fi sync, I think Megan's suggestion would be a good workaround, as moving the data currently in your Primary vault to a secondary vault would allow you to (very easily) exclude that data from syncing to your iPhone. On the other hand, if there were other issues in the iOS version, we'd love the chance to help you out with those! Just let us know.

    One thing I wanted to ask (since I don't believe it's been mentioned so far in this discussion) is if you've considered switching to Dropbox sync instead of Wi-Fi? They work very differently from each other, and with Dropbox sync, each vault has its own sync settings - therefore, you can simply choose not to sync your Primary vault to your iPhone.

    In case you're concerned about having a copy of your data in a cloud service like Dropbox, please know that 1Password is secure by design and your 1Password data is end-to-end encrypted. So with regard to security, 1Password simply doesn't depend on the security of Dropbox or any other cloud sync service to protect your data. If you're curious, we have more information about that here: Is it safe to sync my data over the cloud?

    We're always glad to help, so please don't hesitate to let us know if you have more questions or need anything else. Have a great weekend! :)

  • Mork
    Mork
    Community Member

    Appreciate all the great replies. I really like 1P for the Mac and about the only thing that could make me leave it (immediately) would be a forced subscription model, which I understand isn't in the cards at AB.

    With 1P for iOS, however, the whole point of syncing wifi was to avoid third-party solutions like Dropbox where I don't really control my data.

    Data is always "safe"....until it ... "isn't -- as in some new vulnerability.

    Plus, a third party, like DB, can delete your account at will or by mistake, etc. I personally know people who have believed in third-parties (third-party companies not named here) who have lost all their data due to some goof by the company. No restore possible or even offered. For me, "the cloud" is a big fat zero. It's just the twenty-first century's version of mainframe computing. Yuck!

    So, yes, I deleted 1P from iOS just due to how the syncing works (or doesn't) and chalked up the money spent/lost as a learning experience.

    You have a great weekend as well.

    Thanks,

  • Drew_AG
    Drew_AG
    1Password Alumni

    Thanks for your feedback about that, @Mork! We appreciate it, and I'm glad you're happy with 1Password for Mac, even if you don't like how Wi-Fi sync works with 1Password for iOS.

    ...a third party, like DB, can delete your account at will or by mistake, etc.

    Just to be clear, if that happened with your Dropbox account, you would not lose any data from 1Password. Regardless of what sync option you use, you have a local copy of your 1Password data on your Mac (and if you were still using 1Password for iOS, you would also have a local copy of your 1Password data on your iPhone). If you were to use Dropbox sync, a sync file containing an encrypted copy of your data would be saved in your Dropbox account as well. That file is only used for syncing purposes, so even if that sync file is removed or your Dropbox account suddenly disappears, the worst that could happen is the sync settings in 1Password would be disabled. But the local data on your Mac and iPhone would be completely untouched.

    I know that's not your only concern with using a cloud sync solution like Dropbox, but it's just something I wanted to explain in case it makes any difference for you. :)

This discussion has been closed.