Use of Account Key
I'm in the process of migrating from the old 1password, synced on dropbox, to the family version. I have a basic question. If I find myself somewhere without my iPhone or iPad, and I want to log into my web 1password account to retrieve some information, can I do this without memorizing my account key? This is the one password anywhere concept, but with the account key being necessary (I think), it becomes unworkable.
In a related question, if I have my iPhone with me, is there a problem with storing my account key within 1password.
1Password Version: latest
Extension Version: latest
OS Version: latest
Sync Type: latest
Comments
-
Hey @kross76,
I am just getting up to speed with the Family and Teams account stuff but from what I have read the Account Key is only required the first time you login on a specific device. After that the Account Key remains and you just need to remember your Master Password.
In your example when logging into 1password.com from a Browser for the first time you will need to provide your Account Key as explained here:
https://support.1password.com/1password-com-sign-in/After that when you log into 1password.com you will only need to know your sign in address and Master Password. Once you provide the Account Key once for that browser it is stored with it same with all of your other 1Password apps.
Regarding your second question I don't see why storing your Account Key within 1Password would be a problem. I would recommend creating the Emergency Kit for complete protection in case you lose all of your devices:
https://support.1password.com/teams-user-getting-started/#save-your-emergency-kit0 -
I understand that if you sign in again on the same device that it remembers your key. I guess that if you're "out and about" and want to sign in on a different device, it's not really feasible without remembering your key.
0 -
@kross76 I would be careful about signing into 1Password from an "untrusted" device. If it's compromised with malware such as a keylogger, you could unwittingly expose your master password and account key. That said, there are certain times when doing so might be unavoidable, and I've also wondered what I would do if I was (let's say) traveling and lost all my devices.
My solution is for my spouse and I to store our account keys in a shared vault that we can both access. In order to be locked out of 1Password, my spouse and I would both have to be away from home AND both lose all our devices before we would be locked out of 1Password. As an additional backstop, we have also authorized our Families accounts on a device that never leaves our home. In a close-to-worst-case-scenario, we would be able to get back into our 1Password accounts when we get home.
Finally, in a true worst case scenario (e.g. home burns down with all authorized devices inside and one or both of us hit our heads escaping and forget our master passwords), we have our emergency kit stored in a safe off-site location. Hopefully we'll never need it, but it's nice to know it's there.
0 -
I now get it. Very helpful and logical. Thanks.
0 -
@kross76 I'm glad everyone was able to help out with this! It's true that remembering the Account Key would be a mean feat, but the hope is that you would never find yourself in a position where you can't access your smartphone, a trusted web browser, or Emergency Kit. All of those things have to be true before you would have to fall back to memory, and the security benefits provided by the Account Key will usually outweigh the potential inconvenience that could happen if everything fails all at the same time :)
0