Encrypted Backup or Archive
I looked unsuccessfully to see I am able to backup my data to my personal hard drive. At present, the answer appears to be no.
Do you plan to provide an encrypted backup? My fear is that Apple or something clears out the data for the app, the data in cloud then goes blank, and then I am left with nothing. I believe something similar has happened to one of your competitors.
I look forward to your response.
1Password Version: 6.0.219d
Extension Version: Not Provided
OS Version: Windows 10 Pro - 64 bit
Sync Type: Family Plan
Comments
-
Hi @Stecyk
Thank you for writing in with your concerns. Are you using now only 1Password Families? If this is the case, then you have nothing to fear. First of all, your data is stored on our servers. Even if you were to wipe your computer and iPhone (for example) clean, and fully delete 1Password from them your data will still be available in your account and ready to be accessed elsewhere. I don't really see how your data could ever be deleted by accident, given the way that 1Password is built.
That being said, if you still would feel safer keeping local backup copies of your data there is something you can do: Create a new local vault, copy all your items there, create a backup on your device, and when you're done delete de extra vault.
Please let us know what you think about all this :chuffed:
0 -
Total data loss would require not only a major malfunction on our end, but also the loss of all of your devices that are logged into your account. :)
That being said, if you still would feel safer keeping local backup copies of your data there is something you can do: Create a new local vault, copy all your items there, create a backup on your device, and when you're done delete de extra vault.
This is what I would recommend as well.
Ben
0 -
Hello @Pilar,
That being said, if you still would feel safer keeping local backup copies of your data there is something you can do: Create a new local vault, copy all your items there, create a backup on your device, and when you're done delete de extra vault.
Please let us know what you think about all this
To be honest, I don't like it. Here's what I want to be able to do easily.
One, Export whichever vault I want to an encrypted file. Once I have exported my file, I will save it to my Office 365 OneDrive for Business. In addition, when my PC is backed up, it gets archived once again. That way, should something happen, I will have an archived copy of my data.
Two, Export whichever vault I want to an unencrypted file in Excel and/or CSV format.
Granted, your "solution" works, but it is clumsy. I have to create another vault, copy data over to it, save it, backup my PC, and delete the vault. I'd like to eliminate many of the steps by simply exporting my data.
While losing your data seems like an impossible thing, it has happened to many users of a major competitor's product. Some of my data simply cannot be retrieved if ever lost. It's gone. That's why I would like to be able to easily create my own secure encrypted archives.
One can't be too safe.
0 -
1Password really needs to add a convenient way to backup the vault locally. I love you guys, but I don't trust any company 100%. Accidents happen. Hacks happen. I want to be able to at least have a convenient way of regularly backing up my data to my own source (emphasis on 'my data' and 'my own source').
0 -
I see where you're coming from. It could be more convenient. :) I appreciate you both taking time to write feedback about this. It's something we're considering for the coming versions of each app, since there has been a good amount of interest. Right now, Pilar's method is the easiest and safest bet.
One, Export whichever vault I want to an encrypted file. Once I have exported my file, I will save it to my Office 365 OneDrive for Business. In addition, when my PC is backed up, it gets archived once again. That way, should something happen, I will have an archived copy of my data.
Two, Export whichever vault I want to an unencrypted file in Excel and/or CSV format.
We're hoping to add export to a future version of 1Password 6 for Windows. It's a necessary feature. :+1: The only thing is, an encrypted export isn't something 1Password has ever supported, mainly because it would be protected by a Master Password. That's basically a backup, which is why that's what we're considering. Exporting is mostly for moving to another password manager if you decide 1Password isn't for you, and for advanced troubleshooting with database issues (pretty rare). That's why things are unencrypted.
Thanks again for the feedback, folks.
0 -
That's why things are unencrypted.
What are you guys thinking? Are you serious? Is this company dedicated to safeguarding our most cherished and vulnerable information--our passwords?
Someone steals a laptop or PC, and boom, they've got everything? Really? How much anguish would your customers go through if their computers were stolen with ALL their identity and password information left on the hard drive unencrypted? I thought your game was to provide your customers' with peace of mind that their valuable information was safeguarded--always.
Have a look at a competitor's product. You'll note that they do provide an encrypted export or backup solution. Why can't you?
0 -
Whoa whoa. Let's pump the breaks for a second here. :)
Someone steals a laptop or PC, and boom, they've got everything?
No. Not unless you've saved an unencrypted copy of your data somewhere they can get it. When you make an unencrypted copy of your data using 1Password we make it very clear that you are doing so and provide warning about it:
We also point this out in our documentation on the feature:
How to export data from 1Password
Your actual 1Password vault is of course encrypted, as are backups:
Security
You'll note that they do provide an encrypted backup solution. Why can't you?
We do too. And it happens automatically:
1Password backups
Do we offer an unencrypted export? Yes. Because that is the only way to take your data with you. We're not about locking you in. If you decide to move to another product, we're sorry to see you go, but we want you to be able to take your data with you if you do. In the screenshot you posted from Dashlane you can see they offer an unencrypted export as well ("Unsecured archive (readable) [...]").
I hope that makes more clear what is and isn't happening here. Thanks!
Ben
0 -
@Ben, while your explanation helps, in my view, 1Password's capabilities still fall of what I expect. Of course, I am just one (demanding) customer.
With regard to backups and security, you mention:
We do too. And it happens automatically:
Perhaps on your network backups are created, but I have nothing locally (that I am aware of).
As discussed prior to your post, 1Password version 6 doesn't offer local backups. Correct?
That being said, if you still would feel safer keeping local backup copies of your data there is something you can do: Create a new local vault, copy all your items there, create a backup on your device, and when you're done delete de extra vault.
I do like your automatic backups on 1Password version 4. That is very helpful. I'd like to export an encrypted file, too. With a future version, I suppose I could go to the hard drive location, fish out the local backup, and then do whatever I want. However, I would much prefer the ability to simply export to an encrypted file whenever I want to wherever I want. That way, I have full and complete control. That makes me more comfortable.
Yes, Dashlane provides unencrypted, for the reasons you mentioned, and encrypted files.
0 -
It's great to hear you expect such great things from 1Password. That means a lot. :)
1Password subscription accounts have automatic backup on the server side. At some point we may implement local backup from the apps as well for folks who require more control of their data. We're in the early stages of accounts, though, and this will be later down the road when the core features have matured.
As discussed prior to your post, 1Password version 6 doesn't offer local backups. Correct?
That's correct — 1Password 6 for Windows does not support local backups of any kind. This is because local vaults aren't fully supported in the app right now. When those get better support, backups for them will be closer on the roadmap. As far as accounts go, none of the apps support local backups for them right now. Ben wanted to point out that we do have encrypted backups, just not for accounts. Much of the time that's not an issue because you can always access an account from one of the apps, or 1Password.com if you don't have an app installed.
Hope that helps clear things up. :) I really appreciate you having confidence in 1Password. We're doing our best to improve it every day, and I hope we've got some of these items in a future release for you and other users to further delight in. :glasses:
0 -
1Password subscription accounts have automatic backup on the server side. At some point we may implement local backup from the apps as well for folks who require more control of their data. We're in the early stages of accounts, though, and this will be later down the road when the core features have matured.
This is show-stopper feature for me. Others, of course, will feel differently. To be comfortable, I need to control my own data, for it is too important to completely trust others to safeguard my data. Just tonight, for example, we learn that Yahoo has been hacked. Facebook allows users to download and save their data. Twitter allows users to download and their my data. I would expect that a password company would have this feature as a core feature early in software program's development.
Since you haven't begun coding yet, perhaps this is an opportunity to provide my wants. I would like to be able to export my data to an encrypted file, which can be in a proprietary format. If I ever want to purge my data and restore a prior backup, or, in a worst case scenario, restore my data because something bad happened on your end, I could do so in a heartbeat.
I look forward to this backup feature being available.
Thank you for the opportunity to provide some input.
0 -
Thanks for the feedback! There are certainly other users who feel that way, and we're considering ways of making local backups possible for them. Facebook and Twitter allowed users to download and save their data much later in their development, you may have noticed. There's also no way to restore that data on Facebook and Twitter, and we would need to make a way for you to do that so you could keep using 1Password if something did happen. I hope we can have a good solution for our users sooner than later, but there are still some important improvements we need to make to 1Password accounts before we can start on something like this. :) I'll let the team know about your interest in a local backup.
ref: OPM-3967
0 -
With Facebook and Twitter, backing up data isn't nearly as important. Put it this way, how many Facebook and Twitter users have ever backed up their data? While I don't know the value, I am guessing the percentage is low, perhaps (much) less than one percent. Now contrast their user experience with those user experiences of password software. How many of those users backup up their data? I am guessing that value is much higher than one percent. In other words, don't take too much or any solace that backing up data for Facebook and Twitter was a later stage development.
If you want to make comparisons, look at your competitors.
The reason for having mentioned Facebook and Twitter is that even they provide a means for backing up data. That is to say, customers do want the means of capturing their data. For a company dedicated to security of passwords, it should not be an afterthought.
I think we've beaten this issue into submission.
Good luck with your development.
0 -
That's true. I'm sure the team will have some great ideas on how to solve this in the future. :)
0 -
Why not just export a .1pif (csv or txt would be better) file into an encrypted disk that uses your master password. Seems like a better option than
Create a new local vault, copy all your items there, create a backup on your device, and when you're done delete de extra vault.
And if trusting a company 100% is an issue
export my data to an encrypted file, which can be in a proprietary format.
would be a terrible idea. Losing data across all your platforms and AWS/Agilebits losing all copies of the data is probably as likely as 1Password apps developing a bug, them going out of business, or whatever else leaving everyone in the dark. Without an open format what do you do?
Anyway both .1pif (or any file type) and vault copying are flawed since none of them support Documents.
However all the 1Password backup does is zip up a copy of the OnePassword.sqlite and the blobs in the data folder and dates it. While it would help with certain things like corruption or accidentally deleting something, in the case of a hard drive failure it's worthless.
Instead simply included the 1Password 4 App Support Directory (not sure Windows) in your backup schedules and you get the 1Password backup on crack. Though I still have to manually click to download docs added from another machine so they get included :frown: (option to auto download docs would be awesome).
Typing this I do realize one concern would be you guys lose all my data, my phone, 2 desktops, 2 laptops, iPad and super duper clones all get wiped out I'd be in trouble I suppose since my backup keys are encrypted with passwords in 1Password so I suppose for the truly paranoid mine is flawed :wink: though easily fixable.
0 -
Why not just export a .1pif (csv or txt would be better) file into an encrypted disk that uses your master password. Seems like a better option than
First, there is NO existing export function. And second, you're assuming that all users have an encrypted disk. Bad assumption.
"export my data to an encrypted file, which can be in a proprietary format." would be a terrible idea. Losing data across all your platforms and AWS/Agilebits losing all copies of the data is probably as likely as 1Password apps developing a bug, them going out of business, or whatever else leaving everyone in the dark. Without an open format what do you do?
No, it's a great idea. Otherwise, I wouldn't have suggested it.
I don't care how likely something is. If it can happen, I want to guard against it. And how do you know that I am always connected to the internet? Perhaps I am off-grid with a corrupted file and need to access critical information. As long as the App functions and is able to import its exported encrypted file, I am good. There are likely other scenarios where my idea saves the day. See, it's a great idea, one that another leading password company already employs. See the graphic earlier in this thread.
While it would help with certain things like corruption or accidentally deleting something, in the case of a hard drive failure it's worthless.
That's why I save the encrypted file to the cloud in addition to my personal computer.
Typing this I do realize one concern would be you guys lose all my data, my phone, 2 desktops, 2 laptops, iPad and super duper clones all get wiped out I'd be in trouble I suppose since my backup keys are encrypted with passwords in 1Password so I suppose for the truly paranoid mine is flawed though easily fixable.
Here's my reality: I don't care about all your devices. I want to secure MY DATA on MY COMPUTER. It's that simple.
0 -
There is a export function (select vault > file > export) and anyone can create a virtual encrypted disk.
It's not a good idea if you are truly worried about securing your data.
As long as the App functions and is able to import its exported encrypted file, I am good.
My point exactly. Perhaps you're off the grid and 1Password is corrupted. It's a proprietary format and losing the data isn't the only issue when you talk about securing access to it.
Backing up the 1Password directory is far better than periodically exporting and saving to Onedrive and if you cared about your data you would not use OneDrive. Corruption is a known issue that even Microsoft acknowledged as being a problem with their service.
Here's my reality @Stecyk I was discussing the issue here and not directly talking to you otherwise I would have added @Stecyk to my post. Happy to know you won't be losing sleep over all my devices. I was a bit concerned.
Hope you find a solution for YOUR DATA on YOUR COMPUTER. It's that simple. :+1: Have a smashing weekend.
0 -
There is a export function (select vault > file > export) and anyone can create a virtual encrypted disk.
But not everybody wants to create an encrypted disk, partition, or whatever. Instead, they want their software to be easy-to-use. Moreover, as stated by Pilar earlier in this thread, users would have to, "Create a new local vault, copy all your items there, create a backup on your device, and when you're done delete de extra vault." Again, too complicated. Remember, consumers have choices and there is at least one leading password program that is far easier to backup using an encrypted solution without having to create virtual encrypted disks and jump through other hoops.
As far as OneDrive is concerned, I use it and am satisfied with it. So that's not an issue for me. Others can do as they deem appropriate.
Next, when you quote others, you can often expect a response from them, regardless of whether you specifically mention their names and especially if you say that their idea is a "terrible idea."
Let's wrap this up by cutting to the chase.
- I expressed a desire that 1Password provide an encrypted backup solution to my own device.
- tastyroadkill, another user, confirmed that users want a method to backup their data to their own "source."
- Jacob, an AgileBits Team Member, stated, " I'm sure the team will have some great ideas on how to solve this in the future."
- Everything else in this thread is noise.
So let's allow the bright minds at AgileBits to solve users' concerns for securely backing their data to their devices.
Thank you for the smashing weekend wishes, and I wish the same for you.
0 -
First, there is NO existing export function. And second, you're assuming that all users have an encrypted disk. Bad assumption.
@Stecyk: All modern OSes have the ability to create an encrypted disk, either as an image or on a physical device like a USB drive. But you're right that not everyone is comfortable using these features. We'd think we can help here. :)
If you want to make comparisons, look at your competitors.
Unfortunately "export" features that result in missing or mangled data really aren't very helpful. We'd rather take the time to do it right, and also test thoroughly rather than releasing something prematurely that could damage people's data (that's why local vaults are still read-only in the 1Password 6 Windows desktop beta). I'm sorry for the inconvenience that causes. :(
So let's allow the bright minds at AgileBits to solve users' concerns for securely backing their data to their devices.
Indeed! As Jacob and others have mentioned, we're working on adding better backup and export features across all of the apps so that anyone can use them. Thanks so much for your feedback on this. Cheers! :chuffed:
0