Does the 1Password account based vault sync store my vault on your servers?
I'm just wondering how access to my vault on 1Password.com works. I've looked through the docs and can't find an explanation.
Is my vault stored on the 1Password servers? If so, how is this different than how LastPass stores/syncs vaults? Or is it basically the same at this point?
Thanks!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Does the 1Password account based vault sync store my vault on your servers?
Comments
-
Hey @mjclemente! Welcome to the forum, and thanks for posting about this. :) 1Password subscription accounts do sync with the server. Because of this, we worked on some extra security measures to make sure people are safe. There are three umbrellas of security in 1Password accounts. Before all of them is your Master Password and Account Key. In the standalone version of 1Password, everything is protected by your Master Password and all the security wizardry in the app. But in an account, the Account Key is used to strengthen things even further. If you have a weak password, it's very unlikely someone will be able to access your data because the Account Key is a 128-bit string of characters that's generated locally when you set up your account. It never leaves your device, and we ask that you print it out to have a copy in case you need it later — you're probably not going to remember the whole thing. ;)
It’s great to have a Master Password and Account Key protect your data, but they also need to communicate with the server to access your data, so we use three layers to protect things at rest and in transit. The first layer is based on your Master Password and Account key, which are used to derive a secret that is used to securely encrypt all of your data, both at rest and in transit between your devices and our servers. The second layer is based on the Secure Remote Password protocol. It allows your devices and our servers to make sure they are who they say they are. This provides an additional layer of protection against attack. The third and final layer is the standard TLS/SSL protocol. This layer provides a final layer of encryption and also allows your web browser to indicate that you were communicating directly with a 1Password web server.
Learn more about these details and all the other security wizardry in 1Password accounts from our security white paper.
As far as how the sync itself works, once items are in your account they sync automatically. Signing in to the account on another device will sync things there too. If there's existing data in 1Password, that can be moved over to the account to sync it:
Move your existing 1Password data to a 1Password account
Hope that helps!
0 -
Thanks @Jacob .
I think I have a handle on the setup now.
I was under the impression, initially, that the 1Password.com accounts worked similarly to the standalone installation, with the encrypted vault being stored locally, and synced via 1Password.com (instead of using Dropbox).
I now understand that, for accounts, the actual vault is not stored locally, but exists on the 1Password servers, with a local cache available for offline access, but the server vault existing as the source of truth.
That's an accurate understanding, right?
0 -
@mjclemente That is correct. :) You can use 1Password offline if you need to, and when you reconnect any changes will be synced to the server and back.
0
