Vault Management
Like others on here, I have signed up to 1Password Families and have a few questions (probably too late to ask now, but anyway).
1/ Trust is an important part of this process. There are many companies out there selling this type of product. What type of guarantee do you offer that our data is secure (i.e. your internal quality control can highlight a rogue programmer adding code to the app to redirect it before it's encrypted)?
2/ As we are not able to backup our vaults - what type of resilience and disaster recovery features do you use i.e. do you store all data on an old Mac under your desk - or is it more robust ;-) What is the plan for data corruption your end?
3/ You've made it clear that your employees don't have access to the data. To what level do they have e.g. number of items in a vault? Last login?
Of course, I'm not asking for details in a public forum - just a very high level overview of the steps you've taken that may distinguish you from the competition.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Added point - it may be worth a blog post on this subject entitled something like 'Why should I trust you with my stuff'.
0 -
@architect1337: Thanks for giving 1Password Families a try, and for contacting us. Great questions! :)
- A very limited number of people actually have access to the code repository. And — more importantly — everyone with access can see everyone else's PRs. This can be frustrating at times, but it's crucial for security. After all, even if we never have a rogue team member, what if someone's account is compromised due to some exploit or outright theft? So we limit access to any of our systems to only those who need it. And while 1Password is not open source, we do use 3rd parties to review our products. And since 1Password uses standard cryptographic libraries that have been proven over time, we know that the math doesn't work: if someone changes things to try to introduce a backdoor, everything breaks and people take notice.
- All data on 1Password.com is backed up, stored redundantly, and each subsequent change is non-destructive: you can go back to a previous version of the item. So if, for example, you have a good data set on 1Password.com which is propagated to all of your devices, and then a bad disk (or, yknow, an ancient file system) corrupts some of your data, which is then sent to the server, well...first of all, the server will reject it if it's garbage, but if the server accepts it and you decide that it's garbage anyway, you can restore to the previous version.
- We only have very limited information about any given 1Password Account (distinct from information in a 1Password Account, of which we have none): name, email, account name, groups, dates (creation, login, subscription, etc.), and a lot of UUIDs for things which are encrypted (vaults, items). This makes things difficult sometimes during troubleshooting (if you refer to a vault or item by name, I have no idea what you're talking about), but I think this is really important for privacy.
You can read more details on this in our white paper.
However, these answers, without context, can't really speak to trust. If I'm some stranger you're just meeting, me telling you about how trustworthy I am doesn't carry much weight. Fortunately, we've been around for 10 years so we have a track record of openness about security and privacy. 1Password has never relied on secrets for security (well, except for your Master Password). And we don't act as gatekeepers to your data; even now, it's protect by encryption, even from us, and the two "keys" necessary to decrypt it are never transmitted from your device. But I think this says it all:
Send in the crowds (to hunt for bugs)
While I like your title better ('Why should I trust you with my stuff'), I think this might be the blog post you were looking for. The thing that makes me most proud to be an AgileBits team meow scrutiny, and we love to talk about these things — often long after everyone has long since passed out or retired to their rooms (did I lose you let? lol): we love a good security discussion, and I personally look forward to any other questions you might have. :)
0