Does 1PW Initiate a Windows 10 Notification to Backup Encryption Key?
After updating to the latest version of 1PW earlier this week and rebooting my system, I started receiving a new Windows 10 pop-up notification suggesting that I backup my encryption key.
When I open the notification, the window that appears seems to be a legitimate Windows OS dialog titled "Encrypting File System" with introductory text "Backup your file encryption certification and key" and several options to save to removable media, remind later, cancel. I forgot to take a screen capture, but can wait for it to come up again and post if necessary.
Is 1PW using Windows 10 to encrypt my local 1PW vault (all of my vaults are locally stored)? If so, what exactly would I end up backing up in this case - my vaults, a separate key that Windows 10 is using on behalf of 1PW during file operations, a 1PW encryption key, something else? Should I just ignore this pop-up?
Thanks!
1Password Version: 4.6.1.616 (19)
Extension Version: 4.6.1.90 Chrome
OS Version: Win10Pro Build 14393
Sync Type: Not Provided
Comments
-
Hi @ArcTangent,
First, we do apologize that we didn't inform you in the change log that this may start happening and what you can do. We plan to add a notice in the future to alert you what may happen before we start using your Windows account to encrypt external files.
In the most recent 1Password 4 update, we started using your Windows account's encryption key (Encrypting File System/EFS) to encrypt a local file used to initialize the pairing process between your 1Password extensions and 1Password Helper.
We do not use EFS to encrypt your 1Password data, this is only used to encrypt external files on the local drive. For an example, when you want to view your encrypted attachments, 1Password 4 will create a temporary folder encrypted with EFS and then store the temporary copy of that attachment in that folder. Once 1Password 4 is terminated, the folder is reset.
The EFS dialog you saw from Windows isn't from us, it's a default action it does when it starts being used for the first time and in this case, by 1Password using it to encrypt your pairing key and/or attachments.
You can ignore it and nothing will happen, none of the files are needed as the pairing can always be re-done and the attachments are always in your 1Password data folder.
However, EFS isn't used just for 1Password, it's reused anytime you want Windows to encrypt a file or folder. So, if you do use this feature, you'd want to back up your Windows account's encryption key because without this key, you won't be able to view these encrypted files on another computer.
0 -
Got it, that maps to what I experienced. The pop-up started after I opened Chrome and paired it with the updated 1PW extension for the first time. Thanks for your clear and detailed explanation @MikeT.
0 -
You're welcome!
If there's anything else we can do for you, let us know.
0
