Thrash leaving artifacts in password vault - visible in exported file.

sharza

Hi there

So I've been fiddling around with import of passwords into 1Password 4, as some may know by now :) I got that working (in the end), and so have been playing around. During a test export from 1Password (to 1PIF file format), I noticed that almost 3500 items was exported, which seemed odd, taking into consideration I only have around 611 entries stored in the vault.

Looking inside the 1PIF I see many items with the thrashed=true flag set.

This particular vault is the one I've been using during my attempts at importing entries into 1Password, which has involved numerous faulty imports, and following deletions of all items/folder. Most deletions done with shift+del for immediate permanent deletion, and others by mistake to thrash, which was subsequently emptied.

My guess here is, that somehow artifacts is being left behind in certain (maybe all?) deletion scenarios, not immediately visible, but still there and seen by 1Password (given the fact they are present in an export - admittedly without name and other information)

Unfortunately I've deleted the vault and created a new one, to get a clean slate - before writing this post occured to me, so I cannot provide any samples whatsoever, and havent done any further testing (yet anyway) wether this is re-producible or not.

Anyone else noticed this behaviour?

Regards,
Sharza

---

1Password Version: 4.6.1.617
Extension Version: Not Provided
OS Version: Windows XX
Sync Type: Not Provided

MikeT

Hi @Sharza,

Thanks for writing in.

1PIF is also used for updating your vaults manually, so it won't be empty in order to inform other copies of the vault to delete/empty the items. If it is empty, these deleted/emptied items would remain undeleted.

What you can do to cleanly export the ones you want is select All Items on the sidebar and then select the Selected Items when exporting via 1PIF, this means your Trashed items will not be included as well.

sharza

@MikeT: thanks for clearing that up. That just raises one important question for me:

What vectors are 1P using, for determing when changes has been replicated across all vaults? Are there any? Or are those artifacts simply gonna linger my vault forever?

MikeT

Hi @sharza,

What vectors are 1P using, for determing when changes has been replicated across all vaults? Are there any? Or are those artifacts simply gonna linger my vault forever?

Each item has its own unique UUID, which is stored in the 1PIF format. 1Password uses that and the timestamp value to update it across vaults. That's the UUID/timestamp you see in the export file.

Or are those artifacts simply gonna linger my vault forever?

They'll remain in the vault forever as 1Password wouldn't know how you'd be importing or exporting your data over time. As you've noticed, they don't contain your deleted data, just the UUID/timestamp/trashed status of them and it shouldn't harm the performance or anything like that. We may add an option to 1Password 6 to perform a database optimization process where it'd clean up these data completely for you.

sharza

Hi @MikeT,

Thanks for clearing that up. I will be looking forward to a cleanup routine, or a simple tombstoning algorithm, as I am no particular fan of having traces of data long gone, present in the vaults, regardless of it being "real data" or simply UUID's.

MikeT

Hi @sharza,

You're welcome. A tomb-stoning algorithm is something we've already implemented for Dropbox sync, it's just not included in the import/export formats. After 30 days, 1Password would skip importing any tombstoned items of that age when syncing.