To protect your privacy: email us with billing or account questions instead of posting here.

How does the account key work?

Options
dannlm
dannlm
Community Member
in Memberships

Hey I'm just a little confused about the account key and how it works. I would really appreciate some more details about it!

Does the account key work in conjunction with my master password to decrypt my password vault? (like two halves of a key put together to make a whole key) Or would it be more accurate to say that my account key decrypts a 'file/folder' that holds my password vault which is then decrypted by my master password? (sort of like encrypting a file and then placing it inside of an encrypted folder)

Also I read a comment by one of your team members that said, " the 1Password app saves your Account Key, by encrypting it with your Master Password locally." Could you give me some details on how this works?

I apologize for the slightly detailed questions. I would just like a better understanding of how my account key functions.

Thanks in advance!

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Frank
    Frank
    Options

    Hi @dannlm - Thank you for reaching out to us. Great question.

    In the standalone version of 1Password, everything is protected by your Master Password and all the security wizardry in the app. But with our new 1Password.com accounts, the Account Key is used to strengthen things even further. If you have a weak password, it's very unlikely someone will be able to access your data because the Account Key is a 128-bit string of characters that's generated locally when you set up your account. It never leaves your device, and we ask that you print it out to have a copy in case you need it later — you're probably not going to remember the whole thing. ;)

    It’s great to have a Master Password and Account Key protect your data, but they also need to communicate with the server to access your data, so we use three layers to protect things at rest and in transit. The first layer is based on your Master Password and Account key, which are used to derive a secret that is used to securely encrypt all of your data, both at rest and in transit between your devices and our servers. The second layer is based on the Secure Remote Password protocol. It allows your devices and our servers to make sure they are who they say they are. This provides an additional layer of protection against attack. The third and final layer is the standard TLS/SSL protocol. This layer provides a final layer of encryption and also allows your web browser to indicate that you were communicating directly with a 1Password web server.

    If you'd like to learn more about the security of 1Password, head to https://1password.com/security or you can read a little more about the Account Key here - https://support.1password.com/account-key-security/

    I hope this helps a bit. Let us know f you have any additional questions, we're always happy to help out. Have a fantastic day!

This discussion has been closed.