Recover account missing last 6 characters of secret key

avlidienbrunn

Today I reinstalled the only computer where 1Password was installed. I took a picture of my Secret Key (Account Key) and went on my way. Due to the severely bad design of the 1Password 6 application, the "copy" button was covering the last 6 characters of my Secret Key.

I have access to:
Master Password
E-mail associated with my account
26 first (out of 32) characters of my Secret Key

I don't have:
Emergency Kit
Any other device with 1Password

Is there ANY way for me to reset my Secret Key?

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Frank

Hi @avlidienbrunn - Thank you for reaching out to us and for providing the additional details. I wouldn't recommend taking a picture of your Secret Key, it's one of reasons we provide an Emergency Kit for you to print out and keep somewhere safe.

By design, we don't store Secret Keys or Master Passwords since it would compromise the security of our users. We don't want anyone to have access to the keys to your account, including us, therefore we can't reset this if lost or forgotten.

You might be able to recover the Secret Key from one of your devices that has been authorized using this guide. You can also try to logging into the account using Chrome since the browser will often cache the Secret Key so you don't have to re-enter it. If you can't recover the Secret Key, the only other option will be to start over with a new account since we don't have the ability to reset this. Sorry again for the troubles and keep us posted if you were able to recover it. :+1:

feat_ford

Doesn't the browser caching the secret key significantly reduce its effectiveness as a secret? Now you're relying on a third party (google in this case) to keep its software bug-free so that no exploit can possibly recover the cached auto-fill information....

AGKyle

Hi @feat_ford

There's also an option to not store your Secret Key in the browser. On the sign in page is a checkbox to indicate not to save the data. If you're concerned about that scenario that is also an option.

Are you using a strong Master Password as well? If so, it's not the end of the world if someone gets your Secret Key. Your Secret Key can also be changed when you sign in. Goto your Profile and click the edit button next to the Secret Key to generate a new one.

Everything that makes something convenient is going to have an impact in some way or another on security. Imagine convenience and security being on a teeter totter. The more convenience you add the more impact you might have on security, it's rarely a direct correlation but it's just a way to visualize it. You can be super secure but have absolutely no convenience, or you can try to strike a balance somewhere in the middle and offer options so that users can try to balance it to their needs as well, which is what we try to do.

We can try to be very opinionated and make these decisions for users, but we realize we have to provide some options for our users as one size doesn't fit all. We make our opinionated decisions where we know it'll make the most impact, but surrounding those decisions allow some flexibility as well.

I am sorry for the trouble you've encountered though. Hopefully you have a backup or another device that is signed in. I've run into cases in the past where I thought I had everything I needed and formatted my drives only to find I forgot something. Ever since I've always made full backups of my data before formatting, and it has saved me a great deal of headache as a result. I've been in your shoes before and it isn't fun but if there's anything we can do please let us know.