Stale system name showing up on 1Password.com after migration to new system?
This is driving me a little nuts ...
I had an old system (Office-Mac.local) that my wife decided to kick me off of (she wanted it). I replaced it with an iMac, and I migrated my account (but not system settings) from old system to new system.
1Password.com, when I look at my list of systems, shows the system as Office-Mac, even though my computer that I'm logged in from has a different name. This is very confusing. It seems like 1Password is caching that somewhere, but I don't know where!
To solve this, I tried:
- On the Mac, I removed my account from 1Password,
- On the WWW, I deleted (unlinked) that system. If I then refreshed (and logged in again), that system wasn't in the list,
- On the Mac, I then added my 1Password.com account.
Refreshing the WWW interface shows a new machine of Office-Mac, but that's not it's name!
If I do the same thing from Dropbox, then Dropbox.com shows the "correct" system name.
Any idea where this is cached, and how I can go about solving it so the "correct" system name shows up on the settings page?
/Jeff
1Password Version: 6.8.1
Extension Version: 4.6.11.2
OS Version: 10.12.6
Sync Type: 1Password Cloud
Comments
-
@jeffc: When you authorize a browser by signing into your 1Password.com account in a browser (without checking "This is a public or shared computer") or in the app, it will be recorded in your account's Profile page under the name in use at that time. That record will only be removed if you de-authorize it from there. This will void its authentication token (stored in either the browser or the app) and require you to sign in again to use it there, at which point whatever name is in use at that time will be recorded. Does that help?
0 -
If only this were true, then I wouldn't be posting here.
My machine name is Office-iMac, for what it's worth. The old machine name was Office-Mac. When I deauthorized 1Password and reauthorized, it comes up as Office-Mac, which is very confusing (since it's the improper machine name). As I said, Dropbox is having no problem looking up the machine name properly. Obviously, 1Password is caching that somewhere in my user settings.
Where can I delete the cache settings so that 1Password will look up the proper machine name and not cache it from the old configuration on the old machine?
/Jeff
0 -
@jeffc - you're actually correct, this is a known issue here. Our developers are aware of the issue, but I don't have any timeline to share with you for when you might expect a fix for it. Given that it appears to stem from having the database itself migrated from a previous device and thus the old device-name is known to the user (and thus not likely to be a fraudulent attempt to access your data), this may be a lower-priority issue for us, given everything else we have on our plates currently.
That's not to say we're not aware of it or won't fix it...just that its severity level puts it well behind a number of other issues, so it may not get solved right away. However, thanks for reporting and I've added your report with our devs. Keep an eye on updates, where you'll see it listed when it's fixed.
ref: B5-2725
0 -
Is there a way to work around this? Can I de-register a system, delete cache files from my system, and then re-register a system? Or do I need to actually delete and recreate my account to solve this issue? Is the problem on my side or on the server side of 1Password?
I'm anal about security, and keep a close eye on what machines are registered. It's very odd to have an old, stale machine entry in a list that is actually current. That's why I noticed this to begin with. It also makes it impossible for me to track two separate machine registrations since they both appear as "one".
Thanks for any help you can provide.
0 -
@jeffc - the issue is that you migrated your data over from the earlier, now-not-used
office-macto the currentoffice-imac. If you've got only your 1password.com account (and no local vaults), you may be able to delete 1Password for Mac entirely from your system and re-install it, reboot and then sign back in. I'm not entirely sure if that would solve the issue, but it might. Please follow these instructions for starting over on your Mac if you want to give it a shot, but please bear in mind that this is a best-guess at something that might work, not a proven solution. Let us know how it goes if you decide to try!0 -
@Lars This doesn't affect me but I found this interesting so I went ahead and tested this because I was curious to see if it'd work. It didn't work for me but I'll list the steps I took anyway:
- First for safe measure I uninstalled the 1Password browser extension (to make sure everything is completely wiped)
- I changed my computer name
- Deauthorized my computer from 1Password.com
- Went to help, troubleshoot, etc, entered in said code to reset all my data as listed in the linked article
- Deleted the 1Password app (6.8.1)
- Rebooted my computer
- Redownloaded the app from your website
- Proceeded to log in like normal and change the normal settings I change and customize my settings as I like it
- Checked 1Password.com for the name listed under authorized devices. Still said MacBook Pro instead of the name I changed it to prior, Ali's MacBook Pro
The only thing I noticed is that if I download the 1PW extension first before download the app and if I click it it doesn't do anything it isn't responsive which I find kind of confusing for the user. Even if I have the app and I am signed out if I download the extension first nothing happens when I click it. I had to download the extension after downloading the app and setting it up etc for it to work properly because then it prompted me for the authorization code.
Hope that helped some!
Ali Shah
Edit: How do you guys use that thumbs up "1Password styled" emote? I can't find it in the emoticon list, I only see faces.
0 -
Hi Lars,
Well, that's odd, especially since Ali's comments.
For me, it worked fine. I followed the directions in your link, and was immediately dismayed (1Password "helpfully" suggested to log back into my 1Password.com account - by name - making me think it didn't reset all data very well). I also noted that the browser extension got in a whacky state (just as it did with Ali).
But when I finished linking the account, everything is fine, and the machine name is now correct. I'm not sure why it worked for me but did not work for Ali, but I'm not complaining! :+1:
Thanks so much for your help! And if you have time, you might want to look at behavior of the browser extension in this "reset" case.
/Jeff
0 -
Hm, that's odd, but still great to hear that it worked for you :)
Would you mind telling me the steps you took to make it work? I'd like to give it another shot. But glad to hear all is well I also was prompted to log back in via name at first, I think it's because 1Password stores the secret key in the cloud or something, the second time I tried it it didn't prompt me by name.
+1 on the wacky browser extension.
0 -
Hi @jeffc and @AskAli -- I'm surprised at the disparity in results as well, frankly. I'm wondering: for you (@AskAli), did/do you have any local vaults within 1Password when you did this, or only 1password.com account vaults? That's the only thing I can think of, off the top of my head, that might've made your results different. Jeff, I'm glad to hear this worked for you. I, too, can be quite meticulous about my logs/security/etc, and it bugs me when things aren't ship-shape, even if the potential for harm isn't that large. So I'm glad we were able to get you to a resolution you're satisfied with.
@AskAli -- try a colon, with whitespace on the left side -- that should bring up a pop-up menu with the thumbs in them. Or just type
:+1::)0 -
@Lars :+1: Got it! :)
No I don’t actually. I’ve never even enabled local vaults. I just recently joined 1PW so I only have a single vault stored on 1Password.com.
I possibly could’ve done it incorrectly? Not sure.
It’s not that big of a deal though, I just wanted to try it for fun.
0 -
@AskAli -- Glad you got it. :+1:
In terms of what you did, it sounds right (meaning, I couldn't see any obvious missteps). However, since I wasn't there to observe step-by-step, it's hard to say with certainty. And since this was mostly an academic exercise for you, I hope you won't need to do this anytime soon; our devs are indeed aware of this issue, but as I mentioned, it's further down our priority list than some other issues. Thanks for helping investigate!
0 -
@Lars: One additional question, is it possible to remove the secret key from a Mac or iOS device or any device for that matter? If I delete the 1PW app from either my phone or Mac and re download it gives me the option to sign back into my same account and it already has my secret key stored.
I know for Safari I can just delete the cookies for 1PW and then it goes away.
0 -
@AskAli - excellent question! The short answer is no: your Secret Key is a long string of random characters equal to at least 128 bits of entropy which is used to combine with your chosen Master Password to strengthen the encryption key derived. The idea is that you don't have to remember the Secret Key...because it's stored on your device. You just remember the Master Password (like always), and you can unlock your data. If you were to delete that key, you'd need not only your Master Password but also your Secret Key to unlock your data again.
The technical answer is: yes, you actually can delete it -- but don't (for the above reason), except in extreme circumstances (like a lost or stolen device). In such a case, if you can sign into your 1Password account on the web, you can go to My Profile (click on your name), then deauthorize the device in question. This will remove the secret key, requiring the next person that tries to sign in to have both your Master Password and your Secret Key.
If you want the longer, more technical answer, please see About your Secret Key, and if you're a true aficionado of technical details, have a read through our security white paper. Let us know if you have any questions. Cheers!
0 -
So if my master password contained 99 bits of entropy then combined with my secret key it would have well over 200? Incredibly difficult to brute-force.
I actually have my secret key memorized but I guess I don’t need to then. It’s not even meant to be memorized correct? It’s either stored locally on device or in your emergency kit or wherever.
Ah, yes I’ve skimmed through the white paper before, I love it. Whoever writes all those great stories is awesome. I love that stuff, brings a smile to my face! It’s what AgileBits apart imo, your blog posts are also very informative and fun to read.
0 -
@AskAli - you memorized your Secret Key? Good heavens. But yes, to answer your question, that's over 200 bits of entropy; very difficult indeed to brute-force. For all intents and purposes, about as close to "impossible" as it gets. This also protects you in the event that someone ever tries to brute force our servers; even if they can guess your Master Password (unlikely if you chose a good one, and slowed down by PBKDF2), they would need one of your own devices to obtain that second encryption factor (your Secret Key).
The white paper's chief author is our own Jeffrey Goldberg, and yes: he's not only brilliant with the cryptography, he's also got a wonderful ability to make math-heavy subjects that might otherwise be sleep-inducing for most people, totally readable and even fun. We're very lucky to have him. Our blog is written occasionally by Jeff, but there the authors change much more frequently. You can see who's written a post right at the top byline under the title. Glad you like it! :)
0 -
@AskAli I know this is an old thread, but I was passing by looking for a good answer for and I can't resist an urge to help… if when you say 'remove the Secret Key' you're talking about the screen below (or its macOS equivalent), it's likely you've got iCloud Keychain enabled. In this case, 1Password helpfully (and securely!) syncs your Secret Key (or Keys, for those 1Password-mad multiple account holders) between your Apple devices for even simpler sign-ins (the first time I saw this, it felt like magic!).
You can open and search within the Keychain Access app on your Mac for
com.agilebits.onepassword.b5Credentialsto find these entries (though telling accounts apart can be tricky) – if you still want to, deleting these entries here should stop you from being prompted with them when next you sign in on a new Apple device. Hope this helps!
0
