best practice - store icloud account in 1password?

sicorace
sicorace
Community Member

good morning, I'm trying to design the best compromise of security and easy of use for me.

I'm on 1password for families.

Right now I memorized 2 passwords: 1password's and icloud's

I now want to change icloud's one to a 24char mess, like the one 1password generates, for security reasons.
Also so that I will need to remember 1 password

(ex: jk23h45kj3l2h452kj34h5l2k3j4h52lk5)

now, of course this means that I cannot memorize it, and I have to revert to 1password every single time I need the icloud pass.

Does any of you have a similar setup?
any ideas?
suggestions?

in normal use, how many times does ios ask you the icloud pass?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Corey_C
    Corey_C
    Community Member
    edited October 2017

    Hi there @sicorace :)
    For what it's worth, my iCloud password is a 1Password generated one and I don't know what it is. With Touch ID, and now Face ID, being a thing, iOS does not prompt you for your actual password very often at all. The only time I really remember getting prompted for my iCloud password and not Touch ID is when I go to purchase something from iTunes or the App Store for the first time after restarting my phone. Or when doing something on my Mac, which doesn't have Touch ID functionality. So I don't find having my iCloud password in 1P to be a real issue.

    But that is just me. What you decide is most comfortable for you is up to you.

    Cheers. :)

  • sicorace
    sicorace
    Community Member

    Thanks @Corey_C for your perspective!
    I think I'll make a move over 1pass for the icloud pass too.

    now, I need to figure out a way to retrieve the secret key (not the master password) when I'm abroad.

    Worst case scenario: I'm robbed, or I lost everything abroad.
    I'm alone, no phone no money.

    I need to have access to my phone address book, my bank account to ask for another credit card etc etc.

    So, I can ask someone a computer to connect to the internet. I know the master password, I know 1password website, I need also the secret key.

    How are you dealing with this scenario?

  • pervel
    pervel
    Community Member

    @sicorace: I don't think there really is a perfect answer to that. You need both your Master Password and your Secret Key to access 1Password. So unless you also memorise the Secret Key (not feasible for most people), you need to store it physically somewhere and hope it isn't stolen also. That really is the trade-off between convenience and security when dealing with two keys.

    I would suggest keeping a copy of your Secret Key written down somewhere inconspicuous. And keep it separate from your phone and wallet so it doesn't get stolen at the same time.

  • sicorace
    sicorace
    Community Member

    thanks @pervel !

    I was thinking of creating a jpg image with the 3, 4 mobile numbers of my close family (let's not forget I don't have a clue of other people's cellphone numbers!) and the secret key. And have it on public accessible easy to remember website I own. Like "sos.mywebsite.com".

    So, worst case scenario, lost robbed and raped abroad, I can ask for a browser and internet connection to get to my sos img file and thus get access to my 1password with all my documents numbers, scans, bank accounts, etc etc (and icloud password to get to my contact lists, find my iphone if I've been robbed etc).

    I think it's a good idea to prepare for the worst case in your head so that in that moment you keep your next steps bare to the minimum.

    What do you guys think?

    the only thing I HAVE TO remember is my own 1password subdomain and my master password. that's all (and my emergency website of course)

  • pervel
    pervel
    Community Member

    That's a neat idea. Close family is a pretty unbeatable way of authentication. :)

    Of course it does require that those people can be reached when you need it.

  • AGAlumB
    AGAlumB
    1Password Alumni

    That is a pretty cool idea. Not sure I have much more to add, but, getting back to the original question, I prefer to use a word-based random password generated by 1Password for my iCloud account and a few others which I need in various situations — for example, on my Apple TV... :lol:

This discussion has been closed.