Will you please add a re-encrypt feature?

IsaiahJTurner
IsaiahJTurner
Community Member
edited November 2017 in Mac

A common scenario is that a user may use an insecure password and then later change it to a more secure password. The user my be inclined to think that their data is now more secure, however, due to how 1Password stores backups and encrypts data this is not the case. This is a serious security vulnerability. There should be a relatively easy way to regenerate the AES key and users should be prompted to delete backups either immediately or after a predetermined amount of time when changing their password. This is kinda two separate features:
1. Prompt users to delete old backups that use a less secure password.
2. Support re-encryption of all data using a new AES key.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Will you please add a reencrypt feature?

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @IsaiahJTurner: Thanks for reaching out. This is really interesting. What you're proposing is already possible. I'll go into more detail, but suffice to say we're not going to automate doing something like destroying all of a user's backups. That would be pretty messed up. I understand your concern, but we have to consider all 1Password users in the design.

    You're not wrong though. You make some really good points, and in a perfect world I'd agree with you wholeheartedly that this would be the best thing to do...except in a perfect world you'd have used the visual cue of the password meter when choosing a Master Password and/or followed our advice to use a long, strong, unique Master Password in the first place.

    You can always create a new vault (which will get you all new encryption keys, which are in turn encrypted using the Master Password you choose) and delete backups, and we're happy to help with that. What we don't want is people doing things that could lead to data loss on their own unless they know what they're doing, or have 1Password facilitate the same.

    Now, you're probably thinking that there's a solution to this problem, and you'd be right: since we were starting with a clean slate, this is all possible "out of the box" now with 1Password.com accounts. And, most importantly, backups are included, and protected by the current Master Password and Secret Key. So already today we have a solution for both of our concerns. I hope this helps. Be sure to let me know if you have any questions! :)

This discussion has been closed.