Changing Master Key, does it re-encrypt vaults?
If I use a 1password account and change my master password, is the vault data then re-encrypted using the new master password+secret key? I know old devices can still access their local copy of the vaults using the old master key (which makes sense) but I want to know from a curiosity perspective, what actually happens with vaults when changing the master key and using a 1password account. I didn't see any network traffic indicating that the vaults were re-encrypted when changing the master password.
This is about changing the master key on my.1password.com (so it should be the main source), not any one particular client.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
I see I used "master key" and "master password" a bit mixed here, it's about changing the master password, nothing else :p
0 -
@tozz: Thanks for reaching out. Good question! No, changing your Master Password does not re-encrypt all of the data. That could take a while locally, and you'd also have to re-sync everything to other devices from scratch. What it does is re-encrypts the encryption keys for the vault. If you want all new encryption keys and a new Master Password, you can create a brand new vault. That's simplifying things a bit though, so you may want to check out the security white paper for the rest of the details. I hope this helps. Be sure to let me know if you have any other questions! :)
0 -
Ah, that was as I expected then, so if I understand this right, if the actual 1password data (vault+encryption keys) hasn't been exposed in combination with the master password (obviously there's the secret key too, but just to simplify) there's no reason to worry if you change the master password, delete the data and re-add the account on any synced devices, correct?
0 -
@tozz: Correct, but all of that is handled automatically, provided you're online. The only risk is if someone knew your old Master Password and had access to your device, they could keep it offline and access the data. But that goes without saying with local vaults (or backups) as well. Does that help? :)
0 -
Yepp, thanks a lot for the help and clarity :)
I think a great feature to have in the my.1password.com client would be a way to recreate a vault (effectively changing the encryption key), right now it seems the only way is to export the vault in a desktop client, create a new vault and then import it?0 -
@tozz: So, the problem is that how 1Password.com works is much deeper than I discussed above, since I was trying to give a general overview of 1Password's security model. With 1Password.com, each vault has separate encryption keys, which are each in turn encrypted with your personal encryption keys, which are encrypted using your Master Password. It's true that the only way to get a completely new personal keyset is to go through the account recovery process, but in order to decrypt your data using an offline attack, an attacker would need to have your old Master Password, your old Secret Key, and all of your old keys encrypted with those — essentially they'd need to already have had the opportunity to get everything, before you ever changed your credentials. So you'd basically need to be fully compromised in the first place. Does that make sense?
0 -
Ok, so creating a new master password updates the key store (personal encryption keys) which in turn locks down the chain below, making a new key for the vault wouldn't improve security since one would have to assume the chain is unbroken (otherwise you're screwed anyway) and changing the master password fixes it from "the top".
Thanks again :)0 -
You're welcome! And I think that's a rather succinct way of putting it. Cheers! :)
0 -
@brenty So let me ask this question a different way to be sure I understand. Let's say someone currently using 1pw 6 standalone versions with DB sync has a concern their master password is too weak. They decide to create a new, stronger master password. It appears they have two choices as to how to go about it: 1) use the Change Master Password feature in the 1pw standalone version on each device; or 2) transition to a 1pw account/subscription using the new stronger password to establish the account and then migrate their standalone vaults.
Now, let's assume some nefarious evil soul hacks Dropbox or 1password.com, gains brief access to an unlocked device or otherwise manages to obtain a direct copy of a vault (an opvault file from Dropbox for instance, the equivalent from a 1password account or the local file on a device).
The evil soul now goes to work at their leisure to try to brute force decrypt the file. Does this evil soul need to brute force the old weaker master password, or the new stronger master password to "crack the case" so to speak; and, is the answer the same whether the user had transitioned to an account/subscription or stayed with the original standalone version & DB sync?
0 -
So let me ask this question a different way to be sure I understand. Let's say someone currently using 1pw 6 standalone versions with DB sync has a concern their master password is too weak. They decide to create a new, stronger master password. It appears they have two choices as to how to go about it: 1) use the Change Master Password feature in the 1pw standalone version on each device; or 2) transition to a 1pw account/subscription using the new stronger password to establish the account and then migrate their standalone vaults.
Now, let's assume some nefarious evil soul hacks Dropbox or 1password.com, gains brief access to an unlocked device or otherwise manages to obtain a direct copy of a vault (an opvault file from Dropbox for instance, the equivalent from a 1password account or the local file on a device).
The evil soul now goes to work at their leisure to try to brute force decrypt the file.** Does this evil soul need to brute force the old weaker master password, or the new stronger master password to "crack the case" so to speak; and, is the answer the same whether the user had transitioned to an account/subscription or stayed with the original standalone version & DB sync?**@oshloel: Ah, this is really interesting, as it highlights a significant difference between the standalone security model and 1Password.com.
To answer the first question, the current Master Password will be the only one involved in both cases. It's worth noting though that if an attacker gets a backup archive of your local vault from one of your devices from before the Master Password was changed, they could gain some advantage from that being weaker. That does not work in the case of 1Password.com.
Regarding the second question, if someone gets your actual local vault, they will "only" have to guess your Master Password. That isn't as bad as it sounds, because if you're using a long, strong, unique Master Password that will take them far longer than they have to begin with, as PBKDF2 slows down guessing considerably. But with the added security of the 128-bit, randomly-generated Secret Key, which is also used to encrypt the data, someone stealing the database from 1Password.com will not actually be able to perform brute force attacks against users' Master Password because both are needed, and we have neither.
So it's arguably splitting hairs I don't have (since we're talking about timelines which are literally astronomical in both cases), but 1Password.com is stronger against this kind of attack scenario than a local vault will be. And apart from our own efforts to prevent an attacker from breaking into our server in the first place, we also participate in external audits and cooperate with independent security researchers to find any flaws so we can fix them. I hope this helps, but be sure to let me know if you have any other questions! :)
0 -
Regarding the second question, if someone gets your actual local vault, they will "only" have to guess your Master Password.
@brenty Thanks! That's helpful, but as always one more question/clarification: In your explanation, WHICH master password? The old weaker one or the new stronger one?
To put this all in context, my wife and I have been using 1PW since who knows when. Manually entering my current master password in password generator shows it to have about the same strength (entropy?) as a 4 word diceware pw created by the generator based upon the length of the "strength" bar. No real problem there.
The issue is how best to strengthen my wife's relatively weak master password, and whether I should do something special to strengthen it down to the vault entries encryption level, as I transition to a families subscription now that v7 is becoming available.
I asked the question about an attack following direct vault access (local subscription cache or otherwise) because her laptop's account password also is not strong and I'm not sure how much stronger I can encourage her to make it.
0 -
Thanks! That's helpful, but as always one more question/clarification: In your explanation, WHICH master password? The old weaker one or the new stronger one?
@oshloel: It depends on the data they capture. The current vault? Then it will be the current Master Password. The backup archive from before you changed it? Then the old one.
To put this all in context, my wife and I have been using 1PW since who knows when. Manually entering my current master password in password generator shows it to have about the same strength (entropy?) as a 4 word diceware pw created by the generator based upon the length of the "strength" bar. No real problem there.
Sounds good. :)
The issue is how best to strengthen my wife's relatively weak master password, and whether I should do something special to strengthen it down to the vault entries encryption level, as I transition to a families subscription now that v7 is becoming available.
Definitely check out the article I linked earlier:
How to choose a good Master Password
And if you go with 1Password Families, any Organizer in the account will be able to help another family member recover their account if they forget their Master Password.
I asked the question about an attack following direct vault access (local subscription cache or otherwise) because her laptop's account password also is not strong and I'm not sure how much stronger I can encourage her to make it.
Gotcha. That's maybe okay in a home setting (provided it isn't stolen during a break in), but it's important to keep in mind the threat profile based on the context and adjust security measures accordingly. For example, if the laptop is used for work — potentially sensitive stuff — probably best to up security on it regardless of 1Password, even if it's used in a relatively safe home. Cheers! :)
0 -
Thanks. We're just old retirees, so no work situation; however, we do travel extensively, so security and exposure to theft, such as in a hotel, definitely is a factor.
0 -
Ah, well that sounds pretty good to me! Just a few necessary precautions so you can enjoy life then. Cheers! :)
0
