[7.0.539] I can test local vaults! Now I got questions... lol

AlwaysSortaCurious
AlwaysSortaCurious
Community Member
edited April 2023 in 1Password 7 for Windows

So, if you have a 1Password account, is the local vault password encrypted by that master password? (seems to be). So once you create the local vault with a password, you can unlock it and all your vaults with the 1Password master password on the machine it was created on?

Just not clear to me. When trying to reproduce an old issue, I signed out and then thought I was being prompted for the local key but had to use my master password key from the already signed out 1Password account to open the application.

open vault on the pc is also grayed out under that lock circumstance and was not able to access the local vault. Actually, that option is always grayed out for me unless I am already signed in to the app and looking at all my data. Not sure that makes sense for a "local" vault option.

Also, once you sign out of 1Password and have a local vault, there is no way without signing into the local vault to sign into another account without unlocking the app first. Maybe that makes sense, maybe not?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @AlwaysSortaCurious,

    Thanks for taking the time to ask.

    1Password 7 Beta at the moment does not update its local database password when you sign out of 1Password account and have a local standalone vault remaining, it’s the same even if you don’t have a 1Password account. It’s listed in the known issues #6 but basically, we haven’t updated our Master Password update logic to support standalone vaults, it only checks for 1Password accounts.

    So, if you have a 1Password account, is the local vault password encrypted by that master password? (seems to be).

    Each 1Password install has a local unique device decryption key that is generated on the fly and then re-encrypted with an encryption key that is generated by the first master password you give to 1Password. So, your first standalone vault you create or open or the first 1Password account you sign in, it’ll be used to protect that local decryption key.

    That is how 1Password lets you switch any number of 1Password accounts and standalone vaults you add without having to unlock them individually, thus the name of our product, only one password you need to remember.

    Once we update our code to support standalone vaults, removing the first account or vault will switch the database password (re-encrypt the device key) to the next vault/account that was added after the first account/vault.

  • AlwaysSortaCurious
    AlwaysSortaCurious
    Community Member

    Thanks mike, I missed that known issue.....

  • You’re welcome!

This discussion has been closed.