Vault file location

robdejonge
robdejonge
Community Member

Hi,

I would like to periodically pass my vault to a trusted family member, so that they can have access to all my accounts in the event of an emergency. To do this, I need to know where the vault files are located on my Mac. Can you help point this out? At the moment, I synchronize through iCloud. I may be switching to a subscription and this may have an impact on what is used for synchronization. I'm not sure.

Why? Because I live abroad and (only) if something happens to me, I want my family to be able to access my accounts without having to go through multi-year processes in foreign languages in other countries with odd legal structures, etc. I've seen it happen.

Security? Aware of the risks. Another trusted family member will get the password to access the vault, the '1 password' if you will. They're both instructed to only team up in an emergency. Transport of the vault file will be done as securely as possible. Password issuance may move to a notary. There are backups for both roles. I'm trying to cover all eventualities.

thanks,
Rob

PS. If anybody has a better solution for this, please let me know!


1Password Version: 7
Extension Version: Not Provided
OS Version: macOS 10.13.5
Sync Type: iCloud

Comments

  • Lars
    Lars
    1Password Alumni

    @robdejonge - thanks for the question!

    At the moment, I synchronize through iCloud. I may be switching to a subscription and this may have an impact on what is used for synchronization.

    That would definitely be my suggestion. If you've got multiple people who either are already or want to start using 1Password, a 1Password Families membership is not only the best way to give each person their own vault and be able to share vaults with family members in any configuration you want, it's also by far the least expensive way for a family (two or more) to use 1Password -- and that per-user value only goes up, the more people you have.

    I live abroad and (only) if something happens to me, I want my family to be able to access my accounts without having to go through multi-year processes in foreign languages in other countries with odd legal structures, etc. I've seen it happen.

    If this is your goal, then not even 1Password Families will really solve that issue for you, because it's based around each person having his/her own Master Password and private vault (in addition to what is in the Shared vault). If you want to make sure you have an accessible digital legacy in the event of your untimely death, I'd still recommend 1Password Families if you have other family members who want to use 1Password, but even if you stick with standalone 1Password and iCloud sync, the way to go about such a thing would be to leave a copy of your Master Password (written down, if you're on standalone 1Password) or your Emergency Kit (if you're using 1Password Families) in a safety-deposit box and a copy of your key with an attorney, just like your written will.

    If you're comfortable with sharing the "live" contents of your vault with another family member (which I would not be, not because I don't trust my family, but because (especially with 1Password Families), there's simply no need for them to have visibility into my private vault while I'm alive, and there's certainly that possibility that they could inadvertently screw something up), then it really doesn't matter which way you go (standalone or 1Password Families), since you'd be giving that person access to everything anyway -- or at least potential access.

  • robdejonge
    robdejonge
    Community Member

    1Password Families is not an option. Other members of the family all have their own solutions, none of which is 1Password. I like the Emergency Kit option, but if that is (as you said) only for 1Password Families then it's a no-go.

    I just need to know where the vault files are located!

  • Stephen_C
    Stephen_C
    Community Member

    @robdejonge you will probably find this AgileBits' post helpful in the context of your question.

    Stephen

  • Lars
    Lars
    1Password Alumni

    @robdejonge - Your 1Password data is stored in the following locations:

    • Mac App Store version - ~/Library/Containers/2BUA8C4S2C.com.agilebits.onepassword-osx-helper/Data/Library/Data/OnePassword.sqlite
    • AgileBits version - ~/Library/Application Support/1Password 4/Data/OnePassword.sqlite
  • Stephen_C
    Stephen_C
    Community Member

    @Lars far be it for me to tread where angels fear to tread (although I'm going to do it anyway!) but as the OP said he was using 1Password 7 is the data container—at least for the AgileBits' version—not in the location indicated in the post to which I linked rather than as you indicate (which is the old data store for 1Password 4–6)?

    Stephen

  • Lars
    Lars
    1Password Alumni

    @Stephen_C

    far be it for me to tread where angels fear to tread (although I'm going to do it anyway!)

    You're encouraged to, if you see us making a mistake! And you're quite right, I did this time. My apologies to you, @robdejonge. Data for 1Password 7 for Mac is located here:

    • ~/Library/Group Containers/2BUA8C4S2C.com.agilebits/Library/Application Support/1Password/Data/OnePassword.sqlite

    Now anyone reading this thread will know both 1Password 7 for Mac locations and the new 1Password 7 for Mac location for their data. Everybody wins! :)

  • jwholder
    jwholder
    Community Member

    "Now anyone reading this thread will know both 1Password 7 for Mac locations and the new 1Password 7 for Mac location for their data. Everybody wins!"

    Given that I'm using the latest version of 1Password 7 (1Password 7 Version 7.1.BETA-0 (70100000) AgileBits Beta), can I now safely remove ALL ~Library/Containers... and ~Library/Application Support... 1P associated files?

  • jwholder
    jwholder
    Community Member

    I should add that I use a 1Password Account.

    Also, just to clarify for me (and I suspect others), so I have a local copy of my my 1P database in ~/Library/Group Containers/2BUA8C4S2C.com.agilebits/Library/Application Support/1Password/Data/OnePassword.sqlite as well as a "mirrored/synchronized" copy on AgileBit's server?

  • Lars
    Lars
    1Password Alumni

    @jwholder

    Given that I'm using the latest version of 1Password 7 (1Password 7 Version 7.1.BETA-0 (70100000) AgileBits Beta), can I now safely remove ALL ~Library/Containers... and ~Library/Application Support... 1P associated files?

    I wouldn't. Not all of those are unnecessary, which is one of the reasons we recommend against the use of "cleaner" apps, since they often simply Hoover up everything, including (in worst-case scenarios), the user's data. Poof. Gone. For example, if you just "remove ALL ~Library/Containers," you'd be removing 2BUA8C4S2C.com.agilebits.onepassword7-helper, which is a necessary file for 1Password 7 for Mac. You could safely remove the similar-looking 2BUA8C4S2C.com.agilebits.onepassword-osx-helper, because that's for the older version of 1Password (6 and below)...but how would you know that? My point here is that unless you have a teeny SSD drive and are desperate to free up space, it's better to leave that stuff alone. It's either necessary or it's from a previous version and doesn't conflict with the current one or otherwise slow down your system.

    It's also true that if you remove the previous versions' data stores, you'd never be able to restore from any kind of backup there, if necessary. Granted, that's an unlikely event, but if you've got a big enough hard drive not to worry about saving space, I'd recommend just leaving those items where they are. If you're using a 1Password account, then what you have is a local cache of the "canonical" record on 1password.com servers. Each time you use 1Password for Mac with your 1password.com account added, the first thing it will do is ping the server to get/push any changes and reconcile conflicts. But if you're (for example) in an internet shortage at the moment, or you have your phone on Airplane Mode, the local cache allows you to access your 1Password data without requiring an internet connection and sync.

  • jwholder
    jwholder
    Community Member

    Thanks for the clarification on Vault locations and usage. My only consideration for removing files no longer relevant to 1Password 7 is simply "housekeeping", not based on space considerations. Might I suggest a section in your documentation about file locations? I think it would save a lot of time asking/answering these types of questions.

    FWIW, I've been a 1P user since 1.0 and have converted hundreds of new users since then :) Keep up the top notch work you're doing!

  • Lars
    Lars
    1Password Alumni

    @jwholder - thanks so much for the kind words. It's early-adopters like you who have quite literally been what's allowed 1Password to grow into what it is today. You may already know this, but we have never taken a dime of venture capital funding, and we've actually resisted offers of buyout over the years. That means we don't have "additional revenue streams" we can count on, but it also has left us free to pursue our vision of the best password manager possible while having to answer to no one but ourselves and you, our awesome users.

    Regarding file locations, as you're no doubt aware, Apple hid the library folder starting in...Lion, I think (10.7.5)? This caused plenty of consternation for some, but I think in retrospect it was the right decision. Too many users these days have no idea they even HAVE a Library folder, let alone what it's for. And if it's visible, people with less understanding than you of what's important and where it lives on your hard drive can, have and will continue to say "hey, what's THIS?? I don't need that"...and wind up throwing away critical files from ~/Library or even /Library. So these file locations are something we recommend people not dive into anyway, without instruction from us first. However, I'll run your suggestion past some other folks here and we'll see what happens. :)

  • danielharvey
    danielharvey
    Community Member

    @Lars In relation to the 1Password 7 for Mac location:

    • ~/Library/Group Containers/2BUA8C4S2C.com.agilebits/Library/Application Support/1Password/Data/OnePassword.sqlite

    I am seeing OnePassword.sqlite untouched since June 2018, whilst B5.sqlite is current.

    Are you able to clarify?

    Is backing up this folder enough for disaster recovery? Specifically, is the following sufficient to obtain access to a 1Password account data without Internet access:
    1. A current 1Password installer
    2. The contents of ~/Library/Group Containers/2BUA8C4S2C.com.agilebits/Library/Application Support/1Password/Data/
    3. Master password + secret key

    Thanks,
    Daniel

    --

    1Password 7
    Version 7.3.2 (70302004)
    1Password Store

  • Lars
    Lars
    1Password Alumni

    @danielharvey - I guess it depends on what you mean by disaster recovery. You can't simply back up that folder to an external drive, wipe your drive, replace it and expect it to work.

    That said, there's already redundancy in place. That folder can serve that purpose in a disaster recovery scenario, depending on specifics. On the server side, not only do we make backups of our own, but AWS also makes backups and has distributed "availability zones" as well. If you experience a disaster - lost/stolen devices, natural disaster, etc - then your data will remain available on our servers; as long as you have the Emergency Kit or otherwise know your Master Password and Secret Key, you can sign back into your account from any new device as soon as you're able. And if there is a disaster that's large enough to affect AWS and all their availability zones, which throws the 1password.com servers offline temporarily, then the local cache of data on every device on which you're already running a 1Password app acts as your backup.

    That file location you mentioned is the local copy of your data. Access to it doesn't equal sync with the 1password.com servers, but this local cache of your data is how you're able currently to open your 1Password data when you don't have an internet connection, such as in airplane mode on a plane, or if you're out of range of Wi-Fi, etc. Hope that helps.

This discussion has been closed.