Can I use or convert my 1P 7 OPVault for use with Windows 1P 4?
I have standalone licenses for 1P 4 and 1P 7. 1P 4 is installed on my on my PC laptop (now Windows 10, but previously Windows 7). 1P 7 is installed on several Macs. The Macs all sync with each other, but I have previously copied the OPVault from my Macs to my Windows laptop User/Documents/1Password/OPVault folder whenever I wanted to update the vault on the PC laptop. Today, for the first time since I updated my Macs to 1P 7, I tried to update my Windows 1P 4 vault and it did not seem to recognize the new OPVault. Should it have worked, or is the new 1P 7 OPVault no longer compatible with 1P 4?
If my 1P 7 OPVault is not compatible, is there any way I can convert it to work with 1P4?
Thanks for your elucidation!
Edit - Update:
I just uninstalled and reinstalled 1P 4. At the setup page I told 1P 4 to look for the 1P 7 OPVault I had copied into my PC laptop. 1P 4 found the vault, but it gave me an error message that the OPVault I had directed it to was read only. Does this help with your assessment of my problem?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Another Update
I exported all of my 1P 7 vault items as a .pif file and copied it into my PC laptop. Then I told my new installation of 1P 4 on the PC laptop that I was new to 1Password and asked it to set up a new vault, for which I created a new master password (using my 1P 7 master password, of course!). Then I opened 1P 4 and imported the .pif file. Voila, now I have a complete vault, less a few attachments that I have not yet loaded, in my PC laptop.
However, this is a long way around the barn just to update my 1P 4 vault. Is there a way to copy, or convert and copy, my 1P 7 for Mac vault directly into my PC? I note the 1P 4 vault on my PC is labelled as an agilekeychain, not an OPVault.
0 -
@fourwheelcycle - yes, there was a significant schema change in 1Password 7.2, which means an OPVault created there will not be readable in so old a version of 1Password for Windows. Since you're running Windows 10, it's time to upgrade to 1Password 7 for Windows as well -- and maybe time to think about a 1password.com membership, since all applications are included with a membership, instead of having to pay for both a Windows license and a Mac license. What you're describing (copying over an OPVault) was already a "long way around the barn," and can't be considered "sync" in any meaningful definition of the term, but since the schema change, the only way to continue whatever it is you've been doing would be the way you've already discovered: export to .1pif, re-import. And that's a rickety procedure, at best. Certainly not one we recommend. Can I ask why you're still rocking 1Password 4 for Windows when it's two versions out of date?
0 -
If you read my history of posts you will see that when I bought our standalone licenses for Mac and Windows, in 2014, I was very paranoid about security and did not want to sync anywhere outside of our home; especially at Dropbox, which had recently left a server open for an hour or more on a Sunday afternoon, which allowed anyone to access any account w/o a password!!!
I have synced over our home network until recently, when Agilebits, Dashlane, and a cloud storage site named Sync.com, plus others, implemented well-reviewed zero knowledge security. I understand even LastPass now claims to have zero knowledge security. Now I sync our Macs with Sync.com, but I still copy our Mac vault into our home network drive and then copy it from the network drive into our PC..
When 1P7 for Mac came out I tried 1P.com. You can see from my past posts that I became frustrated with 1P.com's secret key requirement. I often scrub our computers' browser caches, which wipes out 1P.com's secret key and requires me to enter it by hand. That is a pain, and worse, it requires me to keep a copy of our secret key in a copyable digital file right in the desktop of each computer, and a printed copy of our "secret" key in my wallet when I travel. What is the purpose of a "secret" key if it is lying around all over the place. Dashlane is able to implement zero knowledge security w/o a secret key, as I know because I now use Dashlane exclusively for its Emergency Access feature (see my other post on this).
Bottom line, I love 1P and I am not switching to Dashlane for day to day use. But I don't like the secret key feature so I am still syncing on my own, although now through a zero knowledge cloud site.
My wife used to use Windows due to long time familiarity, but I have now convinced her to switch to Mac, which is why I had not tried to update the vault on our PC laptop since I bought 1P 7 for Mac several months ago. I thought you might give me the answer you did. I am prepared to keep using the export and import technique to (infrequently) update our PC, since we now use the PC only a few times each year.
If Agilebits ever finds a way to implement 1P.com to your high standards for security w/o requiring a manually entered secret key after browser caches are cleared I will switch to 1P.com. I admire your high standards for security, but I do not understand why a secret key is necessary, since neither Dashlane or Sync.com have this requirement.
0 -
@fourwheelcycle - it's not really within the scope of this forum for us to opine on the features of other password managers or their relative merits. But the Secret Key of a 1password.com account isn't really related to "zero knowledge." Zero knowledge means that we don't have your data or even the means to acquire it. That's accomplished in 1Password by means of your Master Password, which only you know and which is never transmitted to us in any form; all encryption and decryption is done on your local device. The Secret Key is designed to be an extra layer of protection if our servers are compromised. You can read more about it at that link.
0 -
Lars,
Thank you for the link. It provides a very clear explanation, to a layman like me, of the difference between 1P's master password and the secret key. The link explains 1P.com is set up so that guessing my 40 bit master password would not allow access to my 1P.com database unless hackers also guessed my secret key, since access to my database (by hackers or by AgileBit's) requires knowledge of a 128 bit hash generated from my master password AND my secret key.
This is very reassuring, but since I often scrub my browser caches it means I would still have to keep a digital version of my secret key on each computer so I could copy and paste it each time I access my 1P.com server account. This is certainly doable, but it does represent an extra step, especially when Touch ID now enters my master password very easily when I unlock my standalone version of 1P 7 for Mac.
Is there any way to set up my secret key as a separate Touch ID "password" so I can touch once to enter my master password and then touch again when I am asked to enter my secret key?
0 -
Is there any way to set up my secret key as a separate Touch ID "password" so I can touch once to enter my master password and then touch again when I am asked to enter my secret key?
Not at present, no. And I'm skeptical about how that could be set up in the future, as well. It may be possible, but it may not, since the entire point of the Secret Key is to serve as a second encryption (not authentication) factor. You could set your browser cache-scrubbing feature to bypass the Secret Key removal -- after all, if an attacker manages to compromise your local device or physically steal it, they won't be trying to sign into 1password.com anyway; they'll just work directly upon the local cache of your data, which requires only your Master Password -- and if they wanted the Secret Key, they could just look in browser memory, unless their theft just happened to come between the last time you cleared browser cache and the next time you open 1Password. Any other time, and that Secret Key will be obtainable to anyone who's stolen your device and can access it.
0
