I see that you store data on your servers. Where are your servers located?

TeresaBrz
TeresaBrz
Community Member

Are the servers in Canada? Is any data you save off-shore? If yes, what countries


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: kb:master-password-ios-keychain, kb:strong-master-password, ug:mac/changing-a-saved-password, kb:sync-options, kb:data-locations

Comments

  • Hi @TeresaBrz,

    Thanks for taking the time to write in with this question. We use Amazon Web Services to host 1Password Families and are using the us-east-1 region, which is located in N. Virginia within the US.

    I hope that helps. Should you have any other questions or concerns, please feel free to ask.

    Ben

  • _CH_
    _CH_
    Community Member

    @bwoodruff - any plans to move that data out of the US? There are plenty of alternatives to consider. Despite the fact that I use AWS for something professionally - US security is notoriously bad. While AWS have decent uptime and redundancy and all, if I have all my eggs in 1[password] basket I want to make sure it's the safest (commercially feasible) basket I can get.
    While on the (related) topic... Unfortunately, I think many of us have never been the biggest fans of Dropbox security either - Perhaps something like Spideroak,Tresorit, or Wuala for a future release could be considered as another alternative to Dropbox/icloud/the much anticipated Google Drive sync?

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited February 2016

    @"CH" It's definitely something we're considering, but not for the reasons you mention; rather, for greater redundancy and better availability from different locations.

    To be absolutely clear, while your 1Password for Families data may live on a server in Virginia (or anywhere else, if that changes down the line), it's encrypted locally before it leaves your device. And most importantly, your Account Key and Master Password (which are both needed to decrypt the data) are never transmitted.

    This means that if we're hacked, we become evil, or we're otherwise compelled to give up your data, it's useless to anyone but you, because no one else has the means to access it without both your Master Password and Account Key.

    Apart from 1Password for Families/Teams, we're exploring different 3rd party sync options for those who prefer the standalone apps as well, but we don't have anything to announce in that area at this time. :pirate:

This discussion has been closed.