WLAN secret code update on Android

joely
joely
Community Member

I created a new WLAN Sync secret code on my Windows desktop. How do I update the old secret code on the Android device? On IOS, there's an option to change the secret code but could not see that on Android.

1Password 4
Android 6.01


1Password Version: 4.6.1.620
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: WLAN
Referrer: forum-search:wlan secret code on android

Comments

  • Hi @joely. When you generate a new secret, you will be prompted for that new secret the next time you initiate WLAN sync on Android. Just enter the new secret at that point and you'll be able to continue syncing as usual.

    Let me know if you need anything else! Thanks!

  • joely
    joely
    Community Member

    Hi Peri. That's the thing, it does not prompt. See attachment for the error message the I received. The only way I was able to get the prompt was to remove then install the app again.

    Regards,
    Joel

  • AGAlumB
    AGAlumB
    1Password Alumni

    Ah, thank you. That's very odd. I'm sorry you ran into that issue, but I'm glad to hear that it's working with a fresh install at least. Cheers! :)

  • peri
    edited May 2017

    @joely I just wanted to add to this. Did you trigger WLAN sync? Unlike on iOS, 1Password 6 for Android doesn't support automatic sync with WLAN, so you need to manually trigger sync before it can occur. Please launch 1Password 4 for Windows and select File > WLAN Sync to open the WLAN sync window. Then launch 1Password on Android and, from the Categories list or from any category screen, either swipe down from the top of the screen to refresh the page, or tap the three dots in the upper right hand corner and tap Sync. This will trigger sync on your device.

    Once you've done that, 1Password should begin searching the Wi-Fi network for your computer. Let me know if that helps for the future!

  • joely
    joely
    Community Member

    @Peri Yes I did. I'm familiar with the WLAN sync process on both IOS/Android devices as I had been doing it wihtout any issues for quite sometime now until the secret code was changed due to new laptop.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @joely: Ah, that explains it. 1Password for Android wasn't asking you for the secret code because it was looking for the old computer. WLAN Server only works between a single computer and one or more mobile devices; so changing the computer does not require merely a new code, but effectively starting over since you're "pairing" it with a different computer altogether, so reinstalling the app to setup sync with the new one was exactly the right thing to do. Thanks for clearing that up!

  • joely
    joely
    Community Member

    @brenty In IOS, there's an option to update the secret code but that option is not available on Android. I doubt that this will be added in the future as I read that v6 does not even support WLAN which stopping me from performing the upgrade as I just could not trust storing all my passwords in the cloud even if the file is encrypted.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @joely: 1Password for Android version 6 definitely supports WLAN Server. Maybe I misunderstood what we were discussing here. It can be a bit confusing since this is mutually exclusive to the other sync options, meaning if you setup the app with Dropbox WLAN won't be an option unless you reinstall it.

    You're right about 1Password for iOS though with regard to the WLAN Server "secret". 1Password for Android prompts you to update it when connecting to its server if the server tells it its changed. But the iOS app has a place to preemptively change it on the client side. I disagree that this is a good thing though, since we still get folks there trying to swap between multiple servers (computers), which at best produces an error, and at worst screws up the sync state (trying to sync with multiple servers alternately). 1Password is designed to sync between a single WLAN Server and multiple clients, not the other way around.

    With regard to "the cloud", it sounds like you may not understand the protection that encryption offers, and you're just counting on no one ever getting your data from your device. 1Password isn't designed in the hopes that the database will never fall into the wrong hands. That's why we use industry standard encryption (the same which the FBI had trouble breaking in the Apple case, even though a weak PIN was being used). Your 1Password data is end-to-end encrypted no matter what, so it simply doesn't depend on the sync service to protect your data — or on you never losing your device or having it stolen. 1Password is secure by design, not by chance, so that if and when someone gets your data, they will not be able to decrypt it without your Master Password. A long, strong, unique Master Password means a cost of millions of dollars in equipment and time to brute force.

    That's only using local vaults though. With 1Password.com we took it even further, since both the Master Password and (128-bit, randomly generated) Secret Key are used to encrypt the data — and therefore both are needed to decrypt it. This way, an attacker cannot perform a brute force attack against the Master Password. And in the case of a server breach, all they get is an encrypted blob. We simply don't have the keys to decrypt it: the Master Password is chosen by the user, the Secret Key is generated on the device, and neither is ever transmitted.

    So while it's totally your prerogative where you store your data and how you sync it, I don't want you to leave the added convenience of other options on the table because it will offer a security benefit. It won't. When we're carrying our data around with us everywhere we go, there are plenty of opportunities for it to fall into the wrong hands. And any motivated attacker will not be discouraged by the limited obscurity of data which is not in the cloud, as, frankly, you're going to be an easier target than any service with folks working around the clock to defend against intruders. But our first priority is to make sure that if someone does get your data (or ours), it is useless to them. Better safe than sorry. :)

This discussion has been closed.