Question about security on a work computer

@htrouser - what you've just described is one of the very reasons we suggest not using 1Password on computers - any computer - you don't own/control. If you've got a 1password.com membership, deauthorizing that device was definitely a good step.

As to "any locally stored vault can't be accessed by anyone at work," the answer is probably -- but not necessarily. Let me try the reassuring part first: 1Password is designed to be very secure. If you chose a good strong Master Password and you never shared that with anyone - and kept your Secret Key private as well - then 1Password's defenses are quite robust indeed. However, for reasons it sounds like you've already read up on, if your work computer had surveillance-ware (keyloggers, screen recorders, etc) installed on it by your employer, then they could have relatively easily captured both your Secret Key and your Master Password as you used 1Password in the course of your day.

To be clear, if you have a 1Password vault (or more than one) on your work computer that you can't remove, it's protected by your Master Password. No one else who has access to your computer who did not already know your Master Password would be able to decrypt your data; they'd be essentially no better or worse off than an actual hacker/attacker, in other words: this is one of the very scenarios 1Password is literally designed to protect against, and it does an excellent job.

But yes, if your employer had invasive-enough spyware installed on your company-provided computer, they could indeed have captured both your Master Password and your Secret Key. How likely is that? I can't say. You seemed to suggest the answer is: probably not very, which is good, and it's what I'd expect in most cases. Even if it turned out your university did have that kind of surveillance installed, that would presumably mean that only the IT department would know this information, and it's difficult to imagine someone's employer using that knowledge to intentionally access their own employee's private 1Password database. But "difficult to imagine" and "impossible to imagine" are not the same thing.

So, if you believe that keylogging/spyware might have been present, or you just want to be as sure as possible, then changing your Master Password on a different device - one you own, not connected to your university's network - might not be a bad idea. The existing data on your work computer that you can't erase could still be opened with your previous Master Password, but there would be an authentication error message for the sync attempt. In other words, unless you (or someone else) entered the new Master Password into that error prompt within 1Password, only the existing data would be available, not any changes/additions you'd made since changing the Master Password. The absolute most secure thing to do would be to not just change your Master Password, but also change every password for every account you have, using 1Password on a device you control. That would render the data you can't erase on the work computer mostly meaningless. If you want my opinion, that's probably overkill. But it would be the best way to be sure the data on that work computer was of as little value as possible even if someone could access it.

To sum up, you wondered: "am I right in thinking that I'm probably safe moving forward?" Yes, probably, unless a) surveillance capabilities were already in place and b) your IT department or someone with authority over them is evil and wants to target you specifically. You asked: should you change your Master Password? Yes, if you want to be as safe as possible. But even if you did change it, anyone who had both your local data and your old Master Password would be able to access the local data (though not any changes made after you change the Master Password). One final thing: if you decide to change your Master Password for your 1password.com account, obviously DO NOT open 1Password on the work computer and change the authentication prompt to reflect the new Master Password, or you'll have undone any good you did by changing it in the first place.

Let us know if you have any questions.

@htrouser - you're quite welcome! :)

@htrouser - we've got a complete guide to how to manually uproot/uninstall 1Password, which you can use if you like. I was under the impression you couldn't delete anything, but if for whatever odd reason your employer's setup is such that they don't mind you fooling around in the ~/Library folder but just won't let you uninstall apps from /Applications, well, on a personal note I'd consider that a weird choice of opsec, but not my place to say. If you are able to remove things from ~/Library, then yes, you can definitely do it -- though if your employer makes regular iterative backups (which I would expect), then that data would theoretically live on forever in some dusty server room. But you can remove the working copy. If you were using 1Password 7 for Mac, your SQLite file (what 1Password actually uses) is at:

~/Library/Group Containers/2BUA8C4S2C.com.agilebits/Library/Application Support/1Password/Data
You might also want to delete:
~/Library/Group Containers/2BUA8C4S2C.com.agilebits/Library/Application Support/1Password/Backups
as well. Or for that matter, if you know you're never going to be using 1Password again on this Mac, just delete the entire 1Password folder in Application Support. "Nuke the site from orbit," as it were. ;)

If you had any standalone vaults synced via either Dropbox or Folder Sync to an Agile Keychain or OPVault, you might also want to make sure to remove those as well.

Again, this is likely to be an unneeded, abundance-of-caution operation, but yes: removing the data in this manner is another way to help ensure against the chance of future bad things, however remote.

On behalf of Lars, you are welcome! :)