What happens if you forget the password to password manager?

Groussac
Groussac
Community Member

I'm sure the question has been asked before, but it might be useful to look at it again for other new users such as myself. BTW, a trustee to an estate might be faced with answering this question if the original user didn't copy down the password where it could be found...


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:What happens if you forget the password to password manager?

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @Groussac! Welcome to the forum!

    It is absolutely fundamental not to lose the Master Password. Without the Master Password, it will be impossible to decrypt 1Password data. For security reasons, 1Password does not store the Master Password anywhere, so it is really important that you don't forget it, or that it is stored in a safe place with the Emergency Kit.

    If you are part of a Families or Business account, however, your account administrator can help recover accounts:

    Recover accounts for family or team members

  • williakz
    williakz
    Community Member
    edited September 2020

    @ag_ana: I'm still a bit unclear on whether the Secret Key must be retained as well as the Master Password. You folks generally skirt the issue, thereby implying that ONLY the Master Password need be retained (e.g. in line with the "one password" theme).

    As I understand it, if there exists a working platform with 1Password already installed on it, then indeed only the Master Password is necessary to gain access to the encrypted info within the account's vaults.

    However if such a device no longer exists or 1Password is no longer installed anywhere, then the Secret Key is also necessary to have in order that the 1Password subscriber/user can gain access to their encrypted data on AgileBits' 1Password servers.

    Do I understand things correctly?

  • ag_ana
    ag_ana
    1Password Alumni

    @williakz:

    If you have a 1Password Membership, you need both the Secret Key and the Master Password to decrypt your data. When you configure a new device, you will need to enter both. Once you have configured the 1Password app once, you can unlock it with the Master Password alone from then on.

    If you have a standalone license instead, you only need the Master Password.

  • Groussac
    Groussac
    Community Member

    What about estate planning? Are there legal barriers to sharing the Master Password and Secret Key with an executor or a trustee? Do you guys require some documentation to support this outcome?

  • williakz
    williakz
    Community Member

    I'm sorry, @ag_ana, I'm STILL not clear on your meaning.

    First, as Ben is wont to advise one and all, 1Password membership is the way of the future. So let's just assume 1Password membership and leave standalone licensing out of (at least my portion of) the discussion.

    Assume further that I have fully and accurately memorized the Master Password for my 1Password membership, but that I do NOT know the Secret Key nor have I recorded it anywhere on paper (such as an Emergency Kit).

    Under what circumstances could I be alienated from my secure and encrypted data residing on your servers?

    Thanks in advance for the clearest, simplest explanation you can provide.

  • ag_ana
    ag_ana
    1Password Alumni

    @Groussac:

    I am afraid I am not a lawyer, so I am not sure what you mean exactly. I can tell you that from the 1Password perspective, you need the information included in the Emergency Kit to access a 1Password account. Without them, you cannot access the data.

    If someone gives you permission to access their Emergency Kit outside of 1Password, that is their decision though, and not something that we can have control over. But then again, if you have questions about the legal procedures for estate planning, I do recommend talking to a lawyer.

  • ag_ana
    ag_ana
    1Password Alumni
    edited September 2020

    @williakz:

    Assume further that I have fully and accurately memorized the Master Password for my 1Password membership, but that I do NOT know the Secret Key nor have I recorded it anywhere on paper (such as an Emergency Kit).

    Under what circumstances could I be alienated from my secure and encrypted data residing on your servers?

    As per my previous post, you need both your Master Password and your Secret Key to decrypt your data. If you lose just one of them, you won't be able to access your data on a new device.

    The only exception is 1Password apps where you already have your 1Password account added to it: you can continue accessing your information there with your Master Password alone, as usual. So you need to make sure that you have your Secret Key available to you, or that you can access at least one of your devices where 1Password is already configured, so you can retrieve the Secret Key directly from within the app:

    Find your Secret Key or Setup Code

  • williakz
    williakz
    Community Member
    edited September 2020

    Thank you, @ag_ana. That's perfectly clear now. I suggest you make it a point to stress the importance of securing the Secret Key to new subscribers to 1Password membership. The routine advice to save an Emergency Kit can come off sounding like an unnecessary precaution against forgetting the Master Password (as we'll ALL remember our MP forever!) with the Secret Key's critical importance getting lost in the background.

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for the feedback @williakz, that's very useful. We will continue to evaluate our messaging as we continue improving our service and documentation :+1:

This discussion has been closed.