What is "share secret" when sharing a document?
I'm referring to this page about how security works when sharing a document with 1Password: https://support.1password.com/share-items-security/
I am wanting to share some financial documents with a bank and want to make absolutely sure they are shared securely. The above document says that a "random share secret" is generated on my device.
Can someone explain exactly what this is, and how the whole sharing process works once I share the link with the bank? Is the "share secret" a password, some encryption method, or what?
TIA!
1Password Version: 8.10.18
Extension Version: 2.16.0
OS Version: Windows 10
Browser: Chrome
Comments
-
Hello @birv2! 👋
Thanks for the question! Items that you share using a secure share link are end-to-end encrypted just like the rest of your items. This means that no one, including 1Password itself, can ever access those items.
Unlike other services, 1Password stores the encryption secret right in the share link itself:
https://share.1password.com/s#base64-encoded-secretThe part of a link behind the # hash symbol is called a URL fragment. Anything in the fragment stays on your device and never reaches the 1Password server. This is where the encryption secret is kept. When you create a secure share link a copy of your item is created, encrypted on your device, and uploaded to 1Password.com. Then the information needed to retrieve that item and the secret to decrypt that item are placed in the URL fragment.
When you send a share link to someone else, like your bank, you're sending them both the means to locate the item and the means to decrypt the item.
It's worth noting that anyone who has your share link will be able to access your item so it's important to send it to your recipient in a secure way. You can also make the item available to only some people who will need to verify their email address before they can view the item: Securely share 1Password items with anyone
Let me know if you have any other questions. 🙂
-Dave
0
