Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
1Password Access after Death, Legacy Contacts
I am not planning to die anytime soon, but sometimes things happen. Beyond securing my 1Password details in an Escrow account, or with a lawyer, or in a bank lockbox, does 1Password offer any means of allowing one or more designated member of the 1Password Families account to access the 1Password account in case of the primary owner's passing? Apple now offers the ability to add one or more Legacy Contacts so that in case of your untimely demise, an Access Key and a Death Certificate allows Apple to grant the holder of both of these to get a new Apple ID that has access to your Apple ID Account. It may be something 1Password wants to consider, though I realize that reviewing Death Certificates may not be on the high list of priorities for the team! 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
Strength of 1Password master password vs 2fac
Hi 1P folks ~ I appreciated thedean‘s recent post about password complexity requirements and this got me thinking more deeply about how complex my 1Password master password needs to be. I use a hardware key for 2factor authentication (like a Yubikey), and I’m wondering how necessary a 70 bit+ master password is, if I use a yubikey like device too? I suppose the attack vector there is, they steal my yubikey. The question then becomes is it just as easy for them to spend—say “only” [EDIT] $76 M, as mentioned in your article dated 2018, updated last in 2021, for a 56-bits of entropy password–to crack my password if they have possession of my yubikey like device? Or does having to use my yubikey—even though they have possession—make a [EDITs made to bits of entropy] 56 bit+ password much more expensive? I like the $1T cost of 70+ bits, that way only if Zuck, Musk, and Bezos agree to burn all their resources together can it be cracked. ;-) Anyway, my question is—in short—do I need to have a 71-bits of entropy password if I’m using a yubikey-like device for 2fac, or not—if I want to maintain a $1T cost to attackers—were my yubikey to be stolen? (Iow, does having possession of my yubikey like device bring the cost to exactly what it would be if I weren’t using a hardware device, or does it somehow rate slow or otherwise inhibit the attacker and, essentially, add more bits of entropy or make it impossible(bly expensive) to attack a 56 bit password?)We're the team behind 1Password’s latest product enhancements. Ask us anything! (Wednesday, February 12th)
Hey everyone! 👋 We're the team behind 1Password’s latest product enhancements. Ask us anything! We’ll be hosting an AMA right here on February 12th at 9AM PT / 12AM ET with 1P_MattG - 1Password’s Senior Director of Product, End User Experience. This round of product enhancements includes exciting updates like a smoother mobile experience, better item creation and navigation, new ways to stay secure, and much more. Starting today, you can RSVP to the AMA and drop your questions here in this thread, and then we’ll answer them live during the AMA on February 12th at 9AM PT / 12PM ET! We can’t wait to chat with you and kick off our first AMA in the new 1Password Community! Check out our blog to find out more about our new and improved features. Our AMA Host Matt Grimes Senior Director of Product, End User Experience, 1Password
Watchtower Score not increased by MFA, passkeys or better passwords
Months ago my score for over five hundred (mostly Login) items was N. Since then I have * replaced many tens of VERY GOOD passwords with EXCELLENT passwords, * added tens of one-time passwords†, * added around ten passkeys, * archived around ten Login items with GOOD or VERY GOOD passwords and no one-time passwords or passkeys, and * added around ten Login items with EXCELLENT passwords, one-time passwords, and passkeys. There are now no Login items with Two-factor authentication† or Passkeys available, or any of the other drop-down categories. My score is now... N - that is, unchanged. According to How to improve your Watchtower score in 1Password, at the very least Enable 2FA is one of the changes which should have increased the score. Watchtower is an excellent feature and cleverly uses psychological methods to promote better behaviour. One way to increase the persuasiveness of the score is to compare it to relevant distribution(s) of scores. Obviously failing to increase the score to reflect substantial improvements does not help. Since this isn't about the actual score, I've called it "N", but just in case the actual score is relevant, it's ! 1194 on desktop (various platforms) and 1154 on mobile (Android) where the Overall Password Strength bar clearly indicates that it's out-of-date. †[Note the inconsistent naming.] 1Password Version: 8.10.56 Extension Version: 8.10.58.31 OS Version: Various Browser: N/A
From Family 4.6 ?
I've been useing sine 2010 and am running Family Pack, on v4.6 on Windows 11 with iPhones and iPad running 1Pass7 and all sharing the vault on Dropbox. As with all of us, my life is in that vault. :-) I am now changing Laptops. 1 - Where can I get 4.6.262 download for Windows, to use temporarily on new laptop whilst I change laptops and set it up. 2 - What is the easiest upgrade option. Will I need to buy new license?
Remove Duplicate Passwords
Is there a way to remove duplicate passwords easily? I accidentally imported my Chrome and Arc password exports (which are mirrors), and now I have duplicate passwords in my 1P, as seen in the screenshot below. I can't seem to find an easier way besides using the dev-tools to write my scripts.
Resetting an account completely?
Hello, I have an interesting conundrum. I have a 1Password acocunt, but I can't get into it. I deleted my secret key, and I can't log in without it. How do I log in to reset the account completely if I don't have the secret key, recovery codes or the emergency kit? I don't care about loosing the existing passwords or other details.
How do recovery codes compare to 2FA in terms of protecting my 1Password account?
I'm curious about the security trade-offs between relying on recovery codes versus using 2FA for account protection. How do these two methods compare in terms of securing my account in the event of a password breach or a lost device? Would using both offer stronger protection, or is one method generally more secure than the other in specific scenarios?
