Will Apple release their own password management software in touchbar?

[FatherJack1980]

Sorry if this is in the wrong category.


1password seems to be the only password management system that utilizes the touchbar ...however I do not trust 3rd party apps for my passwords; so I'm asking if Apple has ever hinted that they will release a password/security app for the touchbar (where the passwords are not stored in the cloud)?

I know Apple has keychain but I don't trust the cloud completely - I would prefer my passwords being locally stored on my computer and phone (if one thing died I would be able to retrive the info from the other device, when setting up a new computer/phone ...I imagine both things dying at the exact same time to be statistically unlikely)

I would also love to have the ability to tell my computer, through the Settings app in the iPhone, that to expect a different kind of fingerprint id than mine, but it must let that fingerprint into the operating system - but to hide and/or close apps that I didn't want that person to have access to (would be very useful if the laptop had to be repaired or a child wanted to go onto the computer).

I don't want to setup a guest account because I think it's ugly to see that at the login screen

So far I know that you can lock the Notes app in the iPhone ...but nothing else (!)



I'm a Windows user and contemplating the idea of moving over to Macos and iOS - mainly because of two things; they kinda share the same ecosystem whereas Windows doesn't have any phones anymore and because of Homekit which I'm pretty sure Windows doesn't have and will not have, at least not in the near future.

One of the things I want is a big screen, and so far the 15" doesn't offer a laptop without a touchbar; but I also prefer the new models to the old ones because the new ones are lighter to carry.

Apple encrypting my passwords on my devices (like they do with the fingerprint through touchid) and the interaction between the iPhone and Mac computer with touchbar (where you could remotely lock sensitive data in your computer through your phone and vice versa, for example) would lock me into their ecosystem - and I would be happy with that, which is not a common occurrance. I know there's an event soon, but has Apple hinted at them being wiling to go this route?

 

[ZapNZs]

I doubt it - and I especially doubt they could make something as good as 1Password, especially in regards to cross-platform functionality. Personally, I have greater confidence in Agilebits' dedication to protecting customer PII more so than I do with Apple or Microsoft, based on my own interactions. Big fan of the App, and very big fan of the people behind it.

 

[casperes1996]

1Password is encrypted with AES256 as far as I recall.

I find it very unlikely Apple will make what you want.

Why not use the standard Keychain though? If you don't want it in the cloud, disable keychain in iCloud and manually move over the keychain.

 

[AGKyle]

Sorry if this is in the wrong category.


1password seems to be the only password management system that utilizes the touchbar ...however I do not trust 3rd party apps for my passwords; so I'm asking if Apple has ever hinted that they will release a password/security app for the touchbar (where the passwords are not stored in the cloud)?

Hi there.

I work for AgileBits, and am one of the developers on the iOS and Mac team working on 1Password.

Can you explain a bit more about what your concerns are? I'm also a member of our security team so I'm happy to have a chat about any worries you might have.

 

[killawat]

I have a hard time trusting a software for holding passwords called "Snitch"

Little Snitch is a host based firewall app thats sold in the App Store and has been on the scene for several years. It is the first app many people install on a fresh OS build (myself included) and has the ability to stop cold some of these new ransomware/trojan attacks that show up for the Mac, amongst other things.

 

[Trey M]

I agree with what others have said; to Apple, the concept of a 'password' is counterintuitive and the odds of them releasing something along the lines of a standalone password management application (including touchbar functionality) are zero to none. I think their current iCloud Keychain implementation is as far as they'll go.

That being said, 1Password is a fantastic application which is updated frequently and has a proven track record. As far as features of a password management application I can't imagine a better solution to what it seems you're looking for OP. And look at the customer service! ^^^

 

[AGKyle]

My family has purchased several copies of 1Password, including iOS (Pro), Mac, PC. Originally I purchased the Mac client before it became available in the MAS, and I recall I upgraded to the MAS version for the iCloud sync option. I have also encouraged several family and friends to purchase the app, it has become a standard in my circles! PC users in our family have been using DropBox for their sync destination.

Given the considerable investment we have already made in the apps, we are hesitant to move to a family account.

• Will AgileBits continue to update the standalone clients, or will there be an end of road for the standalone clients as happened with v3 (actually, it still works with local sync as i recall)?
• I glossed over the security paper because it focusses on Teams, is there a similar document covering the standalone clients or are the concepts similar?

Thanks for jumping in on this forum, I use this product many times daily, and it is reassuring to see the dedication to security and transparency.

First, thanks for being so willing to pay for all the various versions. This is one of the reasons why the subscription option actually came about. Users of our subscription option get all of the applications (Mac, Windows, iOS, and Android) and even allows Mac users to use our website version or the MAS version now that we've made it free with In-App Purchase just like the iOS app has been for awhile now. This sounds like it may have alleviated some of your troubles right with that.

We've stated in the past we'll continue to provide the standalone versions and we have, they're available both in the App Stores and for the Mac version on our website. We continue to push out updates to version 6, we released version 6.7 not too long ago and we're hard at work on version 6.8 now.

The security paper is the same for individuals and family accounts. The big differences between them is with regard to features mostly. Each has slightly different wording because "admin" doesn't make sense for Families, so they're called Family Managers, and there's no such thing as an admin or family manager in individual accounts. So template differences between them mostly and then features, as you'd expect the Team solution has more features targeted at businesses, and the family solution has things more focused on families.

But under the hood, all 3 solutions use the same exact underlying technology. So the white paper applies to each and every one of them from a security standpoint.

 

[leman]

Apple has offered a password manager for quite a while now — its Keychain, and its deeply integrated with the OS. AFAIK, it also uses all the security hardware the OS offers automatically, so it should be fairly safe. I am fairly sure that Keychain will get full touchbar support eventually. If you don't like its cloud-based sync capabilities, you don't have to use them. Although one has to say that cloud sync is fairly safe, as its encrypted with your user password and thus the data can't be read by Apple or anyone else.

 

[smallcoffee]

Sorry if this is in the wrong category.

Kind of, but that's ok.

1password seems to be the only password management system that utilizes the touchbar ...however I do not trust 3rd party apps for my passwords; so I'm asking if Apple has ever hinted that they will release a password/security app for the touchbar (where the passwords are not stored in the cloud)?

I know Apple has keychain but I don't trust the cloud completely -

I don't think they'll make anything. Their vision of the future is no passwords.

I would prefer my passwords being locally stored on my computer and phone (if one thing died I would be able to retrive the info from the other device, when setting up a new computer/phone ...I imagine both things dying at the exact same time to be statistically unlikely)

Hm, so as others have mentioned, you can use Keychain, but if you don't want to use "the cloud" then what you're asking here I think is pretty difficult to implement. How would you transfer the passwords from device to device?

I highly recommend that instead of having multiple passwords, you choose, maybe two. One, that is incredibly complicated and impossible to guess that you'll use for websites like banking or email, and one that you wouldn't care if the account got hacked, like the forum. There's simply no need to have a password manager because you shouldn't have so many different passwords - all it does is lead to poor password practices.

I would also love to have the ability to tell my computer, through the Settings app in the iPhone, that to expect a different kind of fingerprint id than mine,

Ok so, you can do this but not the way you've described. You can set different fingerprints for both iPhone and Mac independently, but you can't set a touchID password on your iPhone for use on your Mac or vice-versa.

but it must let that fingerprint into the operating system - but to hide and/or close apps that I didn't want that person to have access to (would be very useful if the laptop had to be repaired or a child wanted to go onto the computer).

I don't want to setup a guest account because I think it's ugly to see that at the login screen

Not possible that I know of. You can probably, somewhere in some setting, require a password/touchID to open certain apps, but I have no experience with it. The preferred option is the one you think is ugly, but I believe you can update settings such that you don't view multiple profiles on the log in screen.

One of the things I want is a big screen, and so far the 15" doesn't offer a laptop without a touchbar; but I also prefer the new models to the old ones because the new ones are lighter to carry.

I thought Apple was selling. non-touchID version of the 15 inch, but then that defeats your touchID password ideas.

Apple encrypting my passwords on my devices (like they do with the fingerprint through touchid) and the interaction between the iPhone and Mac computer with touchbar (where you could remotely lock sensitive data in your computer through your phone and vice versa, for example) would lock me into their ecosystem - and I would be happy with that, which is not a common occurrance. I know there's an event soon, but has Apple hinted at them being wiling to go this route?

I don't think you can remotely lock sensitive data on your computer from your phone. But Keychain and Apple's security management is pretty top tier. I think you should be comfortable using it. You can also use FileVault to encrypt data on your drive in case you lose your laptop or it gets stolen.

Hope this helps!

 

[casperes1996]

~/Library/Keychains – Copy it over to another computer and you should be good to go. The entire keychain is locked with your login details, so you need to know that one manually. You can also lock it down further from the keychain app.
Oh and regarding locking sensitive data from your phone or whatnot, ssh into the computer and use OpenSSL to encrypt the data. Doubt there's anyway to do it without using the Terminal however.

 

[killawat]

Keychain works but you have to pay attention to the be familiar with some of its inner workings to get the most value. Whereas 1Password is much more straightforward and the autofill features are top notch. It is not difficult to create a unique login for every website you visit with minimal impact to your workflow.

So grab 1Password and Little Snitch.

Ask Snitch to block outbound network (including updates if you are highly paranoid) for 1password.
Ask 1Password to lock after 1 minute of inactivity.

For tin foil enthusiast, run 1Password in a Mac OS VM with no network connectivity or shared folders, encrypt with filevault.

Done

 

[casperes1996]

Can you explain a bit more about what your concerns are? I'm also a member of our security team so I'm happy to have a chat about any worries you might have.

Well, I know this isn't targeted at me, but I'd like to ask a question regarding security anyway.
Keep in mind I've yet not used 1Password, so I may be wrong about a few assumptions.

Now I assume there's a global password for the app that encrypts all the passwords locally with AES-256. I also assume that when the passwords are sent to your servers for syncing with other devices, that private-public key cryptography is used and that the encrypted "keychain" is locked with your server's public key before being sent to the server, after which it is unlocked and locked with the syncing device's public key before being transported off to that device. First off, what private-public key generating algorithm is used if this assumption is correct? If somehow the private keys could get found out, a weakness in the global password could render the entire "keychain" accessible. Or indeed if your servers were hacked, only the user-defined password that encrypts the passwords with AES would be a barrier for an attacker to get the passwords. I'm unsure of the hacking time for AES-256 right now, but presumably in the future, with a good dictionary, you could go through quite a lot of correct hashes quickly.
Second. Assuming your servers got hacked, a copy of everything was made, and then the servers deleted entirely. Could attackers not theoretically hold people's passwords for ransom, even without knowing them? I mean, of course people would still have their local copies, but let's say someone's Mac died entirely and they went out and bought a new one, the attacker that gained access to the server's data would be the only one able to send them back their AES encrypted "keychain". Though I suppose at that point it's up to the user to keep local copies.

Anyway, I know I picked out rather fringe scenarios and that this isn't exactly a pressing security issue, but I'd like to know if my assumptions are correct



PS. Good customer service right there

 

[leman]

Not an interested party here (actually, I don't even use 1Password), but as far as I know, the design used by AgileBits is openly documented. So most, if not all questions asked by @casperes1996 can be answered by reading the paper

 

[BeefCake 15]

So grab 1Password and Little Snitch.

Ask Snitch to block outbound network (including updates if you are highly paranoid) for 1password.

Just realized little snitch is not a password manager...name makes sense for network security

 

[AGKyle]

Well, I know this isn't targeted at me, but I'd like to ask a question regarding security anyway.
Keep in mind I've yet not used 1Password, so I may be wrong about a few assumptions.

Now I assume there's a global password for the app that encrypts all the passwords locally with AES-256. I also assume that when the passwords are sent to your servers for syncing with other devices, that private-public key cryptography is used and that the encrypted "keychain" is locked with your server's public key before being sent to the server, after which it is unlocked and locked with the syncing device's public key before being transported off to that device. First off, what private-public key generating algorithm is used if this assumption is correct? If somehow the private keys could get found out, a weakness in the global password could render the entire "keychain" accessible. Or indeed if your servers were hacked, only the user-defined password that encrypts the passwords with AES would be a barrier for an attacker to get the passwords. I'm unsure of the hacking time for AES-256 right now, but presumably in the future, with a good dictionary, you could go through quite a lot of correct hashes quickly.
Second. Assuming your servers got hacked, a copy of everything was made, and then the servers deleted entirely. Could attackers not theoretically hold people's passwords for ransom, even without knowing them? I mean, of course people would still have their local copies, but let's say someone's Mac died entirely and they went out and bought a new one, the attacker that gained access to the server's data would be the only one able to send them back their AES encrypted "keychain". Though I suppose at that point it's up to the user to keep local copies.

Anyway, I know I picked out rather fringe scenarios and that this isn't exactly a pressing security issue, but I'd like to know if my assumptions are correct



PS. Good customer service right there

Great questions, and happy to answer them!

1Password works very differently than I suspect many people think so those of us at AgileBits have our work cut out for us to explain this.

Before I give a brief overview, I want to point out that a bulk of this is available in our security white paper if you want to read the gritty details. I'm going to try to simplify things here as best I can, if you want a more definitive answer please review the white paper as it goes to great lengths to explain these details.

We have two secrets that are known only to the user. First is what you expect to see if you've used 1Password in the past, it's the Master Password. The second is a bit more interesting and is called a Secret Key. When you create your account your device creates a 128-bit key locally. This key is not sent to our server, neither is the Master Password. Both are only known to you.

Each vault in 1Password is encrypted with a Vault Key. Each item in the vault is encrypted by this Vault Key. If you have access to a vault the vault key is encrypted by your public key. Thus the vault key can be decrypted with your private key. Your private key is yours and yours alone, and your private key is encrypted by a Key Encryption Key, derived from both your Master Password and your Secret Key.

Our servers have none of these keys All encryption and decryption is done locally on devices. Our servers have no secrets that can be used to launch an attack on your data. So assuming someone gains access to our servers, they'd effectively gain access to random gibberish that requires your Master Password and Secret Key to decrypt. Which we never receive.

Effectively if an attacker gained access to our servers they'd have to guess both your Master Password and the 128-bit Secret Key because nothing is stored on the server that can be used to launch an attack that can allow them to expedite the attack using other data.

We designed 1Password to withstand attacks knowing full well that our servers would be a target. The Secret Key protects you from this scenario. A user with a terrible Master Password of "password" without the Secret Key would be easily guessable. But when combined with the Secret Key, it's incredibly strong and effectively thwarts a brute force attack by making it very very difficult to do. Likewise, someone with a strong Master Password is only strengthened further by the Secret Key.

Your data is backed up independently of our servers, so even if an attacker managed to delete your data from our servers we'd still have a copy and could restore from that. We have a copy available in another region as well, so we can failover to it if necessary.

I hope that helps alleviate your concerns. Again though, I strongly encourage you to read the white paper, I suspect you'll find it incredibly insightful.

 

[AGKyle]

Not an interested party here (actually, I don't even use 1Password), but as far as I know, the design used by AgileBits is openly documented. So most, if not all questions asked by @casperes1996 can be answered by reading the paper

You're correct, it's the security white paper that goes into detail on how all of this fun stuff works. Our chief of security spent a great deal of time writing this up because we believe being open and honest with our users is how we earn trust. We use standard encryption techniques that have been proven and time tested and the white paper shows exactly how it's done.

In an ideal world, one day we'd make the encryption frameworks we use open source or available for review. We do make some of this available, notably in the form of API documentation (and if someone is on the right track we'll provide more details as necessary) for qualified security researchers as part of our bug bounty program through Bugcrowd.

Thanks for chiming in with this detail. It's awesome to know that our users are starting to become aware of the documentation we make available.

 

[Rigby]

Or indeed if your servers were hacked, only the user-defined password that encrypts the passwords with AES would be a barrier for an attacker to get the passwords. I'm unsure of the hacking time for AES-256 right now, but presumably in the future, with a good dictionary, you could go through quite a lot of correct hashes quickly.

Just as a general note (without referring specifically to 1Password): The vulnerability to dictionary attacks on passwords does not primarily depend on the "crackability" of the encryption algorithm (such as AES in your example), but on the key-derivation algorithm that is used to generate the actual encryption key from the user password. State-of-the-art encryption implementations use a key-derivation function that is deliberately designed to be slow to compute, which drastically increases the time required to try a large number of passwords. On the other hand, when the legitimate user is using the password to derive the key, the key has to be derived only once and a small delay is not a problem.

So for encryption products that use passwords, always check what key-derivation algorithm is used in addition to the encryption algorithm. A proven algorithm is PBKDF2 with a high number of rounds. If a product uses a "home brewed" function, or the developer does not disclose what algorithm is used, it's usually better to stay away.

 

[AGKyle]

So for encryption products that use passwords, always check what key-derivation algorithm is used in addition to the encryption algorithm. A proven algorithm is PBKDF2 with a high number of rounds. If a product uses a "home brewed" function, or the developer does not disclose what algorithm is used, it's usually better to stay away.

From our security white paper,

Your Master Password and the salt are passed to PBKDF2-HMAC-SHA256 with 100,000 iterations

Also, under "Slow Hashing," if you're curious about the rationale why this was chosen:

The choice of PBKDF2-HMAC-SHA256 as our slow hash is largely a function of there being (reasonably) efficient client implementations available for all of our clients. While we could have used a more modern password hashing scheme, any advantage of doing so would have been lost by how slowly it would run within JavaScript in most web browsers.
Because all of our key derivation is performed by the client (so that the server never needs to see the password) we are constrained in our choices by our least efficient client. The Makwa password hashing scheme, however, is a possible road forward because it allows some of the computation to be passed to a server without revealing any secrets to that server.

Note: some of those quotes were cleaned up to remove hyphenation and footer notes

 

[leman]

Thanks for chiming in with this detail. It's awesome to know that our users are starting to become aware of the documentation we make available.

Well, I never managed to learn cryptography myself (I just lack the mental capacity to go too deep into it in additional to my day job), so I totally admire what you guys are doing. Actually, seeing how open you are with all this, I am starting to seriously consider buying 1Password myself

 

[AGKyle]

Well, I never managed to learn cryptography myself (I just lack the mental capacity to go too deep into it in additional to my day job), so I totally admire what you guys are doing. Actually, seeing how open you are with all this, I am starting to seriously consider buying 1Password myself

Comes with a 30 day trial. You can always try it. At the very least even if you don't decide to keep it, we're always happy to listen to feedback as to why.

We know full well we aren't the solution for everyone, we can't pretend to be either. But feedback helps us try to determine where we need to improve and we can gauge that against other feedback.

I realize this helps us more than you of course, so I wouldn't expect anyone to do it, but it's always a welcome thing if someone decides to.

 

[casperes1996]

Great questions, and happy to answer them!

1Password works very differently than I suspect many people think so those of us at AgileBits have our work cut out for us to explain this.

Before I give a brief overview, I want to point out that a bulk of this is available in our security white paper if you want to read the gritty details. I'm going to try to simplify things here as best I can, if you want a more definitive answer please review the white paper as it goes to great lengths to explain these details.

We have two secrets that are known only to the user. First is what you expect to see if you've used 1Password in the past, it's the Master Password. The second is a bit more interesting and is called a Secret Key. When you create your account your device creates a 128-bit key locally. This key is not sent to our server, neither is the Master Password. Both are only known to you.

Each vault in 1Password is encrypted with a Vault Key. Each item in the vault is encrypted by this Vault Key. If you have access to a vault the vault key is encrypted by your public key. Thus the vault key can be decrypted with your private key. Your private key is yours and yours alone, and your private key is encrypted by a Key Encryption Key, derived from both your Master Password and your Secret Key.

Our servers have none of these keys All encryption and decryption is done locally on devices. Our servers have no secrets that can be used to launch an attack on your data. So assuming someone gains access to our servers, they'd effectively gain access to random gibberish that requires your Master Password and Secret Key to decrypt. Which we never receive.

Effectively if an attacker gained access to our servers they'd have to guess both your Master Password and the 128-bit Secret Key because nothing is stored on the server that can be used to launch an attack that can allow them to expedite the attack using other data.

We designed 1Password to withstand attacks knowing full well that our servers would be a target. The Secret Key protects you from this scenario. A user with a terrible Master Password of "password" without the Secret Key would be easily guessable. But when combined with the Secret Key, it's incredibly strong and effectively thwarts a brute force attack by making it very very difficult to do. Likewise, someone with a strong Master Password is only strengthened further by the Secret Key.

Your data is backed up independently of our servers, so even if an attacker managed to delete your data from our servers we'd still have a copy and could restore from that. We have a copy available in another region as well, so we can failover to it if necessary.

I hope that helps alleviate your concerns. Again though, I strongly encourage you to read the white paper, I suspect you'll find it incredibly insightful.

Thanks for your answer. From what you wrote however, it doesn't sound that dissimilar to what I wrote in my original post, albeit the backup thing I hadn't thought through well enough. I will most certainly give the white paper a look. Thanks.

Just as a general note (without referring specifically to 1Password): The vulnerability to dictionary attacks on passwords does not primarily depend on the "crackability" of the encryption algorithm (such as AES in your example), but on the key-derivation algorithm that is used to generate the actual encryption key from the user password. State-of-the-art encryption implementations use a key-derivation function that is deliberately designed to be slow to compute, which drastically increases the time required to try a large number of passwords. On the other hand, when the legitimate user is using the password to derive the key, the key has to be derived only once and a small delay is not a problem.

So for encryption products that use passwords, always check what key-derivation algorithm is used in addition to the encryption algorithm. A proven algorithm is PBKDF2 with a high number of rounds. If a product uses a "home brewed" function, or the developer does not disclose what algorithm is used, it's usually better to stay away.

Right. This was essentially was I meant as well, albeit phrased badly. P vs. NP. Interesting stuff.
[doublepost=1495575760][/doublepost]

We have two secrets that are known only to the user. First is what you expect to see if you've used 1Password in the past, it's the Master Password. The second is a bit more interesting and is called a Secret Key. When you create your account your device creates a 128-bit key locally. This key is not sent to our server, neither is the Master Password. Both are only known to you.

Actually, one more thing. And remember, I haven't tried 1Password yet, so this may be obvious stuff. If an extra 128 bit key is generated, how would someone go about unlocking their vault on another device if the original device is lost or broken? Do you need to keep a copy of both your master password and the generated key? – Sorry if this is obvious from the white paper, haven't looked yet.

 

[AGKyle]

Actually, one more thing. And remember, I haven't tried 1Password yet, so this may be obvious stuff. If an extra 128 bit key is generated, how would someone go about unlocking their vault on another device if the original device is lost or broken? Do you need to keep a copy of both your master password and the generated key? – Sorry if this is obvious from the white paper, haven't looked yet.

When you sign up you're asked to print an Emergency Kit, which has everything necessary to sign in on another device, including a QR code that can be scanned to facilitate entry. It basically has your email, Secret Key and the URL for sign in on it. The PDF/Printed copy has a space for Master Password entry if the user wants to do that, assuming they'll store it in a safe place.

I keep mine separate. A copy of my Master Password stays at my parents house in a safe, inside a tamper proof envelope. The Emergency Kit without the Master Password is at my house. I'm less likely to forget the Master Password so keeping that offsite is best.

I also keep a copy of the Emergency Kit in a safe deposit box along with some very basic instructions on how to access my account. In the event of my inability to handle my own estate my parents know to check there for instructions. Which points to a Secure Note (an item type in 1Password) with details about bank accounts, bills, things that need to be cancelled and paid for, etc.

A little detour there, but yea, you need to have the Secret Key. Here's an example one I have from a developer account that has since been deleted.

A3-R3G5DP-EZLKA8-M3Z6W-3NBE2-XQ2TY-PTB4K

You could also store it in another device like a Yubikey. I've contemplated putting it as a static key on a Yubikey as a backup as well.

Also any device that is signed in is able to display a QR code that can be scanned, or just display each field (less the Master Password). So each device signed in acts as an Emergency Kit.

For Family and Team accounts other members can be designated as part of the Recovery group which allows account recovery for those who forget/lose this data. I have a family account and can recovery my other family members accounts as a result. Which has proven useful for my parents AgileBits can't recover your account, if you lose access and have no recovery members who can perform that for you, the account is lost.

 

[Partron22]

the odds of them releasing something along the lines of a standalone password management application (including touchbar functionality) are zero to none. I think their current iCloud Keychain implementation is as far as they'll go.

Apple's history with standalone Apps, other than System/Finder since 84' does not infuse me we confidence. The landscape is littered with no longer supported corpses.

 

[casperes1996]

When you sign up you're asked to print an Emergency Kit, which has everything necessary to sign in on another device, including a QR code that can be scanned to facilitate entry. It basically has your email, Secret Key and the URL for sign in on it. The PDF/Printed copy has a space for Master Password entry if the user wants to do that, assuming they'll store it in a safe place.

I keep mine separate. A copy of my Master Password stays at my parents house in a safe, inside a tamper proof envelope. The Emergency Kit without the Master Password is at my house. I'm less likely to forget the Master Password so keeping that offsite is best.

I also keep a copy of the Emergency Kit in a safe deposit box along with some very basic instructions on how to access my account. In the event of my inability to handle my own estate my parents know to check there for instructions. Which points to a Secure Note (an item type in 1Password) with details about bank accounts, bills, things that need to be cancelled and paid for, etc.

A little detour there, but yea, you need to have the Secret Key. Here's an example one I have from a developer account that has since been deleted.

A3-R3G5DP-EZLKA8-M3Z6W-3NBE2-XQ2TY-PTB4K

You could also store it in another device like a Yubikey. I've contemplated putting it as a static key on a Yubikey as a backup as well.

Also any device that is signed in is able to display a QR code that can be scanned, or just display each field (less the Master Password). So each device signed in acts as an Emergency Kit.

For Family and Team accounts other members can be designated as part of the Recovery group which allows account recovery for those who forget/lose this data. I have a family account and can recovery my other family members accounts as a result. Which has proven useful for my parents AgileBits can't recover your account, if you lose access and have no recovery members who can perform that for you, the account is lost.

Seems you've thought that one through, hehe. Well done, man. I appreciate you taking the time to answer my questions, but more importantly, I appreciate that you guys at AgileBits have taken the time to actually be thorough with this stuff.

 

[AGKyle]

Seems you've thought that one through, hehe. Well done, man. I appreciate you taking the time to answer my questions, but more importantly, I appreciate that you guys at AgileBits have taken the time to actually be thorough with this stuff.

Thank you for asking questions! We wouldn't be where we are without our users. But importantly 1Password wouldn't be as secure as it is without users and non-users asking questions and making us think in new ways and pointing out ways we can improve.

If we can ever help answer any questions for you in the future just reach out. You're welcome to ask for me specifically as well.