Keeping your data at your finger-tips (Part I)

Keeping your data at your finger-tips (Part I)

Jeffrey Goldberg by Jeffrey Goldberg on

Quick Summary: If you aren’t already making backups of your data, start today! When people think about data security they mostly think about keeping their data secret, but along with data confidentiality there are two other very important kinds of data security. One is data integrity which means that no one can accidentally or maliciously modify your data. Today I want to talk about data availability. When security specialists talk about “CIA” they are talking about Confidentiality, Integrity, and Availability.

“Availability” means that you have access to your data when you need it. For the data that we are talking about the threats to availability are rarely malicious. To throw out even more jargon, a malicious attack on availability would be a “Denial of Service” attack, but I’d like to focus on the more realistic threats to availability, some of which we see during the course of our customer support. Before you bail on reading this post, take a moment to imagine what would happen if you suddenly lost access to your 1Password or Knox data.

Keeping your data at your finger-tips

One threat to availability, about which we can do very little, is when people forget their master password. As we describe in our user guide, there is no back door, nor are there any secrets that we hold which would make password recovery easier. This is one of those trade-offs in security: In the interest of maintaining better confidentiality of your data, there is no mechanism to decrypt your data without the master password. Again, that isn’t today’s topic either. I will also be focusing on 1Password and not Knox.

When the data disappear

I want to focus on one of the most heart breaking losses of availability that we see coming into customer support. They are rare, but still heart breaking. These are either due to disk/device failures or accidental removal of 1Password data. The solution is, of course, to maintain good backups before the data loss occurs. Below I will discuss backup strategies for the platforms we support for your 1Password data.

Just as the old adage about motorcycle riders and accidents, there are two kinds of computer users. Those who have experienced a catastrophic disk failure and those who will. Disks and disk controllers do fail. Computers get stolen, and accidental removal of data do happen. (Application cleaners, such as CleanMyMac or AppZapper, are the most common culprit for unintended removal of 1Password data.) Good backups are the only way to prepare to such events.

The backups we make for you

1Password for Mac and 1Password for Windows automatically make backups for you, the details of which can be configured in Preferences > Backup. There is no automatic backup for 1Password on iPhone, iPad, or iPod touch, nor 1Password for Android and 1Password for Windows 7 Phone.

On the Mac these backups are made daily (if there have been changes since the last backup); on the PC these backups happen when you launch the application (if it’s been more than one day since the last backup and there are changes to make). These backups help if there is some sort of data corruption, but these backups don’t help in the case of total loss of the disk or 1Password data on that disk.

1PWin Pref Backup 1

Backups Strategies

Mac users: Ever since Apple brought Time Machine to OS X in Leopard (OS X 10.5) in late 2007 there has been no reason for any Mac users not to back up their data. Time Machine is the backup system for the rest of us. If you are using a Mac and you are not already making regular backups (with Time Machine or some other tool) stop reading this now and start looking at Time Machine. You will need a disk (USB or Firewire). Then just set it up. There are plenty of other options for making backups, but if you aren’t making backups now, then start with Time Machine. Don’t worry about getting fancy with other options.

iPhone Backup screen

Windows users: Vista and Windows 7 come with Windows Backup. This is just a matter attaching a (typically external) disk and then setting up Windows Backup from the Control Panel. There are other, more sophisticated, back-up systems available, but it is important to start making backups today. So don’t let dithering about which back-up system is right for you delay you if you haven’t been making backups at all.

iOS users: You have to make backups of your 1Password from iOS yourself. This is done using our backup mechanism in 1Password on the iPhone and iPad and iPod Touch. Just go to Settings > Database > Backup & Restore in 1Password on your device. It is particularly important to make a backups before upgrading 1Password on your device or upgrading the iOS system on your device. Note that when iTunes makes a “backup” of your device while syncing, it is not making a backup that can be relied upon to restore your 1Password data should something happen to it.

Android and Windows 7 Phone users: If you are using 1Password on one of these systems, you are almost certainly syncing your 1Password data with to one of the systems mentioned above. Just make sure that you have good backups for at least on of those other systems.

And finally a note to Dropbox users: If you are syncing your data with Dropbox this can provide another place where your data are stored and potentially recoverable from. But because your 1Password data is actually spread across hundreds of different files, it can be tricky to restore things to a consistent state. So while having your data on Dropbox serves as an easy and effective backup for some sorts of situations, it should not be your only backup mechanism.

Coming soon!

In part II of this series about data availability I will talk about how your data is yours. We will never and cannot cut you off from your data. Further down the road I will talk about maintaining and verifying backups with Knox for Mac.

Principal Security Architect

Jeffrey Goldberg - Principal Security Architect Jeffrey Goldberg - Principal Security Architect

Tweet about this post