When a Leak Isn’t a Leak

Over the weekend Dale Myers wrote a blog post that examined our .agilekeychain format. The post featured a good discussion and analysis of our older data format, but it raised some questions among 1Password users and the wider technology community.

Dale states that he plans to continue using 1Password and has no concerns over the safety of his passwords themselves, but his main concern was how the AgileKeychain handles item URLs. While we widely documented this design decision and shared it publicly, Dale was surprised to find out that we didn’t encrypt URLs within the keychain. We want to reassure users that rely on AgileKeychain that their password data is safe and secure, and take the time to walk through our data formats to explain the issue completely.

AgileKeychain & OPVault Data Formats

Back in 2008, we introduced the AgileKeychain as a way to help our users better synchronize data across platforms and devices. At this time, 1Password had significantly less processing power to draw from for tasks like decryption, and doing something as simple as a login search would cause massive performance issues and battery drain for our users. Given the constraints that we faced at the time, we decided not to encrypt item URLs and Titles (which resembled the same sorts of information that could be found in browser bookmarks).

In December 2012, we introduced a new format that encrypted much more of the metadata. OPVault, our newer and stronger data format, provided authenticated encryption as well as many other improvements for 1Password users.

This format worked well in situations where we didn’t need to worry about backwards compatibility, including iCloud and local storage on iOS and Mac. For Windows, Android, and Dropbox syncing, however, we needed to decide if we should migrate to the new format or provide compatibility with older versions of 1Password.

We decided to take a conservative approach and not automatically migrate everyone over to OPVault because many users depend upon older versions of 1Password and they wouldn’t be able to log into their accounts. We knew we could trust the security of the AgileKeychain to protect confidential user data so we didn’t want to rush into something that would disrupt people’s workflows.

Switching to OPVault

Despite the security of AgileKeychain remaining intact, Dale reminded us that its time to move on. The OPVault format is really great in so many ways and we should start sharing it with as many users as possible.

We’ve already started making changes to use OPVault as the default format. In fact, the latest beta of 1Password for Windows does this already. Similar changes are coming to Mac and iOS soon, and we’re planning on using the new format in Android in the future. Once all of these things are complete, we will add an automatic migration for all 1Password users. For users who would like to switch to OPVault sooner than this, here’s how you can get started immediately:

To avoid losing access to your data, be sure to back up your 1Password data beforehand, and only follow these instructions if you are NOT using any legacy versions of 1Password. If you have any questions or concerns, or would like to migrate but aren’t sure if your version of 1Password is affected, our knowledgebase, forums and support team are here to help.

107 replies
Newer Comments »
  1. Stuart
    Stuart says:

    For 1Password for Mac 5 can’t we just use the Help > Tools > Enable OPvault for Dropbox and Folder sync option rather than using the terminal commands mentioned in the KB article? Or is that option only available in the beta releases? Seems easier than the terminal commands for most users?

    Also what happened to the previous blog post about the XARA vulnerability? I favourited it my RSS reader and now it has disappeared.

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Stuart,

      You’re absolutely right about the Enable OPVault for Dropbox and Folder sync menu item, it would be much easier for users to use than the Terminal commands. As you speculated, however, that menu item is only available in beta releases. Given that we’re changing the default, we might remove the menu item completely, but I haven’t reviewed the proposed code changes that deeply yet so I can’t say for certain.

      Regarding the previous blog post about XARA, that is a really interesting post by Rick so I can see why you favourited it :) We had prepared the post in advance and had planned to post it when the official Safari browser extension was published. Rick and I got our wires crossed and we ended up publishing it when the new Mac version was released. I pulled the post temporarily and will republish it once the new Safari release is ready.

      Take care,
      Dave.

  2. Anonymous
    Anonymous says:

    Three points:

    It might be a good idea to include the link to the original post by Dale Myers (http://myers.io/2015/10/22/1password-leaks-your-data/) to pay the due respect and help the curious readers.
    If memory serves, metadata leakage of agilekeychain has been a concern for years, and certainly has been discussed on this blog or in the forum before, no? (I didn’t bother to look for it.) Nothing new here.
    Speaking of the second concern in Dale’s post: Unless I’m mistaken, the browser extension has been doing a good job stripping out query strings and some irrelevant path segments for a long time.

    Reply
    • Dave Teare
      Dave Teare says:

      Hello Anonymous!

      You’re right, there’s nothing new here. One interesting part of the article is it points out how some people store their keychain in publicly accessible locations, which is not recommended for any data, encrypted or not.

      As for the browser extension and query strings, we save the full URL of the Login (including the parameters/query string) as often times parts of the query string are needed to load to the correct Login page. This is important for the Go & Fill feature.

      Despite this being nothing new, I appreciate Dale’s passion and believe it’s time to move on. It will take time to complete the transition as there’s a lot of moving parts, especially on Android, but we’ll get there.

      Cheers!
      Dave.

    • Anonymous
      Anonymous says:

      we save the full URL of the Login (including the parameters/query string)

      I’m wrong then, sorry. In my defense, I’ve abandoned the auto-save dialog for quite a while in favor of manually converting a password to login (in order to avoid irrelevant webform entries), so the behavior I mentioned might be due to wrong memory, false impression, or outdated info.

    • PhilBoogie
      PhilBoogie says:

      Ha! That’s one way of circumventing a feature advertised by AgileBits as great, whilst it’s actually not working, hence people like you disabling auto-save. Can’t believe this still isn’t working properly.

    • Dave Teare
      Dave Teare says:

      Hi Phil,

      It would be great to understand better exactly what isn’t working well for you. Is the AutoSave window appearing too often, or are there sites that you expect it to appear on and it isn’t?

      ++dave;

    • Anonymous
      Anonymous says:

      Follow-up on full URL: I just gave a try, and turns out that the “website” field of a password entry comes with path, query, and fragment stripped, but an auto-saved login entry contains the full URL.

  3. Arun
    Arun says:

    I appreciate that you guys made your data formats public – one of the reasons I like 1Password. This helped me make the decision to move to OPVault months back when I fully migrated from LastPass. That said, it took me a bit of digging (and interest) to understand the differences; I can understand that many users may not have the time or inclination to do so and hence would be surprised to learn that metadata is not encrypted in the Agile Keychain format.

    These things have a way of being blown out of all proportion; I think you guys have a great product. I think it is in most people’s interest to move to the OP Vault format being the default.

    Reply
    • Megan O'Brien
      Megan O'Brien says:

      Hi Arun,

      Thanks so much for sharing your thoughts here. As the company that you trust to store your most sensitive data, we think it’s pretty important to be open about the decisions we’ve made when building 1Password, and it’s great to see that you agree.

      One of the projects we’ve taken on recently is a new knowledgebase. There are still a few more articles that we want to write for it, but we are doing what we can to ensure that all of the important security information is available there. I’ll mention to our documentation team that we could do a bit more in the knowledgebase to discuss the differences between .opvault and .agilekeychain.

      We really appreciate your kind words – have an awesome day!

      /Megan

  4. Aaron Toponce
    Aaron Toponce says:

    So, basically, you just confirmed what Dale put in his post- The AgileKeychain data format leaks metadata about the accounts you have. So, exactly how is this not a leak? Especially seeing as though it affects so many platforms and operating systems?

    Reply
    • Bob
      Bob says:

      You, not 1Password or Agilebits, leak your data when you post your keychain on a publicly accessible site. What small percentage of their users even know about 1Password Anywhere and then what even smaller percentage post their keychain on a public site? They also offered an alternative and described the difference 3 years ago. There is no real “leak” in this story.

    • Warren Young
      Warren Young says:

      That’s pure spin. The whole point of using a heavily encrypted password vault is that you should be able to give the encrypted vault to anyone — even a major world government — and have no worry that the one you give it to can do anything useful with it.

      As for the argument that “only” the metadata is stored in plaintext, if you doubt that some people think that’s plenty of a breach already, you haven’t been paying attention to US privacy politics, which should be 1Password’s bailiwick. There are those that argue that who you call on the phone, when you call them, and how long the call lasts — i.e. cell phone metadata — does not reveal the content of the conversation, so it must not fall under the 4th amendment protections. The hue and cry against that legal snow job should have told Agile Bits what its customers are likely to think about a similar metadata leak.

      And yes, I do remember hearing all this OPVault talk years ago when you introduced it, and I was happy to see the work being done. What I did not realize until today is that those of us not using pure iOS mobile did not get the benefit of this. I was under the impression that this leak was closed for everyone years ago.

      You. Dropped. The. Ball.

    • Megan O'Brien
      Megan O'Brien says:

      Hi Aaron,

      Thanks for giving us the opportunity to continue this important conversation!

      Dale makes some good observations in his post, but this isn’t a leak. A leak involves data made available to the public by accident, an attack that has breached security, or an unintended gap in security measures. In this case, there is no breach. There is no leak.

      The Agile Keychain is an open, documented format, in which a choice was made to leave titles and URLs unencrypted to make search usable and provide a better experience. Titles and URLs are the same two sets of data that are plainly visible in a browser’s bookmarks. When we designed the Agile Keychain format eight years ago, we felt that it was a safe compromise. Now that devices have so much more processing power, we no longer need to make this compromise.

      It’s great to hear that you are thinking seriously about the security of your data. If you have any further questions, feel free to email in to support+security@agilebits.com and we’ll put you in touch with our security team.

    • Megan O'Brien
      Megan O'Brien says:

      Hi Dave,

      I’ve got good news for you! We can get you switched to .opvaultault format already, and you can continue to use Dropbox almost everywhere.

      For 1Password for Android we recently introduced Wi-Fi sync that uses an internal version of the OPVault format. If you wish to avoid using the AgileKeychain data format, you can switch over to Wi-Fi sync on your Android device and switch to OPVault format on other platforms.

      I hope that helps! Please let us know if you have any other questions. :)

    • wubdidu
      wubdidu says:

      Hi Megan,

      as far as I know, the Wi-Fi sync is not automatic – this means that if I add some passwords in my vault on my Mac and forget to sync it, I’m out of luck if I need them outside.

      Previously I used SyncThing to automatically sync the database to all my devices, which is now not possible anymore on Android.

      The blog post mentions OPVault support on Android “in the future” – what does this mean? Is anyone even working on this? For me this means “Maybe 2017 or something, bye.” If the Wi-Fi sync is actually using a variation of OPVault, then it shouldn’t be that big of a problem to implement OPVault fully, right?

      I just recently switched from LastPass to 1Password, a switch that I wanted to do for a long time (never change a running system and stuff…) – but the seemingly lack of Android support kinda makes me regret the quite expensive purchase of the Mac/Windows bundle…

    • Megan O'Brien
      Megan O'Brien says:

      Hi wubdidu,

      I wish I could give you more details on when .opvault support would be available for Android, but we don’t discuss unreleased features, simply because we’d hate to promise something that later became impossible due to factors beyond our control. I can tell you that our developers are aware that this is an important feature for our Android users, and we’re doing what we can to get this implemented.

      In the meantime, I do want to assure you that many of us on the AgileBits team still trust the .agilekeychain format to sync our data. We would not have this data format available for users if we thought that it was insecure.

      If you have any further questions or concerns, please drop us a line at support+social@agilebits.com, we’d love to continue the conversation!

    • Megan O'Brien
      Megan O'Brien says:

      Hi Geoff,

      .opvault support is on the roadmap for 1Password for Android, but I can’t say just when we’ll have it implemented. I’ll be sure to let our developers know that you are eager to switch just as soon as possible.

  5. Willem
    Willem says:

    As I am always interested in security subjects this one is a little hybrid. However the design of the .agilekeychain format is documented and there are well documented processes to convert to OPVault format manually, Dale Myers has made a lot of noise about this finding.

    Dale Myers shows us some assumed risks about unencrypted parts of the .agilekeychain. The fact is you can choose for the new OPVault design, which is designed with a higher security level. The issue of the plain text format of the password hint can be bypassed by entering a dot in this field if you don’t want to use it.

    Dale also mentioned he will continue the usage of 1Password and he isn’t worried at all that his passwords should not be safe anymore.

    Maybe Dale Myers will encourage the development team of 1Password to hurry for releasing a conversion tool and an upgrade for the 1PasswordAnywhere tool.

    Unfortunately this article created a lot of noise and that is not what 1Password deserves. It is a well designed multiplatform concept that helps you to improve to keep your secrets stored in a secure way.

    Of course it is a better choice to increase security behavior by using the most advanced data format.

    Reply
    • Megan O'Brien
      Megan O'Brien says:

      Hi Willem,

      Thanks so much for sharing your thoughts here. You’re right, Dale does mention at the end of the article that he still trusts 1Password with his data, and that’s a pretty important point.

      We really appreciate your kind thoughts here – keep being awesome!

      /Megan

  6. Chris M.
    Chris M. says:

    So did I understand correctly that the new format will NOT support 1PasswordAnywhere? I’ll admit that I have NEVER had occasion to really use this feature, but I’ve definitely come up with a use case where having it would be essential. If I’m on travel and my stuff gets stolen, including my phone, and I need to get access to my Password vault, so long as I’ve memorized my cloud account password, and it allows a method to bypass 2-Factor authentication (which does sound scary in itself, but is needed in this use case), then I can still have access to my important info. If OPVault removes that capability, I’ll have to think of some other emergency options (“backup” vault on a USB stick or something?) Thoughts?

    Reply
    • Megan O'Brien
      Megan O'Brien says:

      Hi Chris,

      At this time, 1PasswordAnywhere is exclusive to the .agilekeychain and Dropbox sync. It was designed in the days of 1Password 3, before fancy features like .opvault (and iCloud sync) were available. We know that a lot of users really appreciate the ability to access their data on computers without 1Password installed, and we are looking into options for something like this moving forward.

      I’ll be sure to let our team know that you’re interested in seeing a feature like this in .opvault!

      If you have any other questions about 1Password, we’re happy to help. :)

      /Megan
      support.1password.com

    • WillemBeekhuis
      WillemBeekhuis says:

      Hi Chris,

      If it ever happen that your devices gets stolen the best option is first buy new devices. An USB stick can help but you can also lose it or it may be stolen. Besides you should realize that an USB stick is also not very safe unless it is encrypted.

      1PasswordAnywhere is still a nice fallback scenario. If you can wait for an upgrade that would be the best advice.
      Even staff members of Agilebits still use the .agilebitskeychain with Dropbox in a multiplatform environment.

      You should also read this comment:
      http://timedoctor.org/2015/10/misleading-headlines-popularity-rises-200/

      My conclusion is that you should not make a decision to manual conversion too hastily, calculate the risk of your own situation:
      1. How many people can access your devices
      2. Who are permitted to acces your Dropbox storage

  7. Greg Ramsaran
    Greg Ramsaran says:

    I absolutely LOVE that Agilebits is so open with their blogs and open to this discussion. I use all 4 platforms and don’t mind waiting, but would like an ETA if there is one.

    Reply
    • Dave Teare
      Dave Teare says:

      Thank you, Greg! W love talking about this stuff as well, so we’ll keep on writing if you promise to keep reading :)

      As for timing, I don’t have an ETA to share. Historically I’ve been pretty bad at picking release dates as invariably unexpected things popup that throw the schedule off. It will first appear in the betas, so if you enjoy living on the cutting edge, you can enable betas within the update preferences.

      Cheers!

      ++dave;

  8. markus
    markus says:

    Hi,

    You should have updated a little more in time, but you did not.
    I’ve readed all your docs when you’ve got new fileformat available and understood why the new one was an improvement.
    I was aware about this issue and I should have asked you to migrate, but I did not. As all other guys did not.
    So now we all got reminded, you fix it. Anyway lessons learned should be next time to review decision in reproducable manner. Thanks a lot for your great Product.

    Markus

    Reply
    • Dave Teare
      Dave Teare says:

      Thank you for your thoughts on this matter, Markus.

      You’re absolutely right, we could have implemented this change sooner. I hope our post explained why we chose the path we took. To reiterate, the AgileKeychain is safe (I’m using it myself with my data synced to Dropbox – I would never expect my customers to use something I myself wouldn’t) so I felt it prudent to continue to support older clients.

      In any event, thank you for the kind words about 1Password!

      Take care,

      ++dave;

    • Willem
      Willem says:

      Thats almost correct. If other people can access your PC then they could examin the passwordvault. If not then your are safe using the .agilekeychain format.

    • Dave Teare
      Dave Teare says:

      Hi Bob,

      Willem is correct (thanks Willem!), if you are using Mac OS X and not syncing to Dropbox, then you are already using the new data format.

      If you are using 1Password for Windows, you will default to using the AgileKeychain format. This format is secure (I use it myself) but it leaves the URLs and Titles of your items in plain text (unencrypted) for performance reasons.

      I hope this helps. Please let us know,

      ++dave;

    • other bob
      other bob says:

      Hi Dave – I do use folder sync and it appears that the vault is the older format. Does folder sync require the older format?

    • Rich
      Rich says:

      Wow I just have to ask is this your personal opinion or what agilebits official (vetted by I hope a chief security officer) has to say about this vulnerability.

    • Dave Teare
      Dave Teare says:

      Hi Rich,

      Our Chief Defender Against the Dark Arts is awesome but he’s just one man and doesn’t have the time to review and read everything :)

      So no, I didn’t ask him to proof read my replies, but I did ask one of the Founders to take a peek ;)

      ++dave;
      (AgileBits Founder)

  9. PaulR
    PaulR says:

    Personally – I think this blog is an excuse. It tells us that they were doing reasonable things at the time. But those things have not been reasonable for a long time and they know it – because they fixed it (via OPVault). Apparently its all ok (“Leak isn’t a Leak”) because we were “told” (buried in a doc somewhere). Personally I hadn’t read about this and I read a ton of security docs on this site before purchasing.

    There are 2 reasons why this is bad:
    First – its a (slight) weakening of security.
    Any leak of information about the combination of: site, userid, password weakens our position. Many sites force us to use our email address as the user id. It turns out that 1Pass has been leaking the list of sites. So that means instead of being protected, to a degree, by all three – we are only protected by the password. It is not a break, its just reduced our safety margin. Plus… its private and should stay that way.

    Of more concern is that 1Pass have known about this for a long time. This could have and should have been permanently fixed for everyone a long time ago. But AgileBits did not do that. We buy this product because we want AgileBits to be paranoid about our security. We want them to immediately and fully fix any issues as soon as they become aware of it. We want them to make it automatic for us. With this security leak, they did not do that. This is an abuse of our trust.

    Reply
    • Dave Teare
      Dave Teare says:

      Hello Paul,

      You’re absolutely right, we could have implemented this change sooner. As I explained to Markus above, I hope our post explained why we chose the path we took. To reiterate, the AgileKeychain is safe (I’m using it myself with my data synced to Dropbox – I would never expect my customers to use something I myself wouldn’t) so I felt it prudent to continue to support older clients.

      In any event, we are taking the necessary steps to change the default for new installs and are investigating how to safely migrate users data in a future release.

      Take care,

      ++dave;

    • PaulR
      PaulR says:

      Thanks for jumping on this, I and others appreciate your responses. Noisy customers display engagement with your product, which is valuable for you, and the responses I’ve seen to date indicate that you understand this.

      These noisy customers will tell you very clearly when you stuff up, and IMHO you did. Any leak of data is poor practice so I am glad you are fixing it.

      Dropbox is not safe. It seems clear that they are an NSA target from the leaks so far, which means we can assume that state actors have access to those files. So we are trusting you to manage our data in a way that is NSA-proof.

      I love your product, and look forward to continuing to use it.

    • PaulR
      PaulR says:

      Have a look at the local store in ~/Library/Application Support/1Password.
      If the file there is called .agilekeychain, then you are using the old
      leaky format. If the file is .opvault then you are fine.

      You are not sharing any files via any external source – in theory
      these files only exist on devices under your control. But its still not ideal.

    • Ronen
      Ronen says:

      Whet if I don’t see at all this file ?
      I see :
      ~/Library/Application Support/1Password 4/Diagnostics

      (maybe from an old 1P ver …But its almost empty

    • Dave Teare
      Dave Teare says:

      Hi Andrew,

      Thanks for taking the time to read our post and to ask this question.

      OS X and iOS both use the newer format to store data locally, so there is no need for you to do anything to use the new format. Wi-Fi sync is peer-to-peer, so there’s nothing to configure there.

      For others reading this with a similar setup, it isn’t until you enable Dropbox syncing that the AgileKeychain would be used. But to reiterate, even at this time, either format is fine (I’m using that exact setup myself).

      I hope this helps,

      ++dave;

  10. Ronen
    Ronen says:

    Hi all.
    I really don’t understand 99% of the there’d content ,, But I do understand that maybe there is “something “.
    I use 1Password (updated version from AppStore) in my iMac + iPad + iPhone with iCloud syncing.
    I don’t use Dropbox at all.
    Do I need to worry ?
    Do I need to do something ?
    Thanks.

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Ronen,

      I truly apologize for helping to write something that you didn’t understand 99% of. Jessy and I tried our best to write this post in an easy to understand fashion, but clearly we need to adjust our presentation style next time as we confused a lot of people.

      Given your setup, you have nothing to worry about. Indeed, given any other setup you would also have nothing to worry about (I’m using Dropbox with AgileKeychain myself as I’d never expect my customers to use something I won’t).

      Specifically, your iMac, iPad, and iPhone are all using the newer format for local storage, and your iCloud syncing is using the new format as well.

      I hope this helped clear things up.

      Cheers!

      ++dave;

  11. Drew
    Drew says:

    I know that allowing physical access to a computer trumps all sorts of security measures… but considering I have believed that all my 1Password data is under lock and key via a password… the fact that someone could now just grab the contents.js file and easily have, well, a heck of a lot of information about the sites I have logins for… that’s disconcerting. Echoes of the argument that just because the NSA is only gathering metadata, it doesn’t mean it’s all OK.

    The blog post is not all that straightforward, tbh. I’ve read it a few times and am still not sure why this file has suddenly appeared even though .agilekeychain has been around for years – is it a consequence of the planned transition to OPVault for everyone?

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Drew,

      I’m sorry we didn’t do a better job answering your questions.

      The contents.js file is a bit of a red herring. Each of your items are stored in a file with a unique UUID and a .1password extension. For example, here is one of my item file names: FEA8F8102B3E42ED84312FF9C297EBCB.1password. Within this file the Title and the URL are unencrypted. The contents.js file is simple an amalgamation of this plain text content to allow 1PasswordAnywhere to work.

      If you’d like to dive deep, we cover the AgileKeychain design in great detail here:

      https://support.1password.com/agile-keychain-design/

      I hope that helps.

      ++dave;

  12. Peter C
    Peter C says:

    I definitely appreciate AgileBits solid track-record and generally clear blog posts. This is not one of those blog posts, however. The first red flag is the narrow defense of “We want to reassure users that rely on AgileKeychain that their password data is safe and secure”. The password data is safe and secure, but in some cases, other less-sensitive — but still sensitive — data is not fully secured.

    Another red flag is the defense that the design decisions were disclosed. The correct measurement here is that some users ended up having Google-able sensitive data (not including passwords). There’s always a tension between convenience and security, but that doesn’t mean that a sequence of convenience decisions by a user leaves AgileBits blameless here. Being secure is hard to get right — we rely on AgileBits to make it easy to get our password security right.

    IMHO, it would have been ten-fold better to say something like this:

    In 2008 when we designed the AgileKeychain format, we stored the passwords in a highly secure way that has withstood the test of time, but we didn’t encrypt the URLs of the websites your passwords were associated with. That was right for its time.

    In 2012 we introduced a new format called OPVault that also secures website URLs and other related information. What Dale Myers made everyone aware of is that the old AgileKeychain format could in a few cases let an attacker learn those websites, although the passwords remain secure. To be exposed to this problem, all of the following would need to be true:

    You would need to be syncing passwords, which a large number of you do
    You would need to be using the old AgileKeychain format, which is normally true if using Dropbox or a shared folder. (If using iCloud sync, or Android wifi sync, the newer OPVault format is used, and that’s not affected.)
    AND, you would need to have allowed others to access the shared location (either by publicly sharing the Dropbox folder, or by using a folder on a server that others could access)

    Most of you won’t have made your sharing location public, so you are not affected.

    That said, we should have moved faster to automatically move all our customers over to OPVault. We’re working on that now, and will update you within N days. To manually move to OPVault, the instructions are XYZ.

    Here’s how to make sure you’ve not set up sharing on that part of your Dropbox: XYZ

    Again, sorry we let you down, even in a small way. Thanks to Dale Myers for pointing this out.

    Don’t you think?

    Reply
    • richt
      richt says:

      The biggest problem with all of this is I can’t tell if Agilebits is “spinning the PR madly” or actually cares about this issue. Leakage isn’t good. As an aside, I’m surprised people are talking about internet accessible. Anything that has access to any of your machines (eg a Mac or Windows worm or virus) can read the metadata. There are millions and millions of bots all over the web, so it means that you better make sure that you have protected every machine and every copy of your .agilekeychain everywhere.

      So it is no small leakage.

    • Peter C
      Peter C says:

      If a virus is running on your machine, it can read the same metadata from your browser history, and probably a lot worse besides. (1Password is still believed doing a good job protecting passwords from such an attacker.) So I don’t think your assessment there is accurate.

      What is newly understood is that if you make your AgileKeychain world-readable, then even though it appears to be protected by your master password, only your passwords are protected by that, not your metadata, and that can have some consequences.

    • richt
      richt says:

      Hmm. Since I have 1300 logins for every site and I regular wipe the history of browsers (mainly because macs and windows needs constant rebuilding sad to say) so the main thing is that it has every login I’ve basically ever done so way worse than the last history. And in afraid making things world readable isn’t a matter of posting on the network but any device that can see the file. For myself I was hoping that agilebits CEO or whoever is in charge might post something along the lines of 1) we take security seriously and 2) there is a meta data hole here and we asked you to out everything into it. As opposed to earnest tech support folks saying we are looking at it. In the mean time I think the recommendation should be a) find every copy of agile keychain that you have back them up into encrypted stores (I take a snapshot of agile keychain every week or so as I’ve terrible corruption problems with Dropbox sync.). And then do the conversion to the new format asap.

    • Dave Teare
      Dave Teare says:

      I really like your proposed blog post, Peter. It is very good.

      As I’m sure you know, writing about technical concepts is not easy and yet you made it look easy. You did a really good job of summarizing a lot of technical details into a simple and concise way that is easy to understand.

      ++dave;

  13. Christian C. Berclaz
    Christian C. Berclaz says:

    Disclosure is good but it better means that the gap will be closed very soon if not thus weakens all of us.
    I’ve been recommending 1Password for as long as I remember and I’d like to be able to continue, for my own sake as a user and for my credibility.
    Frankly I am disappointed by the weak excuse that it already works with iCloud. Because as many others I’m using Dropbox for syncing, first to avoid putting all my eggs in the same basket, second because that’s the only way to share a vault with someone else. So for me and others iCloud is simply not a solution.
    In the future if you got to disclose anything don’t try to sugarcoat it or to pretend it is mitigated in some more or less obscure conditions. Just take it responsibly and solve it timely.

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Christian,

      Thank you for sharing your thoughts on this and thank you for recommending 1Password! We live and breath based on word-of-mouth so your recommendations mean the world to us. I had hoped our post would help strengthen our relationship but clearly we missed the mark.

      I certainly wasn’t trying to make any excuses or force people to switch to iCloud. I use AgileKeychain along with Dropbox syncing for my own data so I didn’t mean to cause any alarm or an exodus to iCloud. I simply hoped to share information with those who wanted to switch sooner and didn’t expect the suggestion to scare people into thinking they had to switch.

      ++dave;

    • Christian C. Berclaz
      Christian C. Berclaz says:

      Dave

      Thanks for replying. I understand the sentiment and deep down I appreciate the fact that you came forward with it.

      I think now the only question is: when do we all migrate? Is it a matter of days, weeks or months? And I can just hope it’ll be the first.

      Chris

    • Dave Teare
      Dave Teare says:

      Hello again Christian,

      I don’t have a timeline to share with you at the moment. Changing the default format is a pretty simple change and will be rolled out relatively quickly. The other tasks of updating Android and automating the migration will take longer.

      If you prefer not to wait, you can manually switch yourself over today without needing to use iCloud. You didn’t mention what devices you are using at the moment but if you’re not using Android you can switch to OPVault and continue using Dropbox. If you are using Android, you can switch to using Wi-Fi syncing.

      I hope that helps.

      Take care,

      ++dave;

    • Christian C. Berclaz
      Christian C. Berclaz says:

      Hello Dave
      Thanks for the tip. I’ve followed the instructions and everything fell into place very quickly. Pretty cool!
      I guess not many users will actually open a terminal window to do that but that’s better than nothing and shows it already works well.
      Keep up the good work
      Chris

  14. PaulR
    PaulR says:

    Just a note: if you follow their instructions here:
    https://support.1password.com/switch-to-opvault/
    this does convert your sync’d dropbox copy of the vault to opvault.
    It does not seem to convert your local store to opvault – that stays
    as the leaky .agilekeychain file.

    Does anyone know:
    Do I need to create a new empty opvault and copy all my password entries to it?

    Thanks

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Paul,

      Which local file are you looking at? The file being used should be a database file like ~/Library/Application Support/1Password\ 4/Data/OnePassword.sqlite. If you purhcased in the Mac App Store the path will be a little different but the database file is the same.

      ++dave;

  15. willembeekhuis
    willembeekhuis says:

    Nice to hear that Agilebits is going to make effort of the migration to OPVault. This is really a good moment to evaluate the use of Password hints. The lessons learned from the Adobe breach that many passwords could be guessed from the Password hints. There are two methods to consider:
    – Disable the use of Password hints
    – Mask password hints with an alternative method such as field level encryption

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Willem,

      You make a good point about password hints. While you’re certainly right that poorly chosen hints can help attackers, there’s no doubt that they also help customers remember their Master Passwords. It’s a tough line to walk as users who forgot their Master Password will be completely locked out of their 1Password database.

      We’re likely to move away from password hints completely at some point as you’re right, some customers make the hint too easy for the bad guys to use against them. While we can improve that, I do worry how many additional users will be locked out of their 1Password vaults. Our team has this conversation with people at least a few times a week and it’s never a fun time.

      As for using “field level encryption”, I’m not sure how you see that working. If we encrypt it with the Master Password, then we can’t decrypt it unless the customer remember the password, in which case they don’t need the hint. If we encrypt it with a hard coded password, this is simple obfuscation and the bad guys will figure it out.

      In any event, thanks for bringing this up. Password hints are always an interesting conversation :)

      ++dave;

    • Christian C. Berclaz
      Christian C. Berclaz says:

      Dave

      I like this conversation. Though my master is not weak it is certainly not the strongest: happy I don’t have to type 32 odd characters on the iPad… And for everyone to see while I’m typing them. I do like the option of using the secureID on the phone.

      Have you thought about unlocking the apps directly from the iPhone? Or the watch? Or to offer a 2-Step service?

      Linked to it is the question of heir. I keep my passwords for me, some are already shared but my wife and I do not feel that sharing everything is meaningful/useful, it could actually be confusing to have 2 Facebook ID in the database…

      But one day one of us will go, if it’s me first I’d like her to get all my access easily, with no fuss. Today, unless compromising my security by writing my master pwd on paper, there is no way to handle it.

      Not exactly the same topic as password hints, but think of it the solution could be the same.

      Cheers
      Chris

    • Dave Teare
      Dave Teare says:

      Thanks for jumping in on this conversation, Chris. It’s certainly an interesting one!

      Using TouchID to unlock all the apps is a great idea and one that we’ve been thinking about. We obviously need to find a way to do it in a secure manner but it would be sweet. With that said, I don’t mind typing my Master Password on my laptop since I have the full keyboard.

      As for heirs, you’re right, it’s an important issue that needs to be thought through. In your case it’s fairly straight forward as both your wife and you are using 1Password and you’re happy living together so you could tell her your Master Password. I can imagine many situations, however, where this is not the case. These people might not have anyone to share their Master Password and 1Password database details with. In these situations we recommend adding your 1Password details to a Will and Testament.

      It’s a complicated issue that’s for sure and one we’re investigating.

      ++dave;

    • Christian C. Berclaz
      Christian C. Berclaz says:

      Yeah on a standard keyboard that’s perfectly ok but still I think people tend to opt for shorter password if they have to input them frequently. But in case I’d lost mine, it would be great to recover access with my fingerprints. To unlock devices my issue is more that whilst I have touchID on my iPhone, I don’t have it on my iPads – and Apple has not yet convinced me to migrate from my mini 2 and Air – so in a dream world, I’d love to unlock the iPad version with the touchID on my iPhone :) Maybe I’m dreaming too much…

      For heirs, I’m actually not sharing my whole vault with my wife. We both have our personal ones and we share another one with common data (things like ID cards, passport, etc). So effectively we are in the same situation as most others. I don’t like the alternative of the will because it forces me to commit my password to paper and it is not convenient to change it because I’ll have to update it in the will each time as well.

      What about a situation where: 1Password generates a key from a vault, the key is sent to a “Service” which sends a 2nd key by sms to a pre-identified device which helps getting access to the file and change the password? Is that possible without the “Service” storing my password at all?

    • Megan O'Brien
      Megan O'Brien says:

      Hi Chris,

      I think people tend to opt for shorter password if they have to input them frequently.

      For passwords that have to be frequently entered, I recommend dice ware. 4 or 5 randomly chosen words can be as secure as a jumble of characters, and it’s much easier to remember and type (even on limited iOS keyboards.) You can read more about dice ware in our blog post: http://blog.agilebits.com/2011/06/21/toward-better-master-passwords/. We have a shiny new dice ware generator in 1Password 6 for iOS, its been in 1Password for Windows for a while and we’re working on bringing this feature to Mac as well.

      What about a situation where: 1Password generates a key from a vault, the key is sent to a “Service” which sends a 2nd key by sms to a pre-identified device which helps getting access to the file and change the password? Is that possible without the “Service” storing my password at all?

      Thanks for the suggestion! As Dave says, we’ve been investigating this issue for a while now, and I’ll make sure your thoughts are passed along. :)

  16. Waltbrooks
    Waltbrooks says:

    I’m using 1Password for Windows version 1. I’m also using it with iOS and Android. I don’t want to buy version 4 for Windows because I see no reason. Version 1 is working just fine. What will happen with my version when you change the format? Will it be updated, will I have trouble synchronizing it with Android and iOS version? I keep my agilekeychain file in the clouds.

    Reply
    • Willem Beekhuis
      Willem Beekhuis says:

      @Waltbrooks,

      I understand your point of view. If you check the list of fixes and new features on
      https://app-updates.agilebits.com/product_history/OPW4 maybe you get convinced to upgrade to a newer release. It’s much better and safer to upgrade your 1Password program.

      If you are upgrading to version 4, this version is still supporting the .agilekeychain format.

      There are regularly discounts on the Agilestore, so you don’t have to pay the full price.

      You can download a Trial version or a Bêta version for free, so you can review all new features.

    • Waltbrooks
      Waltbrooks says:

      Like I said, 1Password for Windows version 1 does everything I need it to do. I don’t see why I should pay for a new version if the current version has a security hole. If they don’t want to patch my version then they should give me the version they patch for free. If I have to pay money I’d rather switch to another service than to pay for fixes of security holes.

    • Dave Teare
      Dave Teare says:

      Hello Walt,

      We are simply changing the default format for new installs of 1Password. Since you already have your AgileKeychain created, 1Password will continue to use it just fine.

      As for keeping your AgileKeychain in the cloud, that’s perfectly fine. It’s exactly what it was designed to do and I’m syncing my own data using AgileKeychain and Dropbox.

      I hope that helps,

      ++dave;

    • other bob
      other bob says:

      Hi Dave

      After the full migration to the new OPvault versions, will 1Password use the OPvault format for all avenues of backup and syncing? FolderSync, Wifi, Dropbox, iCloud etc? Or is there a reason that some methods required the older format?

    • Arun
      Arun says:

      Dave,

      I love 1Password, but I did want to make a comment about keeping AgileKeychain in a Dropbox folder even if it is not publicly shared. By doing so, you are in essence trusting Dropbox to keep the data secure. Now Dropbox probably has great security, but it is also a big target. As Jeff pointed out in a blog, our Master Password is our best protection against real or imagined Dropbox breaches; however, with the AgileKeychain format, this is only true of passwords and not the metadata. It seems the sooner you migrate people over to OPVault, the better for all concerned. Even a 6+ word Diceware passphrase is no protection (for the metadata) against a Dropbox breach that results in exposure of people’s AgileKeychains.

Newer Comments »

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *