This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

1Password default Dropbox location for the keychain

<div class="IPBDescription">Question about Dropbox and public sharing</div>I've just started using both 1Password and Dropbox and have a question related to the agilekeychain location in Dropbox and security.



The latest release of 1Password's integration with Dropbox provided a "Move to Dropbox" button. Very nice and very handy for setting this up on Dropbox. By selecting Move to Dropbox, 1Password placed the agilekeychain in the root folder of Dropbox. Easy, quick and simple.



My question is, by having the agilekeychain in the root folder of Dropbox is it possible thru some inadvertent sharing operation in Dropbox, I might to expose the keychain to the public that would not happen if, say, the location was in a subfolder? I ask this because, in searching via Google, I see references to issues with sharing with the public and implied sharing inheritance. I just don't want to do something in Dropbox that would inadvertently share the keychain.



Thanks,



Bill Krueger

Comments

  • thightower
    thightower &quot;T-Dog&quot; Agile&#39;s Mascot Community Moderator
    edited February 2011
    Hi Bill,



    First off welcome to 1P and Dropbox,



    In re to your questions, the move to Dropbox button will suffice for the vast majority of our users, you are more than welcome to move it to a subfolder if you choose.



    In re to sharing you cannot share the root of your DB folder so with it being in the root you are fine and unless you did so on purpose there would be no way to share the keychain in the root. (It could be done but not easily)



    First off Dropbox offers 3 types of sharing , 1) shared folders where groups of people collaborate on a folder only between DB accounts (private invite only) 2) Shared folder as before but the link is external (this link can be shared and re shared) 3) the last is a true public link and is for all purposes just like number 2 except for individual files



    When you found those google results look like you saw an older bug in the DB system. In that a person shared folder A with user A, he then shared a second folder B (within folder A) with user B. In some cases user B could also see any other info placed into folder A not just what was shared with him.



    Basically I look at it like this don't Create NESTED folder in your share structure and expect to have all kinds of messed up sharing with folks and DB keep it straight.



    The DB team has fixed this if I am not mistaken. Take things slow and learn DB before you go sharing lots of info <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />



    What quiet a few folks have done is put all the folder they share inside 1 large folder that doesn't get shared here is a screen shot of mine the folder called "Public Sharable links never gets shared. I only share the sub folder with whom ever needs it. [url="http://bit.ly/eUc71x"]http://bit.ly/eUc71x[/url]



    If it makes you easier move the keychain to DB via the move button then create a folder called 1Password and drag the keychain into it (let the sync finish) Then double click on the keychain 1P will ask if you want to switch to this keychain select yes you are all done on this machine.



    Rinse and repeat as desire on the other machine However all you would need to do is double click on the keychain and select yes on them NO MOVING NEEDED



    Maybe I have helped a little and not confused you even more.



    Here is how I have mine setup a folder just off the root called 1Password (original I know) <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' /> [url="http://bit.ly/hZUWmD"]http://bit.ly/hZUWmD[/url]
  • Hi Bill,



    That's a great question, as far as I'm aware it's not actually possible to share the root of your Dropbox folder, and you have to share specific folders, or use the 'Get shareable link' to provide one time access to a file or folder.



    The sharing inheritance would actually be more relevant if you stored the 1Password.agilekeychain file in a sub-folder. So for example, let's say you had a folder structure as such:



    Dropbox > Awesome Stuff > 1Password > 1Password.agilekeychain



    If you shared 'Awesome Stuff' with other people (and remember sharing in Dropbox is by invite only, it's not just open to the public) then they would also have access to the 1Password folder.



    Of course, the key thing to note is that your 1Password data is always encrypted using 128-bit AES encryption, so even if someone did get hold of your data file they'd either need to know your master password or spend somewhere in the region of 149 trillion years brute-forcing the AES key.



    Hope that helps,





    [quote name='Bill Krueger' timestamp='1298817343' post='21492']

    I've just started using both 1Password and Dropbox and have a question related to the agilekeychain location in Dropbox and security.



    The latest release of 1Password's integration with Dropbox provided a "Move to Dropbox" button. Very nice and very handy for setting this up on Dropbox. By selecting Move to Dropbox, 1Password placed the agilekeychain in the root folder of Dropbox. Easy, quick and simple.



    My question is, by having the agilekeychain in the root folder of Dropbox is it possible thru some inadvertent sharing operation in Dropbox, I might to expose the keychain to the public that would not happen if, say, the location was in a subfolder? I ask this because, in searching via Google, I see references to issues with sharing with the public and implied sharing inheritance. I just don't want to do something in Dropbox that would inadvertently share the keychain.



    Thanks,



    Bill Krueger

    [/quote]
  • Thanks, Tommy, for the extra info - you're a legend <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
  • thightower
    thightower &quot;T-Dog&quot; Agile&#39;s Mascot Community Moderator
    edited February 2011
    [quote name='stu' timestamp='1298825743' post='21498']

    Thanks, Tommy, for the extra info - you're a legend <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />

    [/quote]



    Haha, if its about one of my 2 fav subject you know I am gonna reply 1P and Dropbox. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />