Switching Back to the OS X Keychain

RobJ

<div class="IPBDescription">(from the Agile Keychain)</div>On your website, it says:



"Switching to the Agile keychain format is easy and safe. You can easily go back to the OS X keychain if you want..."



http://help.agile.ws/1Password/switch_to_agile_keychain.html



But unfortunately, it does not specifically say HOW to switch back. I want to know how.



I am a registered 1Password 3 user on Snow Leopard, using the Agile Keychain stored on DropBox. I will be making an overseas trip to visit my parents soon. I don't have a notebook so I intend to use my parents iMac, which is an older model capable of running only OS 10.4 Tiger. I see on your website that my 1Password 3 serial will work in 1Password 2, so that's got me covered. I can then temporarily install 1Password on my parents computer while I am visiting them, and I know how to setup 1Password to access the Agile Keychain stored in my DropBox account. But just before I leave my parents house, I wanted to delete 1Password off their computer and RESTORE the OS X keychain -- putting the computer back as it was before. How, specifically, do I restore the OS X keychain (on an older iMac running Tiger, with 1Password2)?



Thank you.

[Deleted User]

Hello RobJ and welcome to the Forums!



Certainly, you can install 1Password on your parent's computer, but please note that the 1P data file, called the [i]1Password.agilekeychain[/i], and the OS X keychain are separate files and are not mutually exclusive.



In other words, both can coexist on the same computer. Unless you specifically agree to add a Login to the OS X keychain, it is not added. I have an iMac with the 1Password desktop application installed. My 1P Logins are completely separate from the Logins I chose to add to my OS X keychain



However, your worry may be moot. Since you already use Dropbox syncing, you can avoid any potential issues by taking advantage of the [i]1PasswordAnywhere [/i](1PA)[i] [/i]function. Please see the following article for more details: [url="http://help.agilebits.com/1Password3/1passwordanywhere.html"]1PasswordAnywhere[/url]. When I visit my parents, I always use this method when using their desktop computers.



Of course, if you wish to use the full 1P application, you can download and install 1P on their computer. As long as you setup the desktop app to sync with the 1Password.agilekeychain file located in your Dropbox account, you will have full access to your existing data file. There will be no changes made to your parent's OS X keychain. When you prepare to leave, just drag the 1Password application to the trash as you would any other program.



Please let me know if I've answered your question to your satisfaction. I want to be sure you have full access to your 1Password data, and I do NOT want to cause any security or other issues for you or your parents.



I hope you have a safe and enjoyable trip with your family!



Cheers!



Brandt

RobJ

Brandt, first of all, thank you for the lightning fast reply! I certainly appreciate it.



I just tried out 1Password Anywhere by logging into my DropBox account as you specified and it works beautifully! The only thing it doesn't do is put that convenient little "1P" icon in the browser's address bar (making it easy to fill in forms or enter passwords on any web page), but at least I can search within my 1Password account via web browser and dig up any access info I need.



Anyway, thank you. Your reply was very helpful.

[Deleted User]

RobJ,



It was my pleasure!



1PA is not a perfect substitute for the actual 1Password desktop application, but considering your worries concerning returning your parent's computer back to its original form, I thought you may find it the easiest solution for your visit.



If you decide to install the desktop app instead, please let us know if you have any questions regarding the install/deinstall process.



Best wishes,



Brandt

khad

For those playing the home version of the game, once upon a time 1Password stored its data using the OS X keychain format. Even then it was a separate keychain from the default "login" keychain, so there was no commingling. The current version of 1Password only reads and writes our own [url="http://help.agilebits.com/1Password3/agile_keychain_design.html"]Agile Keychain Format[/url]. The link in the original post is to the documentation for 1Password 2 (the older version) which can use both formats.



At this point in time there is not a reason to ever have 1Password store its data in the old OS X keychain format. [url="http://help.agilebits.com/1Password3/keychain_comparison.html"]The Agile Keychain Format is superior[/url] and can be read by [b]both[/b] 1Password 2 [b]and[/b] 1Password 3. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



Just a slight addendum.



Carry on.

[Deleted User]

There's a home version of this game? I need to check the download site more often. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/wink.gif' class='bbc_emoticon' alt=';)' />

RobJ

Hello again. I am currently on my overseas trip, and until today I've had no issues whatsoever with 1Password Anywhere. It works wonderfully. However, this morning I accessed my Secure Notes, and I can see most of them just fine, but clicking on one of my notes produces the following popup error dialog:



[code]https://dl-web.dropbox.com



An error occurred while processing item

'2D8C219817F840CF92E6A319B1C0E9F0'.



Decryption passed but JSON was invalid[/code]



I believe "JSON" is simply a misspelling of my brother JASON whose name should appear in that particular note. But since the note is only text (names and addresses), I am quite confused as to why I get this error. Is there any workaround so I can easily access the information in that note via 1Password Anywhere?



Thank you.

[Deleted User]

Hello RobJ,



Actually, JSON stands for JavaScript Object Notation. Wikipedia offers a good explanation here: [url="http://en.wikipedia.org/wiki/JSON"]JSON[/url]



I just wanted to get a quick answer to you on what JSON means. I'll check into causes for the error, but I know there are some experts on the Forum right now who may jump in with an answer quickly.



Hold on for a few minutes. We'll be back!



Brandt

[Deleted User]

Rob,



Sorry for the trouble you're experiencing with 1PasswordAnywhere.



JSON, in this case, is the data format we use for your 1Password data, it stands for JavaScript Object Notation and isn't a misspelling of your brother's name, I used to get confused with that too when speaking with my friend Jason about JSON <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



I'm not entirely sure what's happened here, do you have the ability to install 1Password 2 onto your parents computer as you discussed earlier? If so, download Dropbox, let it sync and then install 1Password 2.12.1 from our legacy versions page here:



http://help.agilebits.com/1Password3/legacy_versions.html



Once you have 1Password 2 installed, just locate the 1Password.agilekeychain data file in your Dropbox folder, double click it and, hopefully, you'll be able to see the data in the Secure Notes. If that's not an option, what browser are you using to access 1PasswordAnywhere at the moment?



Hope that helps,



[quote name='RobJ' timestamp='1308412368' post='29469']

Hello again. I am currently on my overseas trip, and until today I've had no issues whatsoever with 1Password Anywhere. It works wonderfully. However, this morning I accessed my Secure Notes, and I can see most of them just fine, but clicking on one of my notes produces the following popup error dialog:



[code]https://dl-web.dropbox.com



An error occurred while processing item

'2D8C219817F840CF92E6A319B1C0E9F0'.



Decryption passed but JSON was invalid[/code]



I believe "JSON" is simply a misspelling of my brother JASON whose name should appear in that particular note. But since the note is only text (names and addresses), I am quite confused as to why I get this error. Is there any workaround so I can easily access the information in that note via 1Password Anywhere?



Thank you.

[/quote]

[Deleted User]

Rob,



If you are still remiss to install 1P on your parent's computer, you can try the following:



Once logged in to your account on Dropbox's website, navigate to your 1Password.html. If you hover over the file, you should see an arrow to the far right. Click on it and choose [i]Previous versions.[/i]



Unless you've deleted all previous versions, you should see a list of 1Password.html files that were subsequently updated to the current version. For each previous file, you should see Preview column heading with a magnifying glass icon.



Select the most recent previous file date and click on the icon. 1PA should start, and you'll need to login. Try to select your Secure Note again. If that one doesn't work, check the next most recent and so forth. By selecting Preview, you aren't actually restoring that particular version.



Hopefully, you'll find an older version that doesn't produce the JSON error. It's worth a try before you decide whether to install 1P on your parent's computer. I know you wanted to avoid that in the first place.



However, if the Note contains info that you really need before the end of your trip, please follow Stu's directions. 1P2 will work on Tiger, so you do have a final solution.



Please let us know how it goes.



Brandt

RobJ

[quote name='stu' timestamp='1308413642' post='29471']

If that's not an option, what browser are you using to access 1PasswordAnywhere at the moment?

[/quote]



Sorry for my delayed response. I had a busy schedule on my trip after my last post and I was unable to reply back until now. I was using the latest version of Safari that will run under OS 10.4 Tiger, running on a PPC G5 1.8GHz Dual PowerMac.



Interestingly, I have the same problem here at home. Please know that I have 1Password 3.5.9 running on my QuadCore iMac i7 under OS 10.6.7 and I can see the Secure Note in question just fine from within 1Password, without error. But if I Open Safari 5 on this same Mac (latest version) and try to access that particular Secure Note via DropBox, I get the same JSON error as before when I was running on my parents G5 PowerMac. Again, it only effects that one note, not any of the others. And all I have in that problematic note are just 9 names and addresses!



Please advise.

[Deleted User]

Hello RobJ!



Thank you for following up, and I'm sorry you're still having this error with the one secure note.



Before going further, have you tried rebuilding your data file and/or clearing 1P's cache? If not please try both now. You can access each from the Help > Troubleshooting menu.



Admittedly, I am not a JSON expert, so if neither the rebuild nor the cache clear works for you, I think it will be time to call in those who love JSON like a son!



If you still get the error, could you please email us your Diagnostics Report? To generate the report from 1Password on your Mac, open 1Password and select Help > Troubleshooting > Diagnostics Report. Then attach the entire file to an email addressed to support@agilebits.com.



Please include a link to this thread in your email message so that we can "connect the dots.”



[color="#ff0000"]Please do not upload the Diagnostics report in the Forums.[/color]



I want to resolve this issue for you once and for all! Thank you for your patience and for continuing to update the thread.



Brandt

RobJ

[quote name='bswins' timestamp='1309620188' post='30906']...have you tried rebuilding your data file and/or clearing 1P's cache? If not please try both now. You can access each from the Help > Troubleshooting menu.

[/quote]

No, I had not tried that previously. Thank you for the specific advice. I just performed both tasks, then waited a few minutes for everything to get synched on DropBox. I then accessed 1Password Anywhere via DropBox and found that the problem remained. But then I looked more closely at the files in DropBox and I did not see any with today's date, despite my having done the Rebuild and Cache clear in the 1Password app on my iMac a few minutes ago. I did see the DropBox menubar icon twirl, which proved data from my 1Password change was being sent to DropBox, yet the dates are still old. And yes, I clicked reload in Safari multiple times.



At the root level of my DropBox, I see various files including a folder named "1Password.agilekeychain". Clicking on that folder brings me to a page that lists these files:



[list]

[*][b]a[/b] [i](folder)[/i]

[*][b]config[/b] [i](folder)[/i]

[*][b]data[/b] [i](folder)[/i]

[*][b]1Password My iMac.html[/b] [i](older file from 2010)[/i]

[*][b]1Password.html[/b] [i](dated 5/16/2011, and the file I've been using to access 1Password Anywhere)[/i]

[/list]



I have just emailed my Diagnostic Report to the email address you suggested. I look forward to hearing your reply.



Many thanks!

khad

My guess is some kind of character encoding issue in an "invisible" character (like a strange line break or non-breaking space). If the note is not too long, try creating a new note by hand [b]without copying or pasting anything[/b]. This should ensure that if my theory is correct, the "strange" character is not introduced into the note. Please let me know how it goes.



P.S. I looked for your DR in our inbox but didn't see it. I only had the email address you used to sign up for the forums, though, so if you sent it from another address could you send me the address I should be looking for via a PM? Thanks!

RobJ

Khad, I just sent you my private email address via PM.



I've not had a problem ever with any other notes, whether created by hand in 1Password or via Copy/Paste from TextEdit. The problematic note in question was originally an RTF file. I merely opened TextEdit, did a Select All, Copied, then switched to 1Password and Pasted in a new Secure Note. No problems at all accessing that note from within 1Password, but I get the aforementioned JSON error in the browser.



Thanks.

[Deleted User]

RobJ,



Thanks for following up. Sorry we aren't there yet, but I know Khad will figure it out!



His idea regarding a character encoding issue reminded me of some similar issues in the past. Hopefully, his hunch is correct. That would be relatively easy fix for you.



I look forward to finding out the solution to this mystery...as I'm sure you are.



Thanks again for hanging in there!



Brandt

khad

Thanks so much for all your help with this, James!



There is a very strange character between two specific lines in the RTF file you sent me via PM.



My guess is that you copied and pasted those lines from somewhere else which introduced [url="http://www.fileformat.info/info/unicode/char/2028/index.htm"]the odd character[/url]. It is not found anywhere else in the file and cannot easily be reproduced through any keys on your keyboard. The relevant bit from the source code of the RTF file:



[code]\uc0\u8232[/code]

I'll let the developers know about this and see if we can't handle this error condition more gracefully in the future. In the mean time, [b]simply remove the lines I mentioned in my PM to you and retype them by hand to get rid of the offending invisible character[/b]. It should then work just fine in 1PasswordAnywhere. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



Thanks again for bringing this to our attention. Please let me know if there is anything else I can help with!



Cheers,

RobJ

[quote name='khad' timestamp='1309756026' post='31096']There is a very strange character...

[/quote]

Many thanks, khad, for the quick solution. I just tried your advice and it worked perfectly. Not sure how that oddball character got in there. I may have copied that address from a PDF or from MS Excel (2011) and pasted into the RTF, after which I copied and pasted into iPassword. In any case, the problem is gone now.



Thank you to everyone in this thread who contributed. Agile support is truly the best in the software industry!

khad

Glad to hear that things are working well again! I'm glad I was able to figure it out. It certainly took me a minute. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/laugh.gif' class='bbc_emoticon' alt=':lol:' />



I will share your very kind words with the rest of the team here. You made my day.



Best regards,

[Deleted User]

[quote name='RobJ' timestamp='1309768645' post='31106']

Thank you to everyone in this thread who contributed. Agile support is truly the best in the software industry!

[/quote]



James,



I'm glad the mystery is finally solved!



It's been great working with you during the last month, and I appreciate all of your help along the way!



I appreciate the kind words regarding Agile's customer support, and although Khad shared your comment with the team, I wanted to thank you personally for the praise.



It's easier to provide great support when we're working with a great customer like you! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />



Don't be a stranger!



Cheers!



Brandt

mjboyle

Hello,



I hope it is ok to piggyback a question onto this thread as it seemed the most directly related thread I could find. I have been a long time power-user of the stock OSX Keychain, and I am testing out the 1password trial. I think I'm convinced that buying 1Password would make the experience quite a bit better, but I have a concern. Obviously I'm sure you guys intend to be in business forever and never do anything that would cause me not to want to continue using your product, but just for peace of mind it would be good to know that I can migrate my passwords back out of 1Password if, for some reason in the far flung future, I decide to stop using it.



So I'd love to be able to get new passwords that I make or change in 1Password back into the stock OSX keychain or to keep the two actively synced with each other. However in my poking about I can't seem to find a way short of manually editing each password to export from 1Password into a format that the OSX Keychain understands. I see options to export to text files which is OK in a pinch should I just need to get my data out, but cumbersome when presumably you could automate the process of getting everything back into the OSX Keychain. I see that possibly I could install 1Password 2 and convert over to a keychain file, but do you have plans to support that indefinitely? I'm concerned about the future when we may be using OS 10.9 or OS 11 or something, not the current situation. Obviously you can't predict the future but is there any automated way to keep the 1Password keychain synced with the OSX Keychain? Or would you consider adding some feature to at least export into a format that it could directly import?



Thanks!

khad

Welcome to the forums, mjboyle! Thanks for asking about this.



We certainly have no intention of locking you in. 1Password 2 works just as well today — even in the yet-to-be released Mac OS X Lion — as it did when it was first released. You can switch form the Agile Keychain Format to the OS X keychain format. I'm not sure how useful this would be, though, since while the data is stored as an OS X keychain it is separate from the main login keychain. The most flexible and universal export option is "Text File" (CSV). Nearly every application that could do anything with your login data will accept a CSV import.



Even if we go out of business, your data is stored locally on your hard drive, so you will have as much time as you want to figure out a solution that works for you. AgileBits going out of business won't magically delete the application from your hard drive. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



Not directly related, but you don't even need the 1Password application installed to read your data file. It can be read using the [url="http://help.agilebits.com/1Password3/1passwordanywhere.html"]1PasswordAnywhere[/url] feature in any modern browser. 1PasswordAnywhere is built into your data file and based on web standards.



It certainly would have been easier in some ways to [b]not[/b] have to create our own format, but the limitations of the OS X keychain were becoming a hindrance to the direction we (and our users) wanted 1Password to progress. We have a very detailed article on the reasons that we took the time and effort to finely craft a better format for our customers' needs here:



http://help.agilebits.com/1Password3/os_x_keychain_history.html



The high points are:



• Without the Agile Keychain format, we would not be able to sync to iPhones, iPads, iPod touches, Windows, Android, or Windows Mobile 7.



• The Mac OS X keychain uses Triple DES as its encryption algorithm which is quite secure, but is growing older and has been superseded by newer encryption algorithms with longer key lengths. The US government has deprecated the use of Triple DES and has set AES as its new standard.



• Not to mention performance gains in sync and access speeds. MobileMe syncing of keychains is often unreliable, causing duplicate items to be created, items deleted for no apparent reason, and the creation of corrupt entries that cannot be accessed. Since 1Password does not contain any encryption or synchronization code, it is impossible to fix these issues directly.



You can read a full comparison of the two formats here:



http://help.agilebits.com/1Password3/keychain_comparison.html



I hope that helps. Please let me know.



Cheers,

eblanc

I don't want to switch back to Mac OS X keychain, but I do want to migrate Mac keychain data (secure notes--I have hundreds of them!). Apparently this was possible with 1password 2 (see http://help.agilebits.com/1Password3/upgrade_to_agile_keychain.html), but the instructions do not seem to apply to 1Password 3. Does this mean I must somehow go back to 1Password 2? And where would I get a copy anyway?



The problem looming on the horizon is that Apple is replacing MobileMe with iCloud, which has no provision for syncing the Mac keychains across multiple computers. So I want to migrate my secure notes to 1Password 3, but that seems impossible from info on the web site. A lot of people are going to need to make the switch. Help us out Agile!

khad

Welcome to the forums, eblanc. Those instructions were only applicable to converting 1Password's [i]own data[/i] from the OS X keychain [i]format[/i] to the Agile Keychain Format. There has not ever been a way to [i]import[/i] data from OS X's [i]login keychain[/i] except for web logins via Safari. Unfortunately, even importing Safari passwords in an automated fashion from the OS X keychain is no longer possible since Safari 5.1 was released.



I'm sorry I don't have a better answer for you right now, but we are looking at ways to improve this.

eblanc

Thanks, Khad. I discovered by going through the 1password 2 Mac-keychain-to-1password-keychain conversion that, indeed, the Mac stuff was not pulled out. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_sadsmile.png' class='bbc_emoticon' alt=':-(' /> Interestingly though, the size of the the resulting 800 kbyte 1Password file was larger than the Mac keychain file (~700 kbytes). This suggests that all of the Mac stuff was still in the converted file, but inaccessible.



It would be nice if Agile could figure out an extraction process. I poked through the Mac keychain file with a text editor to see if by chance I could find the secure note stuff in plain text. Nope; there is nothing but binary gobbledegook, which is probably also encoded. My only recourse now is copy secure notes into 1 Password each time I access one on the Mac keychain. Eventually I'll get the result I want!

khad

Thankfully the OS X keychain is encrypted (which is why you could not read it). It is also good that this manual transfer of data is a one time process.



Please let me know if there is anything else we can help with.