dropbox problem - moving keychain to local drive

pensters

I'm using 1password on snow leopard and have decided to stop using Dropbox due to security concerns. However there appears to be no way to tell the app to stop syncing to dropbox. I've moved the keychain from dropbox and put it on my local drive in Application support/1password. If I then go into 1password prefs and tell it to use the keychain that I've just moved, the keychain is invisible.



However if I move the keychain to the desktop it becomes visible again. If I then try double clicking on the desktop keychain and then tell 1password to open it, that doesn't work either.



I do not have the 'stop using dropbox' feature that I've seen listed on the forums - I'm assuming that must be a Windows feature, as my software is up to date on my Mac.



What is the correct procedure please as this is really irritating! thanks

khad

Welcome to the forums, pensters! Could you please tell me what version of 1Password you are using?



Thanks!

pensters

Yes certainly it is Version 3.8.10 (build 31186), running on a mac under snow leopard, thanks

khad

I'm not sure what sort of security concern(s) you have, but I just wanted to point you to the section of the User Guide which explains why all of us at AgileBits use Dropbox syncing every day.



From the moment we designed the Agile Keychain data format we ensured that it was able to withstand an attack should your data fall into the wrong hands, either as a result of a Dropbox breach of if someone physically stole your computer. As such, we use 128-bit AES encryption to protect your sensitive 1Password data as well as many other mechanisms to stop an attacker from ever accessing your information and we detail this here:



[size=5][url="http://help.agilebits.com/1Password3/cloud_storage_security.html"][b]Security of storing 1Password data in the Cloud[/b][/url][/size]



So, as long as you use a secure master password that you don't use elsewhere, your 1Password data is incredibly safe even when stored on a service like Dropbox. If you're not sure about the strength of your master password, please do take a look at our recent blog post on this:



[size=5][url="http://blog.agilebits.com/2011/06/toward-better-master-passwords/"][b]Toward Better Master Passwords[/b][/url][/size]



Of course, you are free to make your own decisions, but I just want to make sure you are working with as much information as possible. <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/smile.png' class='bbc_emoticon' alt=':)' />



If you still wish to stop using Dropbox to securely sync your encrypted data, in 1Password 3.8.10, right- or ctrl-click on the data file path in 1Password's preferences and then select "Move Data File to Another Folder" to move your data file to another folder.

[img]https://img.skitch.com/20111125-t7s8g33fry4hqdt458ffcpm3ns.png[/img]

If we can be of further assistance, please let us know. We are always here to help!

pensters

thanks for the info, I can now make a decision as to where I store the keychain. I'm not a fan of storing sensitive data off site.

thanks for your help

khad

No problem at all. That's what I'm here for. <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



Best regards,

LosInvalidos

Khad you keep saying dropbox is secure.



But their servers are on us territory and i'm sure you are aware of how us three-letter-agencies deal with privacy issues, right?



A local sync is (imo) always saver than giving data (encrypted or worse unencrypted) out of your hands.



I am of course aware of the fact that there are also attacking scenaries for a local sync.

khad

The security of your 1Password data is not dependent on the security of Dropbox. It is encrypted securely, strongly, and independently on your local machine before Dropbox ever has a chance to store it. Please read the aforelinked document on the [b][url="http://help.agilebits.com/1Password3/cloud_storage_security.html"]Security of storing 1Password data in the Cloud[/url][/b] which explains this (among other things) and start a new thread if you wish to discuss a different topic. <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/wink.png' class='bbc_emoticon' alt=';)' />