This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Google chrome master pasword and sync problem
Hi there,
To get a high security level I want to change my master password now and then. I have to change it in every available client I use (iPhone, iPad, Mac and Windows). I am worried about the security of the windows system, because after I changed the master password in the 1 password program, the google chrome plug in does not work with the new master password.
When I put in the new master password I get the message "inizializing..." and nothing happens. I have to use the old master password to get in and I can still read and change passwords. That makes me worried.
Am I doing something wrong and do I have the read the manual somewere or is their something wrong with the software?
Cheers,
Martin.
To get a high security level I want to change my master password now and then. I have to change it in every available client I use (iPhone, iPad, Mac and Windows). I am worried about the security of the windows system, because after I changed the master password in the 1 password program, the google chrome plug in does not work with the new master password.
When I put in the new master password I get the message "inizializing..." and nothing happens. I have to use the old master password to get in and I can still read and change passwords. That makes me worried.
Am I doing something wrong and do I have the read the manual somewere or is their something wrong with the software?
Cheers,
Martin.
Flag
0
Comments
-
[quote name='slightly-tilted' timestamp='1326366940' post='57093']
To get a high security level I want to change my master password now and then. I have to change it in every available client I use (iPhone, iPad, Mac and Windows).
[/quote]
Assuming you're syncing your 1Password Data via Dropbox, there is no need to change your master password in every available client. When you change your master password on Mac, for exampe, then Windows should simply sync and accept your new master password.
[quote name='slightly-tilted' timestamp='1326366940' post='57093']
I am worried about the security of the windows system, because after I changed the master password in the 1 password program, the google chrome plug in does not work with the new master password. When I put in the new master password I get the message "inizializing..." and nothing happens. I have to use the old master password to get in and I can still read and change passwords. That makes me worried.
[/quote]
This is a known issue. Whenever you change your master password, I'm afraid you'll have to remove (and then re-install) our Chrome extension. However, this problem does not lower the security of your 1Password Data.
[quote name='slightly-tilted' timestamp='1326366940' post='57093']
Am I doing something wrong and do I have the read the manual somewere or is their something wrong with the software?
[/quote]
You're doing nothing wrong. This is a known issue, and we're working on a fix.Flag 0 -
[quote name='Stefan von Dutch' timestamp='1326369362' post='57095']
Assuming you're syncing your 1Password Data via Dropbox, there is no need to change your master password in every available client. When you change your master password on Mac, for exampe, then Windows should simply sync and accept your new master password.
[/quote]
Not in [i]every[/i] 1Password client, but you [i]do [/i]need to re-establish your Dropbox sync setup in 1Password for iOS whenever you change your master password. (I believe that will continue to be true, even after we fix the problem that requires you to uninstall and re-install the extension for Chrome to get it to recognize your new master password.)Flag 0 -
H Martin,
We certainly do need to get the synching of password changes from the app to the extensions on Windows sorted out, and that is being worked on, but I wanted to comment on another point.
[quote name='slightly-tilted' timestamp='1326366940' post='57093']
To get a high security level I want to change my master password now and then.
[/quote]
The rule of thumb for frequently changing passwords is a "rule of thumb". The reasons for it don't apply in some cases, and those reasons emphatically don't apply to your 1Password master password. The short answer is that once you have a strong master password that you never, ever use for anything else, you should stick with it for life.
More technically your 1Password master password should be treated like an "encryption password" instead of an "authentication password". One of the crucial differences is the role of backups. If someone steals your computer, they may have access to both your current (encrypted) 1Password data, but also to the backups that 1Password makes. An attacker could try passwords against those backup copies and if you change your password frequently then this actually [i]increases[/i] the number of ways that the attacker has into your data (by increasing the number of passwords that will work for at least one copy of your data).
Again, the short answer is simply to have a good unique master password for 1Password and keep it for life. You should only change it if there is a compelling reason to. This also applies for other high security systems like ssh or gpg/pgp.
Cheers,
-jFlag 0 -
[quote name='jpgoldberg' timestamp='1326554349' post='57183']
...have a good unique master password for 1Password and keep it for life [and] change it if there is a compelling reason to [do so].[/quote]
...such as having divulged your master password to someone to whom you no longer wish to give access to your 1Password data.Flag 0