3 Account password and Secret Key
1Password is designed to help you and your team manage your secrets. But there are some secrets you need to take care of yourself in order to be able to access and decrypt the data managed by 1Password. These are your account passwordSomething you must remember and type when unlocking 1Password. It’s never transmitted from your devices. Previously known as Master Password. and Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key.3 introduced in this section.
Decrypting your data requires all three of the following: your account passwordSomething you must remember and type when unlocking 1Password. It’s never transmitted from your devices. Previously known as Master Password., your Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key., and a copy of your encrypted data. As discussed below, each of these is protected in different ways, and each individually faces different threats. By requiring all three, your data is protected by a combination of the best of each. Your account password and your Secret Key are your two secrets used in a process we are calling two-secret key derivation (2SKD)Two different secrets, each with their own security properties, are used in deriving encryption and authentication keys. In 1Password, these are your account password (something you know) and your Secret Key (a high-entropy secret you have on your device)..
Figure 3.1: Two-secret key derivation combines multiple secrets when deriving authentication and encryption keys.
Figure 3.2: Your account password, like a combination to a lock, is something only you know.
3.1 Account password
One of the secrets used in 2SKDTwo different secrets, each with their own security properties, are used in deriving encryption and authentication keys. In 1Password, these are your account password (something you know) and your Secret Key (a high-entropy secret you have on your device). is your account passwordSomething you must remember and type when unlocking 1Password. It’s never transmitted from your devices. Previously known as Master Password., and your account password exists only in your memory. This fact is fantastic for security because it makes your account password (pretty much) impossible to steal.
Secrets that must be remembered and used by humans tend to be guessable by automated password guessing systems. We take substantial steps to make things harder for those attempting to guess passwords, but it’s impossible to know the capabilities that a well-resourced attacker may be able to bring to bear on password cracking. This is the reason we also include an entirely unguessable secret — your Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key. — in our key derivation. See Story 1 for an illustration of how your Secret Key comes into play defending you in case of a server breach.
Nobody likes to talk about bad things happening, but sometimes we must.
Oscar somehow gains access to all of the data stored on the 1Password server. We don’t know how, and we certainly tried to prevent it, but nonetheless, this is the starting point for our story.
Among the data Oscar acquires is an encrypted copy of your private key. (We store that on our server so that we can deliver it to you when you first set up 1Password on a new device.) If he can decrypt that private key, he’ll be able to do some very bad things. Nobody (other than Oscar) wants that to happen.
Oscar will take a look at the encrypted private key and see that it’s encrypted with a randomly chosen 256-bit AES key. There’s no way he’ll ever be able to guess that. But the private key is encrypted with a key derived from your account password (and other stuff) so he figures that if he can guess your account password he will be able to get on with his nefarious business.
But Oscar cannot even begin to launch a password guessing attack. This is because the key that encrypts your private key is derived not only from your account password, but also from your Secret Key. Even if he happens to make a correct guess, he won’t know that he has guessed correctly. A correct guess will fail the same way an incorrect guess will fail without the Secret Key.
Oscar has discovered – much to his chagrin and our delight – even all the data held by AgileBits is insufficient to verify a correct guess at someone’s account password. “If it weren’t for two-secret key derivation, I might have gotten away with it,” mutters Oscar. He probably shouldn’t have bothered stealing the data in the first place. Without the Secret Keys, it’s useless to him.
If Oscar had read this document, he would’ve known that he can’t learn or guess your account password or Secret Key from data held or sent to 1Password.
3.2 Secret Key
Your account passwordSomething you must remember and type when unlocking 1Password. It’s never transmitted from your devices. Previously known as Master Password. is one of the secrets used in 2SKDTwo different secrets, each with their own security properties, are used in deriving encryption and authentication keys. In 1Password, these are your account password (something you know) and your Secret Key (a high-entropy secret you have on your device)., and your Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key. is the other. Your Secret Key is generated on your computer when you first sign up, and is made up of a non-secret version setting, (“A3”), your non-secret Account ID, and a sequence of 26 randomly chosen characters. An example might be A3-ASWWYB-798JRYLJVD4-23DC2-86TVM-H43EB. This is uncrackable, but unlike your account password, isn’t something you’re expected to memorize or even type on a keyboard regularly.
Figure 3.3: Your Secret Key is a high-entropy secret you have on your devices.
The hyphens are not part of the actual Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key. but used to improve readability. The version information is neither random nor secret. The Account ID is random, but not secret, and the remainder is both random and secret. In talking about the security properties of the Secret Key, we’ll be talking only about the secret and random portion. At other times we may refer to the whole thing, including the non-secret parts.
There are slightly more than 2128 possible Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key.4 likely, thus placing them well outside the range of any sort of guessing. But while the Secret Key is unguessable, it’s not the kind of thing that can be committed to human memory. Instead of being stored in your head, your Secret Key will be stored on your device by your 1Password client.
3.3 Emergency Kit
AgileBits has no ability to decrypt your or your team’s data, nor do we have the ability to recover or reset passwords. The ability to recover or reset the account passwordSomething you must remember and type when unlocking 1Password. It’s never transmitted from your devices. Previously known as Master Password. or Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key. would give us (or an attacker who gets into our system) the ability to reset a password to something known to us or the attacker. We therefore deny ourselves this capability.
This means you must not forget or lose the secrets you need to access and decrypt your data. This is the reason we very strongly encourage you to save, print, and secure your Emergency KitContains your Secret Key, account password, and details about your account. Your Emergency Kit should be printed and stored in a secure place, and used if you forget your account password or lose your Secret Key. when you first create your account. Story 2 illustrates how it might be used.
It’s been lonely in this safety deposit box all these months. All I have for company is a Last Will, which does not make for the most cheerful of companions. But I’ve been entrusted with some of Alice’s most important secrets. It’s little wonder she keeps me out of sight where I can’t reveal them to anyone.
It was a crisp February day that winter before last when Alice first clicked “Save Emergency Kit.” She probably thought that she would never need me, but she dutifully (and wisely) printed me out and wrote her account password on me. I already contained her Secret Key along with some non-secret details. She securely deleted any copy of me from her computer and promptly took me to her bank, where I got locked away in this box. Perhaps never to be looked at again.
But today is different. Today I’m the genie released from long imprisonment. Today I’ll do magic for my master, Alice. It seems she had a catastrophic disk crash and her backups weren’t working as expected. She remembered her account password, but she needed to come to me for her Secret Key. With a fresh copy of 1Password on a new computer, Alice can present the QR code I bear to teach 1Password all the account details, including the Secret Key. All Alice will have to do is type in her account password.
What a day! Now I’m being returned to the bank vault. I hope Alice won’t have reason to call upon me again, but we both feel safe knowing I’m here for her.
Your Emergency KitContains your Secret Key, account password, and details about your account. Your Emergency Kit should be printed and stored in a secure place, and used if you forget your account password or lose your Secret Key. is a piece of paper (once you’ve printed it) that will contain your account details, including your Secret KeyA randomly generated user secret key that is created upon first signup. It’s created and stored locally. Along with the user’s account password, it’s required both for decrypting data and for authenticating to the server. The Secret Key prevents an attacker who has acquired remotely stored data from attempting to guess a user’s account password. Previously known as the Account Key.. Figure 3.4 shows an example. It also has space for you to write your account passwordSomething you must remember and type when unlocking 1Password. It’s never transmitted from your devices. Previously known as Master Password.. If you’re uncomfortable keeping both your Secret Key and account password on the same piece of paper, you may decide to store a written backup of your account password separately from your Emergency Kit.
Figure 3.4: 1Password Emergency Kit
It’s a challenge for us to find ways to encourage people to print and save their Emergency Kits. During the 1Password beta period we added a number of places in which we nudged people toward this. This includes making it clearer what should be done with the Emergency KitContains your Secret Key, account password, and details about your account. Your Emergency Kit should be printed and stored in a secure place, and used if you forget your account password or lose your Secret Key., as in Figure 3.5, and by incorporating it among a set of “quests” users are to encourage to complete after first starting to use 1Password.
Figure 3.5: We encourage users to save their Emergency Kits by a variety of means. One of those means is to make it visually clear what is expected.