Recover 1password Master Password With Secret Key

2 views

Skip to first unread message

Ogier Dudley

unread,

Aug 4, 2024, 2:23:58 PM8/4/24

to perpercskerec

Idon't know if this is the right place for this but the device where I installed the app was stolen. I'm trying to set it up on a new device but the problem is the secret key. I know the email I used and the master password but not the secret key.

Sorry to hear about your device. Was that the only device where you were using 1Password? If you have the 1Password app installed on another device (Mac, PC, or mobile device), you will be able to see the Secret Key in there:

Do you have your email account setup on another device at least, where you can receive emails? If you do, you could recover your email account password, so you could access your Emergency Kit after resetting your password there.

If this is an individual membership it sounds as though the only chance of recovery here would be to contact the cloud provider where you stored your Emergency Kit to see if they can help you recover access to that account. Without your Secret Key, it would not be possible to access your 1Password data.

Absolutely. If you are billed directly by us, our billing team can help with that via email. Please use and select "I have a question about billing" to get in touch with them. If you are billed by a 3rd party (Google, Apple) you can cancel with them:

Marky,

You might benefit from this advice >>>>>I use an app called color note, you can lock your notes with a password & ColorNote automatically syncs notes once a day, and also you can manually sync your notes. Your notes are encrypted with the AES standard before being uploaded to the cloud storage. AES is the encryption standard that banks use to secure customer data.

Marky just a suggestion>>>>>>>>>>>>> but buy a spare mobile device you can get them for 50 bucks or so, and put your 1password info on that in case you ever lose your main device, or it gets stolen. That way you can get back in & have your secret key password and all your important info.

Another great option is Mega storage, I also have my "stuff" there it's great Mega storage attracts customers due to its approach to security. Mega uses end-to-end encryption. All files that are uploaded to MEGA's servers are encrypted on the side of the client,

Hope my advice is helpful.

I know getting locked out, or losing a device stinks, this is just my 2 cents worth to help, so you will always have access to "your stuff" and not get stuck with no way to access your important things again.

The problem in this case is that if 1Password itself is not accessible, such as in this case, using other cloud storage services would not help if the Secret Key is lost, and you have no way to access your passwords to login to them. However, this is a good suggestion:

If, as you say, you have your secondary device with your Secret Key and password that you can access in the 1Password app, what would be the benefit for the original poster to use ColorNote on that device?

@kram5819 I can see how this is convenient, but it bypasses 1Password strongest feature: its security. Passwords stored in 1Password will be no more secure than if they had been stored in ColorNote. You are in effect trusting the security of all your passwords to ColorNote.

How are ColorNotes' encryption keys controlled? Are they derived from a password that only you know and which stays local on your device? If so, how strong is that password, how is it stored and how do you access it when unable to access 1Password?

Installing 1Password apps on an additional device avoids creating backdoors in 1Password's security and avoids the risk of being locked out of ColorNote because its password is stored in 1Password.

If I understood the OP they had only 1 device, and it was lost/stolen soooooooo gone was all their info. To avoid that, I recommend having at least 2 sources to have all your info available to you so you can get back in.

In my case, I have 3, I have a laptop with 1passwod (Chromebook) and also my android smartphone. I also have color note as my 3rd place to get my 1password info, so I can avoid being locked out because I lost my device.

For example>>>> let's say it's my mobile device that's missing, I also have color note on my laptop, so I can get into my laptop get into my color note copy and paste my secret key and password and log back into 1password.

If you sign up for online backup service, your notes will be backed up to the cloud storage. Then you can get access to your notes from other mobile devices. Therefore, you can easily transfer your notes to a new device when changing devices. Even when you lose a device, you can restore the notes backed up to the cloud storage.

ColorNote automatically syncs notes once a day, and also you can manually sync your notes. Your notes will be encrypted with the AES standard before being uploaded to the cloud storage. AES is the encryption standard that banks use to secure customer data.

Again, this is just "another way" to be sure you don't get locked out. IF you have only 1 device say a mobile phone & you lose it, gone is all your login information this is why at the VERY LEAST, I recommend having a "spare" mobile device that has 1password on it so if you lose one device, you STILL have the other as a way to get back in should you lose your one and only device with all your information on it.

For me and my peace of mind as mentioned I have 3 and am very good at being sure 2 fa is on and I don't get locked out. Things happen & I try to plan on that so getting "locked out:" will be less likely to happen.

that .csv file has ALL my passwords, safe notes & other information that is stored in my Mega account BUT as I mentioned I encrypt it so even IF someone got past my 30 character master password then got into my mega account they would then need to get past my authy 2fa that I have set up.

BUT IF they managed all that and got in, the .csv file that has all my passwords and information would be useless as it is encrypted. So all my stuff would look like the gibberish below >> the crook would have "nothing but gibberish."

@kram5819 I understand the need and I have backups of my 1Password credentials, I just wouldn't trust something like ColorNote because the security model is undocumented and certain to be weaker than 1Password.

I would use a dedicated password manager that saves your passwords in a local database like Keepass. The database can be sync'd across your devices using a service like mega, so that it is double encrypted when in transit and when stored in the cloud. You can also use it to import your monthly CSV backups.

RootZero,

We all have different ways of doing things, I get that, yup. I am glad we can all be helpful on the forum & I respect your opinion. To add, Color note is very secure and , ColorNotes security model is documented and certain and not weak. They have been around a long time.

"If I understood the OP they had only 1 device, and it was lost/stolen soooooooo gone was all their info. To avoid that, I recommend having at least 2 sources to have all your info available to you so you can get back in."

1 of those sources can be the emergency kit like 1Password recommends, and avoid screwing around compromising security with another cloud app, which itself needs a method to avoid being locked out so you're either at risk of losing THAT password, or need a 3rd app to store it, and a 4th app to store the 3rd app's password, and a 5th app to store the 4th's...

If you forget your Master Password, there is very little that can be done, as it is only known by you and we have no ability to reset or retrieve it. You can take a look at -master-password to see if any of that helps you. But if it doesn't, you would need to delete your account and start over.

As for billing and such, we can't help you with that here as this is a public forum. Shoot us an email at sup...@1password.com and come back here and tell us the Support ID you are given so that we can locate your request.

Thanks Corey. I really feel like an idiot here but I followed your link to delete my account and start over and the instructions under Reset 1Password start with opening 1Password and choose 1Password menu>Exit.

@KAL - I'm not sure I'm following you; where does it say "1Password > Exit?" I know of no such command. Can you provide a link or a more-detailed description of what step specifically you're getting stuck on? Thanks, and sorry for the confusion.

@KAL - ah, you're using 1Password for Windows -- that wasn't clear from your original post; you didn't include any of that information. If you're able to open 1Password 7 for Windows, you will see the 1Password menu in the top left of the main window, like this:

Does that help?

Sorry for the confusion but I don't know what I'm using. When I try to open it on my android device all I get is a login screen that I can't get past cause I don't have the MP. So I tried it on my computer instead and I am not seeing the screen that you mentioned above. How do I get there?

@KAL - if you wrote in, you should've received an automated reply from our BitBot assistant which should've contained a Support ID number. Please post that number here so we can help track down your email and "connect the dots." Thanks.

I took the basic security advice: use a password manager and then have it create different passwords for each site. I chose the 1Password password manager and after installing it, upgraded to a subscription so I could access my passwords across multiple devices.

I typed it in a few times. Slowly. Then with cut and paste. Nothing registered. It had been working smoothly with my iPhone's Face ID to unlock access to my passwords, but that stopped working after a phone reboot. And I realized suddenly that the master password being asked for wasn't the same as the password I had been using previously, before I added the subscription. Bewildering? Yes. My fault? Absolutely. Can I explain how I entered this fugue state of password confusion? Not at all.