@kasp 说出你的故事来

合影留恋

THX

the old Master Password will still be accepted until the new one is entered

@lingaoyi 是的，知道你的 old master passwd 就可以看到所有的数据
大前提：本地 ios 没有输入过修改后的 master passwd ，输入完之后就 old master passwd 就失效了

@eddiechen 你看看

Your data is encrypted with a randomly chosen encryption key when you first set up your 1Password data for the first time - this is your "master key". Your master key is what gets encrypted with your Master Password. When you change your Master Password, you are changing how the master key is encrypted. You are not actually changing the master key. There are good reasons for designing things this way. You will find that other high security systems, such as PGP, SSH, SSL certificates, and disk encryption systems all work the same way. A random key is generated when the user first sets things up, and then their passphrase is used to encrypt that key.

1Password does not use the sync format directly for its regular operations; instead it uses a local data format (encrypted SQLite database) that is optimized for quick searches and so on. 1Password does "import" and "export" changes to and from this local format to your agilekeychain, opvault, Cloud Keychain, or CloudKit database. The local and sync formats will use different parameters for encrypting the master key that are best suited for their different environments. So the encrypted key can't simply be moved from one to the other.

When you change your Master Password, it will make the change in your local SQLite database, and also in the sync format. It can do this only when your data is unlocked because it needs to re-encrypt your master key with the new Master Password. Roughly speaking, "being unlocked" means that 1Password has your decrypted master key in its memory. The sync format will then have its master key encrypted with the new Master Password. That will spread to other systems that you sync with via iCloud or Dropbox sync. In some rare cases, 1Password may not have "imported" the Master Password change from the sync format into the local format. So what we are seeing if the Master Password doesn't sync after you changed your Master Password on one device is that the local format is keeping the master key encrypted with the old Master Password on another device. 1Password is still able to read and write changes to the sync format because it is able to decrypt the master key (from the local format), even though it isn't able to decrypt the master key in the sync format.

So, since your new Master Password did not sync automatically, simply changing your master password manually on all devices to match should fix the issue.

The fact is we don't encrypt your data using your Master Password. Counterintuitive I know but instead what we do is we create a bunch of very long keys. We use each key to encrypt some of your data and their length is partly where the strength behind the system is. Of course we still need a way for you to access your data so what happens is these encryption keys are kept in a small file and we encrypt that file with your Master Password.

So when you type in your Master Password you're actually just unlocking one small file and then we use the contents to retrieve your actual data.

We do have a bug though that if you have a sync in place that a Master Password change isn't being pick up by all devices and that the old Master Password can continue to work. The reason that is possible is because again, the very long encryption keys don't change when you change the Master Password. So if a device for whatever reason doesn't think the encryption key file has changed it will continue to use the locally stored copy of that file which of course, because the keys inside don't change, will still work.

update ：
手机修改 master passwd mac 可以马上生效
只要你在 iphone 不输入新的密码 你都是可以用旧密码登入 然后同步数据的
不明白为什么？
现在 master passwd 都不一样了 为什么我还能新增数据？而且还能同步的好好的
求打击啊！！！不想毁了信仰！！！告诉我 我只是个例！！！

1paaswd 什么区别？

接头处皮 在保可以换新？

ETTMXEPMPT3J 已用，谢谢

@aliuwr 你解决了吗？同样的问题

接力 401
https://console.hyper.sh/register/invite/wMwD3GYkybixry48QG09tdmA5AYNb5uq

继续接力 https://console.hyper.sh/register/invite/wMwD3GYkybixry48QG09tdmA5AYNb5uq

来当分母。