Skip to main content
December 14, 2025
Question

Feature request: encrypted 1pex

  • December 14, 2025
  • 3 replies
  • 106 views

Hi,

I would like to have an option to export my 1Password data in an encrypted 1pex file, like I did with Dashlane.

3 replies

Tom
December 14, 2025

Why wouldn't you leverage https://support.1password.com/1pux-format/ and choose your own encryption/obfuscation/whatever so it wouldn't even matter which tool you use in any potential future? Just for inspiration https://github.com/UtrechtUniversity/privacy-engineering-tools/blob/main/secure-computing/encryption-tools.md lists a lot of potential candidates? And you wouldn't have any vendor or future app upgrade lock-in issue?

gusifangAuthor
December 14, 2025

Thanks for your reply. That's what I'm currently doing as a fallback (with Kleopatra). But I find it inferior to Dashlane's encrypted export, because:

  • the unencrypted file is temporarily stored, and thus vulnerable to being involontarily copied somewhere it shouldn't be or PC theft,
  • although I can use a safe delete tool, it adds an additional step and it's not very effective on a SSD anyway.
December 14, 2025

You may wish to consider creating a mountable virtual encrypted disk (e.g., see here for macOS), and export the 1Password 1PUX or CSV backup file directly onto that disk.

In this way, there is no temporary unencrypted version of the backup that needs to be wiped.

Tom
December 14, 2025

Great suggestion, solid advice and solution!

1P_Dave
1Password Employee
December 23, 2025

Hello @gusifang! 👋

Welcome to 1Password! If you're using a 1Password account then there is no need to backup your vault since your data is already backed up to your 1Password account in the cloud. If you accidentally delete an item you can always restore it from your 1Password account on 1Password.com: View and restore previous versions of items

Your encrypted data is replicated to redundant copies on our end to guard against any data loss.

Is there a particular reason you’d like to export your items? When you export items, a copy of that data exists outside of 1Password’s protected environment. While your account will still have access to security features like device alerts, two-factor authentication, and more, those protections won’t apply to the exported file.

-Dave

Tom
December 23, 2025

Apologies for hijacking your reply @1P_Dave but redundancy is no protection against data corruption. So relying on any sort of export is highly beneficial. As both @gusifang and @Pleonasm indicate there is a need for thorough security.

Kudo's on AgileBits/1Password though for allowing unrestricted export but I think @gusifang meant it the right way that if some unbeware use is exporting unencrypted data, it might leave residue on the storage media. Independent of whatever you are exporting, that should be a no-go (hence encrypted tmpfs or compatible would be ideal). So it's very good that 1Password doesn't lock users in when exporting data in some proprietary format, but I'd suggest refraining from stating that the cloud-based solution solves everything :)

There are benefits to keeping it inside 1password and I do believe we all understand the pro's (far outweighing the cons) for watchtower, change history and whatnot. There is a proper security sense in having a (self-decided encryption mechanism) to at least store a point in time copy of one's data 'somewhere else'. It would be a lot of eggs in the same basket if someone drops that basket. I doubt I need to insert examples here, we all know them by heart.

It might be worth a blog to have a nice 'how-to' on your support website?