Forum Discussion

ivolvo's avatar
ivolvo
New Contributor
3 months ago

How does the recovery of a private vault in the Family account work

I’m trying to wrap my head around how private vault recovery works when someone forgets their Master Password. From what I understand, the Master Password plus the Secret Key are used to lock and unl...
discussion
family
vault management
1P_Dave's avatar
1P_Dave
Icon for Moderator rankModerator
2 months ago

Hello ivolvo​! 👋

I'm sorry for the delayed reply! We explain the recovery process in detail in our security white paper in section 12: Restoring a user’s access to a vault. You can find that section on page 35 here.

Let me know if you have any questions after giving that a read. 

-Dave

ivolvo's avatar
ivolvo
New Contributor
2 months ago

Dave,

It was quite refreshing to read such a well-written document, which clearly explains security design goals and means to achieve them. It instills higher confidence when you understand what to do and how to make it more secure from my personal point of view.

I believe I have a pretty good understanding of the recovery process. I understand the underlying risks associated with the recovery, and they seem reasonable. 

Tell me if my statements are correct:

  • The server maintains the vault key in question encrypted with the recovery group public key. As such, the server could do nothing with it
  • The owner of the recovery group's public key can recover the vault key, but they have no access to the vault content and can’t take advantage of it. Besides, they would get this key only if there is the owner’s request to do so
  • (Not sure) After the recovery, the vault content will be reincrypted with a new key, so the possession of the old one is useless after that.
  • New Account password and Master Key will be used after recovery, so effectively the encrypted vault content is fresh and is free of the previous hacking attempts, if they took place

Now, what I don’t quite understand (I use the same names as in the documentation example: Bob, Carol, server)

  • (Major, Line 3-4 of the recovery process) How could the owner send a request after they lost a password? Is there a section that I missed that explains this part?
    Carol could ask for the recovery outside the system, but how is it done within? The documentation also states that Carol starts by creating a new vault. How could she do it? Is their password replaced through the “Forget password” mechanism? That’s not clear
  • (Minor, Line 8 of the recovery process) Why does the server need to send Carol her public key just generated during the recovery process? I think it was meant to be: Bob who receives Carol’s new public key in order to create her wrapped vault key, right?
  • Within the system, all interactions happen between Bob/Server and Server/Carrol, never directly between Bob and Carrol

Thanks!

  • 1P_Dave's avatar
    1P_Dave
    Icon for Moderator rankModerator
    2 months ago

    ivolvo​ 

    Thanks for the reply. I'm glad that you found the white paper helpful. As the white paper says: "When a vault is created, a copy of the vault key is encrypted with the public key of the recovery group. The members of the can decrypt the private key of the recovery group." Even if our servers were compromised, the vault keys are still encrypted: "Most importantly, at no time
    was the server capable of decrypting anyone’s data or keys."

    • (Not sure) After the recovery, the vault content will be reincrypted with a new key, so the possession of the old one is useless after that.

    The vault content itself isn't re-encrypted. Instead the recovered user's personal key set will be re-created: "And from her new Secret Key and potentially new account password, her client will generate a new with which it will encrypt her new personal key set." The recovered user's new public key is used to re-encrypt the vault key that is sent to them by the member of the recovery group who is performing the recovery. 

    I'll answer your specific questions below based on our white paper: 

    • (Major, Line 3-4 of the recovery process) How could the owner send a request after they lost a password? Is there a section that I missed that explains this part?
      Carol could ask for the recovery outside the system, but how is it done within? The documentation also states that Carol starts by creating a new vault. How could she do it? Is their password replaced through the “Forget password” mechanism? That’s not clear

    If someone loses access to their 1Password account then they'll need to reach out to a member of the recovery group. Usually in organizations this is done by creating an IT ticket or sending an email to the appropriate person. The recovery group member would then initiate recovery from their end and the person being recovered receives an email with instructions on how to begin the process. 

    You can find our support article on what this process looks like here: Recover accounts for family or team members

    The references to vault creation on page 36 are just part of a general description of how someone might use 1Password. It's not something that someone would do as part of the recovery process. 

    • (Minor, Line 8 of the recovery process) Why does the server need to send Carol her public key just generated during the recovery process? I think it was meant to be: Bob who receives Carol’s new public key in order to create her wrapped vault key, right?

    I'm sorry that this line isn't as clear as it should be. You're correct, it refers to the server sending Bob, the member of the recovery group, the public key of the person being recovered. Bob then decrypts the vault key using the recovery group's private key and re-encrypts it using Carol's public key. Then this new re-wrapped key is sent to Carol. 

    • Within the system, all interactions happen between Bob/Server and Server/Carrol, never directly between Bob and Carrol

    That's correct, recovery traffic is mediated by the 1Password server. 

    Let me know if you have any other questions. 

    -Dave

    • ivolvo's avatar
      ivolvo
      New Contributor
      2 months ago

      Thanks, the picture is mostly clear. Still a few questions left, mostly about what kind of interactions take place during recovery. My understanding is (using roles/names from the White Paper):
      1. When Carol realizes that she lost a password, she reaches Bopb outside the 1Password application (she can't log into it anymore)
      2. Bob initiates the recovery process that is fundamentally similar to "Forgot password" on a regular site. The email sent effectively allows Carol to log on to the 1Password server and create a new password, generate a Secret Key, and RSA keys.
      3. After this is done, Bob initiates reencryption of the vault key with Carol's new public key that would allow her to obtain access to her vault.
      4. Carol reencrypts all the keys and stores them in the server, and the loss is fully recovered  without any changes to the wrapped vault 

      If all this is correct, I think I have only one question left: since the server never comes into possession of the vault encryption key, Bob must have it at some point and potentially should be capable of decrypting the vault content if it has its wrapped content. I realize that he should never be able to obtain it, but is it a potential vulnerability? BTW, that's the reason that I thought Carol's vault could be reencrypted with the new symmetric key, such that old keys don't work anymore

      Thanks,  Ilya