It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Forum Discussion
Regenerate Secret Key - Did Not Create Emergency Kit - Offline Mode
On a Windows 11 PC, I started to regenerate a secret key. I pressed the regenerate key and I expected to see a web page to create the emergency kit for printing and then safe storage. After pressing ...
Wondering if you ever got resolution to this issue. I just ran across a similar issue. Reset account using recovery key and was told I was given a new secret key but was never given a link or anything to my new emergency kit. Mobile account is offline (so no access to new credentials) and Windows PC web browser account is fully inaccessible without the secret key, which, again, I have no way of accessing. The chat bot was useless, awaiting email in reply to my support ticket. It's really problematic that a 1Password user can so easily get themselves locked out like this, with no warning and no obvious way to recover their sensitive data.
I had the same issue regenerating my secret key. This should never happen. I think there is some set of conditions in which regeneration does not provide a link or a new emergency kit. I suspect that 1Password does not spend much effort checking that regeneration works since it is fortunately rarely needed.
The 1Password documentation on recovering an account without your secret key is useless. The good news is that once you figure out how to fix it, the fix is relatively simple. The good news is you can use your account with a new secret key in an off-line mode. The easiest thing to do is create a new 1Password account. Using the inaccessible, old account in off-line mode, you can copy or move ALL of your exisiting passwords, documents, etc., to the new account (which has a newly created secret key).
When finished, delete or ignore the old account. Use the new account with the copied/moved data.
Despite the hassles, I am still a 1Password fan. I wish they had a human to contact at 1Password in this situation. They need to fix the documentation.
The secret key is the biggest differentiator between 1Password and its competitors. It increases account security vs the competition.
Best wishes.
Thanks so much for the reply. It's vastly more helpful than the copy/pasted text I received via email from "Luke H" at 1Password customer service.
I'm very hesitant to do anything else with my account without knowing the consequences, since I'm still logged in on my mobile app in offline mode, so have access to my info there and don't want to lose that before I transfer over my data to the new account. The process you're describing makes sense though. Should it be fairly obvious as to how to do what you're describing? Would I migrate my info from the old account to the new one, or is that something I'd do from the new account? Can I use the same email address for my new account? Guessing not since an account already exists under that address...?
I do not work for 1Password so my advice is based upon what I experienced.
Create a new trial account using another email address. It is easy and free.
Connect the new account to your mobile app. You can have access to multiple accounts on your mobile app or 1Password PC app. Each account is separate with unique secret keys and email addresses. This is common perhaps a personal and business account OR different accounts that are used by various family members.
Once the new account is attached to the app, open both the offline and new trial account. From the old account in off-line mode, copy the logins from your old account to your new trial account. With the Windows app you can select all of your logins using CTRL-A and then right-click to see the copy/move command. You tell the app you want to copy the logons from the old account to the new account. Two seconds later your old logins are in an account that has a secret key that you know.
When you have confirmed the logins are on the new account you can abandon the account that has the lost secret key. You don't have the secret key nor does anyone else so it is secure.
None of this is difficult if 1Password would document the process.
- 1P_Dave
Moderator
I'm sorry that you ran into an issue when regenerating your Secret Key, can you tell me a little more about how you regenerated your Secret Key? You should see the following after the new Secret Key is created:
From this modal, you have the opportunity to directly copy your Secret Key (which I've blurred in my screenshot) or download a PDF version of the Emergency Kit with the new Secret Key.
Did you not see this modal pop-up? Are you using an individual or family account? Or a 1Password Business account?
The 1Password documentation on recovering an account without your secret key is useless.
There are a few different options to recover your account if you've lost your Secret Key:
- Have your family organizer or administrator recover your account: Recover accounts for family or team members
- Use a recovery code: Generate and use recovery codes
I look forward to hearing from you.-Dave
I don't know the details about the experience CrownPrince had, but the process you describe with generating a new secret key wasn't my experience. I had a new secret key automatically generated by 1Password without my knowing that would happen, and was not given a new emergency kit or any way to access the new secret key. I had deactivated/logged out of (I think that was the term?) my account on my PC because I'd had some unrelated security concerns and from my mobile app had deactivated access to 1Password on the other devices it was logged in on. Then when I went to log in again on my PC, it wouldn't let me without using the secret key. When I put in the secret key I entered this loop where it said "you're logged out and need to log in using the secret key," which I did and would get the same error message. So I used the recovery code, feeling a bit desperate and confused and not sure what would happen but needing to try something. That's when it went wrong -- rather than getting me into my account, the recovery code caused my account to be locked and the only way to get back in is using the new, unknown to me, secret code, which I have no way of accessing because it wasn't given to me. I'm still logged in to 1Password on my mobile app, but in offline mode, so I can access all my passwords but not the new secret key since apparently once the recovery code was used it took my mobile app offline until I enter the new (unknown) secret key. I agree with CrownPrince -- this is a completely unacceptable situation that's too easy for your paying customers to get themselves into. I don't know if these messages (and the email conversation I have going on simultaneously with "Luke H") are with real people or bots, but definitely would be nice to have a real person help out with this and make some changes to the system so this can't happen to people anymore.
