Strict account security is 1Password’s greatest asset. Unfortunately, if you’re careless, you may find yourself permanently locked out of your 1Password account. That’s why 1Password is now offering recovery codes that, when used properly, can aid in account recovery.
Each time you open the 1Password app, you’re asked to enter the Master Password that you created when setting up your account. But if you get a new phone or computer and try to log into 1Password, it won’t ask for your Master Password. Instead, it’ll request the Secret Key that was generated when you first joined the password management service.
The Secret Key is required when setting up the 1Password app on a new device. It’s a highly effective verification tool that prevents people from accessing your account (even if they’ve figured out your Master Password). There’s just one problem. If you lose the secret key and aren’t logged into 1Password on any of your devices, you’ll be permanently locked out of your account.
In an effort to make account recovery less of a crapshoot, 1Password is introducing recovery codes. The idea is simple—you’ll generate a recovery code today in case of a future lockout.
To generate a recovery code, open the 1Password desktop app and click “Manage Accounts” in the left sidebar. Select your account and click “Sign-in & Recovery.” You’ll see the option to “Set up recovery code.” From here, the 1Password app will guide you with instructions. (In any case, 1Password suggests treating your recovery code like the Emergency Kit that’s provided at signup.)
Naturally, the recovery code is considered a last resort. If you use a recovery code to get back into your account, you’ll receive a new Secret Key and will need to log back into your 1Password account on all of your devices. Note that recovery codes are reusable and remain valid after account recovery is complete. Also, Family Organizers and team administrators can still perform account recovery for other members on their Family plan. So, you don’t need to tell everyone on your plan to set up a recovery code, although it certainly doesn’t hurt to do so.
This is an optional, proactive account recovery system. You cannot generate an account recovery code without logging into your account, so if you’re already locked out, you’re screwed.
Source: 1Password