Master Password & Key Rotation

I’ve changed master password before, but I’m curious about key rotation, given the warning to have all users within the Collections be logged out – otherwise the entire database could become corrupted.

Do the other users need to simply Quit the apps, or actively log-out of the apps ?
I’m curious if there’s any difference between the 2 states, as it relates to rotating key encryption.

They need to LOGOUT completely. Why? Because the logged in sessions are using the current/old encryption key. If you change the encryption key in the vault the still open sessions will be using a no longer valid encryption key and the vault can become hopelessly contaminated. Making the change is easy but you MUST logout of any sessions open before the change. Be warned!

1 Like

Yup, that seems legit - my question is more about whether quitting an app is the same as logout ? The iOS versions have specific options to logout, but I’m assuming that quitting the apps is the same result. Meaning, the main thing to avoid here is to have one app actively logged in while this encryption key is rotated.

Does that sound right ?

Since “Murphy” has a tendency to follow me around, LOL, I would never chance an app only quit/signoff. It only takes a few seconds to be absolutely confident that a particular app won’t burn you. I know this doesn’t specifically answer your technical question, but my goal is to make sure you are SAFE and won’t lose your vault. As a sidenote; it would always be prudent to backup your vault by exporting it to a secure location before the key swap! I and others have a thread running in here about how one might export a data file AND have it secure and not plain text.