Storing credentials and confidential data in a secure location is important, and I have been happy with 1Password for years.
But having all this critical information stored in a single location is dangerous; losing access to my 1Password account would be quite annoying, forcing me to reinitialize passwords on dozens of websites and making me lose a lot of information.
Fortunately it is possible to export all data from 1Password. It does not seem to be doable directly from their web interface, but their command-line tool supports it.
You will need first to connect your account. For example for a personal account:
op account add --address my.1password.com --email YOUR_EMAIL_ADDRESS
Note that you will not stay signed-in, and will have to re-enter your password
later using: eval $(op signin).
There is no command to directly export all entries, but it can be done with a small script. If you are not familiar with GPG, feel free to refer to my GnuPG introduction.
#!/bin/sh
set -eu
set -o pipefail
# Configuration
gpg_key_id="YOUR_GPG_KEY_ID"
# Command line
if [ $# -lt 1 ]; then
echo "usage: $0 <output-file>" >&2
exit 1
fi
output_file=$1
# Keep permissions tight
umask 177
# Sign in to the 1Password account
eval $(op signin)
# Create a temporary file to store the list of item ids (this list does not
# contain any confidential data).
item_file=$(mktemp)
trap "rm -f $item_file" EXIT
# Export a list containing the identifier and vault identifier of each item
op --format json item list | jq -r '.[] | .id + " " + .vault.id' >$item_file
# Export all items, encrypt all data and store them in the output file
while read item_id vault_id; do
op --format json item get $item_id --vault $vault_id
done < $item_file | gpg --encrypt --sign --recipient $gpg_key_id >|$output
The resulting file can then be stored anywhere, without any specific protection since it is encrypted.