1Password 8.0

I could deal with using the 1PW servers instead of DropBox…but the latter let’s me backup my DB folder which contains a full encrypted copy of the vault. 1PW servers do not allow this and v8 has no backup and restore capability.

Of course I have TM…and presumably it backs up whatever database the local cached copy of the vault is in…unless the fact that the file is open deters TM from getting it. But there is no way any non technical user or most technical but not database guru users can easily backup and restore their own copy of their vault to a location of their choice. Leaving backup of the most important data solely to some black box in the cloud is foolhardy…snd @PW the company doesn’t care about that or bother to include that option in the v8 app…they simply say ‘trust us’ which is nuts.

They also claim that their super duper Secret Key…which is just a second password when you get down to it…is so much more secure than the Master Password nd your Dropbox password…which simply isn’t true. Assuming one uses sufficiently complex and (mostly) long passwords for both then either option is plenty secure…and the difference between a trillion centuries ans 2 trillion is simply meaningless.

I don’t like the Electron app…and don’t like the ‘their server only’ option… ut I could live with that. I already have a subscription but my main vault is on DB and the subscription is just one part of my backup scheme, not the main vault…so I can live with that too. Depending solely on some undefined backup scheme on their end with no bootstrap ability to have my own as well is a bridge too far…and their export an unencrypted file is not a backup and can’t be restored anyway.

I’m not willing to give my data solely to 1PW…obviously some cloud service is needed for sync but that should be under the users control…and their marketing BS doesn’t change that.

3 Likes

An unencrypted copy is not a backup…and you can’t restore it as the master copy if necessary. Their backup scheme might be just fine…in fact it almost surely is…but I’m pretty sure it isn’t any better than my personal scheme…and they provide zero info to users on what they do…which doesn’t engender a lot of trust on my end. The script access might work… ut if it just exports 5he same unencrypted file it is still useless…and the vast majority of people have no experience with either scripting or CLI interface.

I guess you mean automatic backup? Since there is a manual way of making backup according to other people in this thread.

Incorrect. There is an export function that makes an unencrypted copy of the data for transfer to another program…with no facility to authoritatively restore that data if necessary. There is no easily accessible to the user way to backup the local cached copy of the vault or to to restore your data. Unencrypted export files…are not a backup In V7, you can export a full, encrypted, and zipped copy of the vault which can be unzipped and used as the master copy if it becomes necessary…that is a backup.

TM…probably but nobody knows…will backup the whatever database is used files… ut where they are and how they can be restored is not something 99% of users can accomplish. Trusting 1PW servers as the only backup makes about as much sense as saying ‘I have BackBlaze so no other backup including TM or clones or whatever is necessary’.

Any competent sysadmin or user should realize that a cloud only backup system to something you have no control over is ridiculous.

3 Likes

Apparently, you can’t export documents stored in your vault, so it’s not a perfect solution. That said, if you’re currently using 1PW 7 and storing your vaults on AgileBits’ servers, you’ll be no worse off with 1PW 8 in this respect.

I think what some find annoying is AgileBits’ response to the inability to make a proper backup. The company’s claim is you’ll have a local copy of your data on every device you use, so that’s effectively a backup. Of course, anyone who uses IMAP for their email knows this is not a backup. If you accidentally delete an item in one place, it gets deleted everywhere. AgileBits never addresses this objection when people bring it up.

3 Likes

I spent some time looking through the 1Password Mac forum this morning to see how the new version has been received. Here’s a list of some of the complaints. I haven’t actually tried 1PW 8 yet, so I haven’t verified the accuracy of each item:

  • no easy way to make a backup – export gets you close but it’s not perfect
  • no “never suggest in browser” — with 1PW 7, you could hide rarely used items. 1PW 8 shows every matching entry.
  • no integration with 3rd party software like LaunchBar
  • can’t disable autosubmit – if you autofill the login info, it’s also submitted. This behavior causes a problem with pages with captchas, for example.
  • search behavior changed – the way you looked for items before may no longer work. For example, one user used to search for “vpn” to bring up the entry for “openvpn”. That no longer works in 1PW 8.
  • quick search is a poor replacement for mini — for example, you can’t fill CC or name info using quick search.
4 Likes

Fwiw, 1Password subscription vaults archive anything that you delete, so it’s pretty trivial to get them back, plus edited items keep a history, which you can restore if you’ve overwritten the wrong item, for example.

5 Likes

Wow, thanks for that. No 1PW8 in my future for a while.

Another annoyance with p8 I haven’t seen mentioned:

For some reason, the Chrome 1p extension uses a different keyboard shortcut than safari’s, so you have to remember what browser you are in at all times. The shortcut cannot be changed to cmd-\ in the chrome extension (!!!)

With 1p7, you could download a “classic” extension that has the correct shortcut. This is no longer an option with 1p8.

1 Like

Weird - I just used Chrome for the first time since installing version 8 and Cmd-\ remains the hot key to fill the password field. (I did remove the existing 1p extension and then added in the one pointed to by the app.)

After 3 horrible days using 1Password version 8, I was able to find version 7 was still lurking in the Mac App Store, and I re-installed it.

I encountered several problems with version 8. It didn’t just become inconvenient to use 1P, it crippled my productivity. It kept making itself the active app while I was editing documents. Like, several times a minute!

I’ll stick with Version 7 for a few months. Maybe forever. They made far too many changes to the interface in a single upgrade. Using the product is very different from version 7.

Caveat Emptor

Please understand that your experience is not typical. I somewhat reluctantly began using 1Password 8 several months ago after a long history of 1Password use going back to the first version. There have been many negative comments about v8 on this forum, most about data backup and accessibility. However, I have found v8 seamless and easier to use than v7, as do members of my family. It may not be a ‘native’ Mac app, but it does work well for me. Try contacting Agilebits to sort out your glitches. They have helped me in the past. FWIW.

2 Likes

I tried working with them. sent several emails for different problems. Got a reply to one. The proposed fix didn’t work. No further response to that or other emails.

Fine if it works for some people, but others should know that the downside is crippling if you run into the problems I’ve encountered. I running latest MacOS.

1 Like

I sorta agree…tested out v8 twice and it works. I personally prefer v7’s working methodology better but that could be because it’s different and I would obviously adapt over time if I used it. The non native app is a minor annoyance and most people that don’t like v8 have that one down on their list of dislikes…and again most people can live with it if they have to. Forced subscription (due to the influence the VCs have on the decisions of management no matter how much lipstick management tries to put on the pig) and dropping of DropBox or local storage (because it’s too hard to make v8 work with outside storage cloud vendors, again due to money) are much higher on the list of no go’s…but the lack of any ability for the user to backup their own data and independently of 1PW the company restore that data just goes against the grain of every single security principle and every single backup principle pretty much ever. That last one will be the killer for most people that leave the platform IMO. If they fix the backup/restore problem then whether people stay with 1PW and v8 or shift to something like Enpass…which has all the same features that v7 has and v8 lacks…is a lot closer decision.

I realize that companies need to make money…and I also realize that the company owners got greedy and (a) sold part of the company to VCs no matter how they dress it up in management-speak, (b) shifted to a different business model including subscriptions and being aimed primarily at business users instead of individual users…because that’s where the money is. What I don’t like about the approach is that all of the management-speak BS is just lying to users.

People that aren’t using v8 have examined the totality of the issues and likely a lot of the things they’ve said on their site…and decided that the costs outweigh the benefits. Heck…I would consider going back to Password Wallet instead except that’s a 1 man shop and he has largely stopped supporting it with any new features, the sync is a pain, it lacks features users really require like having attachments to records, and the pain in the butt method of auto entering usernames and passwords along with him not being interested in providing browser plugins. My wife still uses it…I have a subscription that I use as one of the many backups in my family IT system…but I along with a lot of other people are not interested in v8 due to it’s issues.

A VC firm may now own 1PW, but that’s the way of the world. As I have said here before, I don’t mind paying a subscription for software that I use regularly and that needs regular updates. Having been a programmer constantly asked to update out of date software gratis, I will gladly pay for updates. Seldom used software, not so much. My $0.02.

2 Likes

Electron I could probably live with; haven’t bothered trying because see below.

Pay for upgrade preferred but I can reluctantly live with subscription.

No local vault under solely my control (and my responsibility) = no 1Password 8 for me.

1 Like

I’d already stopped using local vaults. 1Password was the last thing for which I still used Dropbox. Plus given that my password database is always on multiple devices I have no real concern about losing the data. That would require 1Password and all my devices to fail simultaneously.

I was reluctant to take out the subscription initially, but it has proven to be very useful now that my children are getting old enough to need to manage passwords.

I use Visual Studio Code, which I believe also uses Electron, and it runs for weeks at a time without any issues. So I don’t have any particular concerns about 1Password using Electron.

At this point the only change in v8 that is a problem is the behaviour of the search. But plenty of people are asking them to re-instate the previous behaviour as an option.

2 Likes

Actually…if one of them becomes corrupted it can easily be just about instantly synced and corrupt all the other devices as well…His is why being able to save an encrypted copy of your data elsewhere that can be restored is critically important. Sync means you really only have a single copy.

4 Likes

I just upgraded (?) one of my Macs to 1Password 8. The experience has been horrible.

Anybody else out there having trouble?

Their support responses historically have been good. Not so much at the moment.

Are things horrible only on the one you “upgraded”? Did the “upgrade” make things worse on your other Macs that shared vaults?