1Password 8 Loss of Capabilities

So…with the latest “improvements” to 1Password with the upcoming version 8 we will no longer be allowed to have local storage vaults or vault backups…and having downloaded the app, connected it to my subscription account, then exited the app, disabled wifi on my laptop, and relaunched the app and the subscription account data is still available so obviously there’s some sort of local storage but apparently no way to access it for backup or import purposes. They’ve also disabled all ability for DropBox sync for vaults and claim that DropBox does’t provide sufficient security for their needs or sufficient synchronization capability…which seems like marketing speak for we want to get rid of individual licenses and force a subscription model for revenue purposes. An encrypted blob that comprises the vault has been getting synced properly via DropBox for years.

An they’ve abandoned a native macOS app…which I could live with but IMO a local storage vault that I can backup is a superior solution…their mileage may vary but it isn’t their vault. I’m also ok with them wanting to make more money…but absent some improvement in the local vault option I may have to look elsewhere. I could live with the non native app if I had to…but no local storage or backup of vaults is likely to be a non starter.

The question though…is what else is there to select from?

I want iOS, iPadOS, and macOS cross platform sync, auto fill in for web site passwords, no internet connectivity required ability to open and modify the vault, and local (DropBox or iCloud or whatever) storage and local storage backup options for the vault. They claim that their Secret Key in addition to the Master Password makes things more secure…but again that’s marketing speak for the fact that they require 2 passwords to get in. Yes…they can’t access the vault on their server…but then they can’t access the one on DropBox currently so I don’t really see the Secret Key as providing much additional security.

Took a look at both LastPass and Dashlane…and neither seem to meet the bill for local storage and backup of vaults…and Dashlane has released a new Catalyst app for macOS so it is at least sort of native although not as well as a fully native macOS app.

I have a license for Password Wallet and it meets all those options…but the interface for getting things into your web browser is clunky at best and doesn’t use the browser plug in that makes things easier with 1PW, LastPass or Dashlane. In addition…it’s essentially a 1 man shop and while there isn’t anything wrong with a 1 man shop trusting your password manager to one seems riskier than it should be.

Are there other options anybody is aware of that I should be looking at? At this point…I’m likely to just continue using 1Password version 7 and it’s local vault storage until it breaks with some macOS update and will cancel my subscription so that’s a net loss of revenue to 1Password the company…and I’m sure that I’m not the only one dissatisfied with this. Seems like since their recent infusion of venture capitalist money they’re abandoning to a large extent individual users and trying to transition to a business offering and subscription only revenue model…and I really don’t like that at all. Nothing I can do about it though…and I understand from a company standpoint why they would do this…but it doesn’t mean I have to like it.

Anyway…thoughts/recommendations?

PasswordWallet has been been my go-to since it was first released, which was in the year 2000. So I wouldn’t worry too much about longevity. Personally, I prefer its simple, universal, non-plugin approach, All that fancy stuff breaks eventually.

Internally at dayj0b in Germany we have BitWarden which seems ok but I only use it for internal passwords and shared social media accounts. It does feel clunky but I am more confident in its security than some of the other contenders out there.

Like Neil I will not be upgrading to the standalone 1Pass v8 if I loose local/Dropbox vaults - I tried the subscription service and it was a horrid nasty nightmare, although I am sure they have made it more pleasant since but why take the risk. Aside from the security & backup concerns.

Yeah…I used it from when it was released until I shifted to 1Password v3…and the reasons I switched were that sync actually worked with 1Password without all the rigamarole that PW required back then and because auto typing the data in 1PW worked and at that time PW either didn’t have the feature or it was clunky…and also the multiple categories for Secure Notes, passports, credit cards, etc. I will have to take another look at it I guess…because the no local storage subscription only is probably going to be a non starter for me. I won’t be upgrading to 1PW 8 but eventually 1PW 7 will quit working…and in the meantime they’ll lose my current subscription since I’ll cancel it as 1PW will be a dead end for me at that point.

I’m still a bit concerned that Selznick is a 1 man shop though…but not concerned enough to upgrade to 1PW 8. Took a quick look at KeyPassXC and it doesn’t do iOS…so it’s a non starter as well…and I’ll retest it to see if the fill in works better now.

I could move Secure Notes to locked Notes in macOS/iOS/iPadOS but attachments and images and other stuff that I’ve got stashed in my 1PW vault would still need another solution.

In Fey’s own words, 1P8 is a compromise, not “the best of both worlds”. I’ve been happily using 1PW for years. I’ll wait to see how 1P8 performs, but if it’s not up to snuff I’m sure I can find an adequate replacement. Altogether, though, I like all my stuff, and most especially stuff that has to be secure, only locally, on my own devices, so I’m already somewhat uncomfortable with 1P8.

Unfortunately…I haven’t found a replacement yet that combines local storage and easy backup, doesn’t require internet connectivity to work, supports secure notes and image attachments to entries, and supports iOS/iPadOS/macOS. I could do with the Electron macOS app if I have to…but no local storage or backups and required connectivity…particularly the former…are a non starter. If 1PW 8 isn’t fixed…I will use v7 until it breaks and will cancel my current subscription…so they’ll actually lose revenue. The feedback on their support forum is 80 to 90% against this. I would pay for a subscription if local storage and backups were included… yet Dave Teare is putting out marketing BS to justify the companies shift to a subscription only model aimed mostly at business clients as helped along by their VC money infusion. Clearly…the company has moved along and no linger cares much about macOS or individual users. Password Wallet might be the best alternative…but it doesn’t support notes or image attachments, is les than fully satisfactory in sync capability and in auto fill of credentials…but none of t(e other major players support local storage either. Dave even claims that DropBox sync…which works perfectly for v7…”doesn’t support our needs”…more obfuscation and marketing fluff to justify the change in business model IMO. Looks like I will be sticking with v7 until it breaks…and hoping for a better newer down the rod for things other than passwords that need protecting.

After many years as both a TidBits and 1PW user, I have noticed the tendencies of some TidBits users to try desperately to hold on to old software.

People still on Mojave refusing to update because they love some 32 bit app that won’t run anymore.

I remember when AgileBits, the company behind 1PW was a tiny 1 man operation in Canada. The company has continued to update and improve their software and make it sync across multiple operating systems. From one man Dave Teare, working out of his home to 381 employees and two offices. I remember Dave Teare himself manning his 1Password booth at MacExpo at Moscone Center.

Their customer support and community forums are super responsive. They listen to their users and explain their challenges and why some idea or proposal is not feasible.

Yes, it is a subscription model, which I normally hate. I refuse to subscribe to Adobe for $120 a year. I am not in a business that uses Adobe software to make money. There are better alternatives.

But I use 1PW daily. I don’t want my passwords stored locally. I have had my computer stolen. I had another computer bricked by an Apple software update. My passwords are much safer on their servers. Apple just signed up to put their 123,000 employees and contractors on 1PW.

I like giving my kids a paper letter designed by 1PW that has instructions for getting into my computer and my bank accounts and contacts after my death. Everything they may need to know to settle my affairs is available to them on their computers.

All this for $36 a YEAR. On unlimited devices. If I have a family, 5 family users costs $60 a year. How can anyone whine about that price for the value received.

So, if you are holding on to local vaults the way some TidBits user are holding on to Mojave, I don’t think AgileBits will miss your business. Nor do I think you will find a better PW manager than 1Password.

They’ve had 16 years to develop and improve 1Password. Every update has made the product better, more secure, and easier to use.

Thanks to 1Password, I have a different, random, complex password for every site where I have an account.

Someone could threaten me with a gun and demand my password to some website and I guess I would get shot because I have none of them memorized. How can I memorize YZtr!49-Du?

Just the Master Password. Which only works on my devices secured by Face or TouchID. Not 100% secure but I am comfortable.

1PW currently stores a copy of your Encrypted file locally. The design ensures that decrypted info from 1PW is safely and securely handled. If your machine is stolen and you do not have automatic 1PW locking and logout correctly enabled, it is your fault. The algorithms they use have been tested and praised for years. There is no difference where the vaults are stored, other than if there is no local copy, you’re SOL without Internet.

I’m happy for users that don’t want passwords stored locally…but the current DropBox sync capability means that an encrypted copy is stored on every one of my devices locally…so if the laptop gets stolen or the phone that copy does the thief no good and I can use another device until it is replaced.

As I said…I’m happy to pay the subscription fee…but I (and many others if you’ve looked at their support forum) want the ability to store either locally or cloud as the user wants. This capability works perfectly in v7 of the app…and has been deliberately removed to force users into a subscription only model. They have provided zero explanation for this change other than “DropSync does not properly support our needs” which is just claptrap. Yes…the Secret Key doesn’t work for local vaults…but the Secret Key is just another password…and the password or passcode on the device and the DropBox password provide the same double password security.

I find no reasonable explanation for this change…and they haven’t provided one…beyond forcing people into a subscription model to increase revenue and lower costs. There isn’t anything wrong with that for the company…but they’re being dishonest in claiming that it is better security and that 97% of their users “prefer the subscription model.

I and many others have asked for a better explanation of why the local storage option has been deleted…and the silence beyond marketing BS is deafening on their forums.

If no local vault will exist, what happens when there is no Internet connection or agilebits servers are down? No connection is a fact of life and not every use requires my having Internet.
Francisco

Because I bought the app years ago, and they haven’t added anything of benefit (for me) to it since then, but they have instead removed capabilities that were helpful to me from it.

Far from holding on to local vaults, I would suggest that those trying to justify 1Password’s money grab are trying to hold on to an old app they love, which doesn’t love them anymore.

I need to check into this. Thanks for pointing it out. Also, I’m a huge fan of 1Password, and I’d be lost if they went out of business.

As Dana Schwartz says, 1PW has and will continue to have a local copy of your passwords. What is going away is standalone vaults, which do not have a copy on their servers (used for syncing and other purposes). Local backups have been announced as a forthcoming feature. A self-hosted server is a possible future option, there is a survey about the possibility going on. This is so new that one can’t tell whether, if this does get introduced, users will have an option to store their vaults ONLY locally, without having a copy on 1password.com

Amen. You use WHAT WORKS. Something that doesn’t make you jump through hoops. I’m sick of money grabs by companies and this is the second one I’ve heard of just today; first, Disney; now 1Password. I won’t be upgrading to version 8 either.

Add LastPass to the list. LP was purchased by LogMeIn and just recently they went from a free base product to a subscription model. That part was fine because how do you make revenue without ads? The base version supported syncing to all of my devices. Great, I’d pay for that. The Premium version was extra and allowed syncing with family. The new subscription model forced me into a pay version because I could now only get all device syncing if I signed up which now included the family version which I did not need. The so-called “free” version now only supported one device. Since the LogMeIn acquisition, updates have been non-existent and bugs have not been fixed. sign. Mike

I am really dragging my 1Password feet — we are still on 1PW 6 (the family plan). Now I am wishing that I had gotten version 7 before this recent switcheroo.

How does this work? I’ve looked around in 1PW but can’t see this feature.

The only thing I’m aware of that resembles it is their Emergency Kit, which I am now reminded to send to my daughter . . .

Yes, thanks. I remember seeing that ages ago but I had forgotten about it.

1Password 8 for Mac, which is basically rewritten from the ground up, is in “Early Access” which is just another name for it being a public beta.

1Password 7 for Mac is still the current version and you can (and should) download it.

In the past, I held off from switching from 6 to 7 but that was only because I had standalone licenses (standalone licenses were still an option but I was weighing that choice against a family subscription). Do you only have old Macs? Part of what compelled me to finally get 1Password 7 was it was the only way to get a browser extension for the current version of Safari at the time.