I am ill-equipped to follow the comments, Neil, but I wonder if their blog offers any clarification?
FYI, the Emergency Kit feature of 1Password does not appear to be supported in the stand-alone version of 1Password 7.
Not really…it just justifies their transition with a bunch of marketing BS about how much better the new version is, how 97% of their users choose the subscription option (because the stand alone version and licensing stuff is hidden really well on their site), and how DropBox sync which works perfectly under v7 simply doesn’t support their needs for sync (with no explanation of that claim despite being asked). It seems pretty obvious me…they’ve essentially decided not to care bout their macOS roots with the Electron app and with their recent VC money infusion are changing business models to force users to a subscription model and aim primarily at the business users.
2 Likes
Thanks Curtis. I also have a standalone license which is a family plan for version 6, so I haven’t paid anything since 2014. A real bargain actually. At this point, version six requires that I copy and paste passwords, but my understanding from listening to SecurityNow podcasts is that this might be a bit more secure that letting a web-browser extension input the passwords anyway.
My understanding is that upgrading to 1Password 7 will require me to have a subscription at this point. Presumably if I had bought version 7 a few months back, I could have continued subscription free.
I just read the new thread on 1Password, and I may spring for the 50% off for three years if they offer it in exchange for my family plan license. I have passwords for webservers and domain hosts, etc for many people that I have helped, going back years. Definitely got my money’s worth.
Somewhat tangentially…
I have only ever used Dashlane since David Pogue recommended it many years ago. I tried LastPass a few years ago but the data migration from Dashlane did not work as I would have liked and I could see no benefit so dropped it.
Now Dashlane is ending their macOS app support and has moved to a browser based product. Up to a point this makes sense as almost the only use for the functionality is to log on to websites but Dashlane (and other products) also provided secure document storage which was useful and could be accessed off-line.
The ‘problem’ here is that app vendors (and service vendors in general) have continually to change their products and services otherwise they cannot hold onto good developers and change often means some users will be dissatisfied. Not sure what we can do about this.
version six requires that I copy and paste passwords, but my understanding from listening to SecurityNow podcasts is that this might be a bit more secure that letting a web-browser extension input the passwords anyway.
As I understand it the plug in checks the certificate to make sure it’s really the correct site before offering to fill in the password.
My understanding is that upgrading to 1Password 7 will require me to have a subscription at this point. Presumably if I had bought version 7 a few months back, I could have continued subscription free.
Yep…and I’ve told them that while I would prefer they maintain both the existing v7 with local and DropBox ability alongside the new v8 stuff…and that I would prefer to buy a stand alone license for v7 if it will continue to be supported…but I would settle for a subscription if it still allowed local vaults and DropBox sync. They claim that DropBox “doesn’t properly support their sync needs”…but have provided no explanation of either what that means or why it’s worked for 4 years at least but no longer works because of xxx. They make claims like “it is fragile” but the vast majority of the folks talking about the deficiencies in the early access v8 threads on their site indicate that both of those capabilities are currently working just fine but are being removed as a business decision. They’ve clearly decided that the future lies in enterprise customers for continued revenue growth…and it’s very likely that their recent infusion of VC money is partly driving that train even though “the original owners maintain complete control of the company” according to what they said about the VC money.
I’ still looking for an alternative solution…I could go back to Password Wallet which while it is a one man shop still works and provides both of those capabilities. It doesn’t really do secret notes the same way but it does have a Notes field in entries that would work for that…or I could use Secure Notes in the Notes App. It also doesn’t do image attachments but I could probably figure out some other way to do that.
Along that line…is there another app that provides iOS/macOS compatibility for secure storage of images and notes as well as passwords that is end to end encrypted and provides the ability to have a local copy that can be backed up, restored, and imported back into the app if necessary? I’ve taken a look at LastPass and Dashlane and both of those are now completely cloud based. KeePassXC doesn’t do iOS.
I’ve been looking at alternatives, particularly those built on the “pwsafe” Open Source code base. I’ve finally figured out a migration path from 1Password 6 to “Strongbox”, but it involves another application that can read the 1Password 6 format and write to the format used by pwsafe derivatives (KeePassXC.) I’ve had some issues with Strongbox, that don’t give me a lot of confidence in their coding/responsiveness. (Gave them a bug report for an import that generated “internal error” and suggested they could fix this specific problem easily. I got back a line of bovine effluent about how hard it is to write software…)
The other recommendation I got was for “Secrets”.
So at this point I’d say I’m still looking for a good alternative to 1Password that is native on Mac OS and that shares data with iOS.
I have been a long time (since 1PW3) 1Password user - desktops, iphones, iPads - and it has always worked well for me. I’m not overjoyed by the move to a subscription plan, but I completely understand it, having been a software developer in the past. Many people want free or inexpensive software to be updated and expanded in perpetuity for little or no additional cost (read ‘cheap’), no matter how involved that work might be. The subscription plan allows for a continuous revenue stream that can support enhancing and adapting the software and allow the developers to pay the rent. I have no problem with this. The ‘no local vault’ scheme is more problematic, but it is what it is and I will adapt. As long as the software is stable and secure, and works seamlessly as it has in the past, I will continue to use it and pay the freight. I do so for Quicken and others and appreciate to continued development of the program,
BTW, I was recently contacted by a user of software that I wrote for a client years ago. Obsolete hardware and software, but they needed it again and wanted it updated for a newer OS. When I explained I hadn’t worked on that software in years, didn’t have a machine that could run it and the cost to them would be considerable for me to even consider such a project, they were astounded and indignant that I would not do the work gratis as there was an ‘implied contract’ that the software was updatable as long as they needed it. Needless to say, that was not part of the original contract and I bid them good day.
The bottom line for me - if I am using software that I deem useful to me and expect it to be updated for OS reasons, security reasons, or enhanced feature reasons, I expect to pay for it and a subscription is OK. My $0.02
7 Likes
Frank, are you bothered by the abandonment of a Mac OS implementation? I understand the move to a subscription model. But moving away from a native app (after establishing an income stream from that app) that is my deal-breaker.
I have Strongbox on my MacBook Pro and iPhone, and apparently it does allow Dropbox or iCloud sync. However, I have not experimented with it yet. Per online documentation, it supports two different file systems, Password Safe or KeePass format, which are also used by other clients from other developers. Strongbox itself is Mac and IOS only. One of the other clients might have an import path from 1Password but I haven’t dug into that at thus point.
More on this subject from the Strongbox developer support database:
Not if the software works as advertised and does what I need. The developer develops, I use. If it works - OK, If not, I will find an alternative or do without. I cannot dictate how the developer writes the software. I can have and express my opinion, but the final product offered is not up to me. Only my choice to use it is.
2 Likes
How often do you use the actual app? I guess 99% of my use of 1P is via the browser extension. And it’s not like there’s no app at all – that would be a deal-breaker – it’s just not native so it may have a few interface quirks.
Also, it doesn’t sound like it’s necessarily permanent. Right now the Apple tools to make iOS apps work on the Mac are still too primitive for 1P, but when that changes, they could easily re-use the iOS code to make a native Mac version. That could be a year or two away, so the Electron version is used in the meantime. Not the worst situation.
I am more concerned with Agilebits moving toward enterprise. (Dropbox has done that and the results have been horrible. I don’t use a single one of their enterprise-type "improvements. I’d drop it in a hot minute if I could find anything comparable, but I’ve geared my whole workflow around it.)
1 Like
-
Strongbox has a lot of problems with their CSV input. The ‘trick’ to import through the Mac verison of KeePassXC worked, but it’s sure clunky. I get no confidence from an import function that can’t parse data without throwing an “unknown error”. Importing CSV isn’t exactly rocket science. (The obvious ‘right way’ to do things is to import what you can parse and provide a file with the entries you could not parse. As an example of the import problems, Spelling Counts for the column header first row data. “URL” is not accepted, it has to be “Url”. And a trailing comma also generates an “unknown error.”)
-
I use the 1Password app about 40% of the time. But to me it’s as much the principle of the thing than it is actual core functionality. Since there are alternatives that are Mac native, that’s where I’ll take my business.
1 Like
From what they’ve said on their site…the Electron and Rust in the background is their new way forward…with no intention of a macOS native app later on…Electron gives them a single code base for the UI. Management has decided…they’re no longer interested in making great apps…they’re going for the enterprise market and all of the supposed neat nifty new features that Electron Rust provide seem to be oriented at enterprise users. For better or worse…I don’t think they give a darn about Mac users or anybody but enterprise. Dave Teare and his policy minions keep saying they do…but their actions, as well as the BS marketing fluff they’re spouting on their site despite all the complaints about version 8 tell a pretty obvious story. Rousen (or however you spell the name) is one of their senior folk and he raves about how much faster and better and more fully featured it is and they refuse to admit that the Mac client sucks basically. I tried v8 beta for a few minutes…and the posts there from users is right…it’s terrible. All of the improvements Rousen and Teare talk about are enterprise things that individuals don’t care about…and they’ve deliberately removed features that work perfectly in v7 because they don’t “meet their needs”.
I really hate to see a macOS first company do this to themselves…but 5eyve decided that money from the enterprise is more important than good useful software.
I use the app quite a bit on macOS…but I will just use v7 until it breaks I guess. Will take a look at some of the alternatives mentioned here…but so far it ain’t looking too good.
I could live with the subscription model even thou* I don’t like it…and I could live with the crappy macOS app if I had to…but the complete lack of any local storage capability and a local backup/restore/import capability to recover from something bad happening is a deal breaker. They claim they have “multiple backups”…but a backup on their end doesn’t comprise a backup on my end.
2 Likes
If you can’t make a backup, the data isn’t yours.
I can’t think of anything more obviously “mine” than my passwords. It ain’t happening. The love affair is over.
1 Like
Enpass might be worth a look. I dabbled with it when it first came out and liked the interface better than most, but I haven’t yet had a need to move from the old app I use (not 1password and no longer available). Enpass has been updated regularly, has a watch app, and the latest update has introduced wifi sync in addition to assorted cloud syncs. Desktop version is free, mobile is $2/month subscription or $80 one time purchase.
I know nothing about the developers or how competent they are at security, so that would need checking out.
You might want to take a look at RoboForm. Many years ago, when I was trapped on Windows with my employer, I used RoboForm and liked it very much. I don’t think the interface was as good as 1P, but it was very functional and very good.
I also understand that 1P is abandoning Swift as their development language in version 8.
I’d be curious what you think of Roboform after you try it. I am a subscriber to 1P and like the software, but it sounds like they’re making changes that are going to make life easier and more profitable for Agilebits and less for me.
I have read all the tearing of hair and wailing and gnashing of teeth about 1Password 8, here and on their Early Access forum.
I have also been using it since it’s Mac release, and while not perfect, it is fine for me. I don’t find anything likely to make me look for an alternative.
4 Likes
I’d like to use a 1Password-pre-written-explanatory-letter as a starting point for helping people to access my encrypted data (and my password protected data) if I’m dead or disabled.
I haven’t found a good starting point after searching for a day or so…
I have used 1Password since v1. Before that Web Confidential. When 1Pswd started pushing licences I had a look at Lastpass and Dashlane and rejected both. Am now about to play with Bitwarden. But I find myself wondering about Apples iCloud Keychain. Noone seems to have an opinion about it here. Does that mean it is fatally flawed in some way? Can I have a local copy? Comments please.