
Apple to deploy 1Password to all 100,000 employees, acquisition talks underway - okket
https://bgr.com/2018/07/10/apple-1password-acquisition-deal/
======
quanticle
This is clickbait journalism at its worst. Let's look at the all the ways this
story is designed to mislead and deceive:

* Provocative headline, designed to attract attention
    
    
        * Use of the word "Exclusive" to imply that this is important information
    
        * Says acquisitions talks *are* underway, despite having little or no evidence of that
    

* Reliance on anonymous second or third-hand sources - the only evidence for "acquisition" is something that an employee overheard the CEO say

* Update, placed at the end of the story, that disconfirms the story

* Placement on aggregator sites like Reddit and Hacker News in order to drive pageviews

I rarely say this about stories on the frontpage, but in my opinion, this
story should be flagged and deleted. There's no content here, and driving
traffic to bgr rewards them for putting out this kind of fake news. This story
reads like someone took Ryan Holiday's book, _Trust Me I 'm Lying_ and treated
it as a field manual rather than a set of warnings.

------
jakewalker
"Rumours of my acquisition are completely false. My humans and I are happily
independent and plan to remain so."

[https://twitter.com/1Password/status/1016710603359096846](https://twitter.com/1Password/status/1016710603359096846)

~~~
tstrimple
That's a relief. Apple acquiring 1Password would torpedo any chance of getting
a decent implementation on Windows. The implementation and integration on OS X
are sublime, but Windows still leave a LOT to be desired.

~~~
Analemma_
I agree that 1Password on Windows has issues, but I feel like the developers
got screwed by Microsoft on this one: they went all in on a UWP version, then
had to throw all that out and basically start from square one when it became
clear that UWP was a dead end. So I cut them some slack on that score.
1Password for Windows is improving, it's just taking a while (version 7 is a
big step up, for example)

~~~
pjmlp
UWP is such a dead end that all new Windows 10 APIs are UWP only.

~~~
cm2187
Last time I checked, about half of the windows market is running Windows 7
which doesn't support UWP. So UWP is a dead end for anyone who needs broad
compatibility.

~~~
dingo_bat
Windows 7 is a dead end. UWP is the future, however shitty it currently may
be.

------
jumbopapa
There's rumors that Apple will release a Prime like service. It would be very
nice to see Music, 1Password, iCloud Storage, and whatever TV show they are
working on bundled into an annual subscription.

~~~
jonknee
It would be lame if Apple bought 1Password and continued to charge for it. It
doesn't have the same economics of stuff like storage or music streaming and
should be free if backed by a company like Apple. I have no problem at all
paying Agile Bits, but I don't want to pay Apple for a password manager.

~~~
Eridrus
So, on one hand, I agree, password managers/FIDO should basically be part of
every OS/browser and tech companies should come together to make it all
interop seamlessly for the good of society.

On the other hand, the biggest barrier to adoption that I have found is people
losing their master password. And supporting good account recovery is
difficult and expensive. A subscription service that actually had a real way
of validating identity for account recovery could be something worth paying
for, for people who are not very tech savvy.

Maybe we can come up with a good account recovery service without dedicated
customer support folks, but the moment you have a bad experience, you're
probably going to go back to Password123.

~~~
Nullabillity
Any possibility of account recovery completely torpedoes the product's
security.

~~~
Eridrus
But in the real world, should there be account recovery, or wide spread
password reuse where hacking random sites gets people's passwords to more
important sites.

~~~
Bud
Neither. And that's a false choice.

------
patagonia
Could someone please try to convince me why I should be using anything other
than Bitwarden? In years past I’d exhaustively review my options for password
manager. When LastPass was acquired by LogMeIn I stumbled upon Bitwarden and
haven’t seen any news or commentary which has caused me to rethink that
decision.

Edit: zero affiliation with Bitwarden

~~~
crispyambulance
Why don't you convince us?

1Password seems to be OK. I use it and pay subscription. Except for
frustrating login experiences with some websites, don't have any problems.

Never heard of Bitwarden, doesn't seem particularly compelling compared to
1password.

------
chucky_z
1Password is amazing. Hopefully Apple doesn't even touch them, and they
continue developing that CLI that's been hinted at and teased a few times.

~~~
ReidZB
Isn't the CLI already released? See [https://support.1password.com/command-
line/](https://support.1password.com/command-line/)

I haven't used it, so I'm not sure how feature-complete it is.

~~~
xur17
I tried to use it, but the syntax is way more complicated than it needs to be
to retrieve a simple password. After 10 minutes of trying to figure it out I
gave up and just used pass instead.

If anyone knows how to use it to retrieve passwords / copy them to the
clipboard, I'm curious because we use it at work.

edit: It looks like it might be possible [0], but it requires a long command
or a command alias. The lack of tab completion is kind of problematic though.

[0]
[https://gist.github.com/justinline/e11ac0f08f267502b9e963624...](https://gist.github.com/justinline/e11ac0f08f267502b9e96362457d03c6)

~~~
crymer11

        op get item <name or UUID> | jq '.details.fields[] | select(.designation=="password").value' | sed 's/"//g' | pbcopy
    

will put the password for <name or UUID> on your clipboard on a Mac. (I'd
probably wrap everything before `| pbcopy` in a function so it's easier to
call and use directly if you don't want to copy the value)

------
Someone
I don’t understand this deal. What’s in 1Password that isn’t in iCloud
Keychain or easily added to it? Windows and Linux support? Is that worth much
to Apple? If so, why?

~~~
makecheck
When 1Password noticeably improves the usability of all your competitors’
platforms, buying it and killing it makes sense.

~~~
freehunter
I'm a LastPass user and have never used 1Password, but is 1Password really
better than the competition (like lastpass)? Buying your only competitor and
shutting it down is great, but buying one of many similar competitors just
seems like it would bolster adoption of the others and improve _their_ market
position more than it would improve _yours_.

~~~
Walkman
1Password is an order of magnitude better regarding the UI and UX.

------
tepidandroid
I've never understood the appeal of paid password management services like
1password. Is there any benefit to using this over something like KeePassXC +
Dropbox?

~~~
toomuchtodo
Usability. 1Password on my Mac and iPhones with iCloud as backing storage
“just works”, and I trust iCloud more than Dropbox for secure storage.

Disclaimer: Using 1Password 5, which was a one time payment.

~~~
0x7f800000
KeePassXC and Dropbox "just works," and it works on Windows, macOS, Linux,
*BSD, Android, iOS, ...

Dropbox can be swapped out with other storage services.

~~~
msbarnett
> KeePassXC and Dropbox "just works," and it works on Windows, macOS, Linux,
> *BSD, Android, iOS, ...

At least on iOS, this doesn't appear to be meaningfully true. With 1Password
if I have navigated to a site's login page in Safari, all I need to do is hit
the 1Password Activity button and it will populate my name and password.

With "Keepass Touch for iOS" my options are either: "You're browsing wrong. If
you want to log in to something, use the integrated browser" or "switch apps
from safari to Keepass, copy username to clipboard, switch back to Safari,
paste username, switch back to Keepass, copy password, switch back to Safari,
paste."

No thanks. This is still meaningfully behind in the usability department.

------
TazeTSchnitzel
If Apple has thus far dogfooded iCloud keychain, will it now suffer? :(

~~~
nothrabannosir
Could it possibly become any worse? The UI has always been lacking, and
functionality has gotten worse over time (e.g. aws-vault cannot actually work
without popping up a prompt window every other minute since a recent update to
OSX). Discoverability is poor, there are a hundred keychains ("login",
"icloud", "system") and even I as a security conscious IT professional don't
know what they mean, god have mercy on the casual user finding their way.
Where are which passwords stored? WiFi passwords are stored across multiple
chains depending on OS updates, but not migrated across. To view the password
of a single item I have to enter my password twice, for some reason: once to..
unlock the keychain, once to unlock the item? Or to allow "keychain" access to
the item? What?

God, the icloud keychain cannot die soon enough. What a shit show.

~~~
ballenf
Wow, it's interesting how different people's perspective can be.

One of the deciding factors for me switching 100% to iOS and MacOS was the
unified keychain across all browsing and apps. For the first time in _ever_ I
rarely do password resets in an app. There are a few apps that "brilliantly"
roll their own password input fields and those don't work, but they are rare.
And a few websites that split the username and password onto separate screens
that are kind of hit or miss, but again rare. And on the ios12 beta, the
keyboard grabs one-time sms codes and auto-inputs them with one tap.

From my layman's perspective I have one keychain and it has everything in it.
And it just works 99% of the time. But I don't use it for AWS anything. I
don't know or care about the different kinds of keychains -- they just work.

Not doubting your experience, just wanted to throw out there another one.

I only wish Authy (my current preferred 2 factor token generator) was more
integrated with the Apple keyboard, but it has a widget that makes things
pretty quick.

------
kup0
The 'acquisition talks' appear to still be a hearsay rumor but who knows. I am
an Apple hardware/OS user, but I prefer other companies' services. Worried if
there is an acquisition that Apple will make an inferior product and shutdown
1Password :/

~~~
ghostly_s
Apple already has an inferior product, the password syncing service built into
iCloud. I'm not sure I see what value 1Password has to them at all except for
it's cross-platform support and more robust feature set.

~~~
kup0
Agreed, worried an acquisition would just absorb 1Password into the existing
inferior product.

I hate it when big companies do this. They often shut down good products and
then years later they've only implemented a fraction of the acquired product's
feature set into their own product.

------
LyndsySimon
I'm hoping this leads to a better integration API for password managers in
general on iOS. I use Bitwarden, and it's a real pain to log in to native apps
using it - you have to copy/paste between the Bitwarden app and the app you're
logging in to.

I've spoken with the Bitwarden team and they indicated that it was a
limitation of iOS and there wasn't anything they could do on their end.

------
ableal
App store preview link:
[https://itunes.apple.com/us/app/1password/id568903335?mt=8](https://itunes.apple.com/us/app/1password/id568903335?mt=8)

(no additional info, just for convenience looking it up)

------
cprecioso
I think this is in fact a good omen for the Standalone version of 1P. If Apple
is going to be using that, you know they will not discontinue it as I was
fearing they'll do some day or another.

------
Svoka
May be they're just testing iOS 12 third party password manager integration?

------
Karunamon
Acquisiton? This doesn't bode well for the Windows version of 1Password.

------
tinus_hn
Why wouldn’t they extend their own native password management tool instead?

------
hendersoon
If this is an acquisition, Apple would integrate 1Password into their
ecosystem, enriching it immeasurably, but the Windows, Linux, and Android
versions would almost certainly be abandoned. That's a shame.

~~~
jonknee
Apple makes Windows and Android apps, I don't see why this has to be
different.

~~~
ceejayoz
They make a very limited set of Windows and Android apps that are all clearly
intended to drive sales of Apple Music and their hardware. (One of their three
Android apps appears to be a "move to iOS" one, too.)

1Password for Android doesn't drive any Apple product sales.

------
qaq
Hope they keep things working well for current customers

------
ttoinou
Off topic : does anyone know why using these kind of software would be more
secure than storing the password ourselves in text files ? I fail to
understand as hackers / virus makers just now need to hack one software to get
everything

~~~
jjeaff
Seems obvious, these managers store the passwords in an encrypted file.
Requiring one (hopefully) really good password to lock it all down plus a 2nd
factor option like ttop or fingerprint.

I only have to remember one long complex password that I have never used
anywhere else and that secures and encrypts all my other passwords. And rather
than searching and copy pasting, a browser extension can fill in passwords
when I request.

Add to that, a password manager generates a long and complex and unique
password for every account I have so I don't have to make one up or go to
another source to create it.

And one of the coolest features, though it doesn't work everywhere and I am
only familiar with LastPass, is its ability to automatically change passwords.
On certain sites, I can tell it to rotate all the passwords in my file. It
logs in and makes the changes for me.

~~~
ttoinou
You can encrypt a text file on your computer as well. Doesn't change the fact
that once decoded in memory or sent via the web browser it's all clear what
your password are (here are the true security threats)...

------
hs86
I prefer and pay for 1Password's subscription but I already tested the export
and import into enpass.io: It works very well!

If the acquisition takes place, I will switch immediately. I am against vendor
lock-ins and Apple is the first company I associate with that.

