Hacker News new | comments | ask | show | jobs | submit login
Getting 1Password 7 ready for the Mac App Store (agilebits.com)
364 points by okket 9 months ago | hide | past | web | favorite | 473 comments



So, I'll join the chorus here by saying that I've picked up the subscription fee.

I've been using their software daily for over three years. During that time, they have consistently improved their product and have been open about issues (as far as I am concerned). I was a little irked when I saw the subscription model. I was like, "hey, I paid for this." So, I looked up how much I paid in licenses by looking them up.. in 1Password. Turns out I paid about $40 for the Mac, Windows, iOS, and Android clients. That's $40 over three years for something that I use daily.

Then, look at the $5/mo subscription for families. I get something that gives me access to all their software versions (Mac, Windows, iOS and Android) for five people, my entire family (if my cat ever decides to get a computer). I am a software professional. I pay for tools that keep me going and return me money because they offer me productivity. I pay for Things, Bear, iThoughts, and may other apps that have helped me greatly.

One important statement I make to people is: _the price for security is eternal vigilance_. There are always new ways things get attacked and new ways to be more secure. I realized that I was gladly willing to pay $60/year to keep me and my family going while keeping AgileBits running as well. If there was anything that deserves a subscription, it is your security software. If its any consolation, several of my developer friends feel the same way.

My two cents.


As time goes on, I've gotten less and less comfortable using proprietary software for critical tasks. If 1Password were open source, I'd actually be pretty happy to subscribe. But as it stands, I have no faith that the product won't change out from under me in the future, whether due to a pivot, an acquisition, or some other reason. The incentives align in favor of the business, not the customer. IMHO, subscriptions are already pointing in that direction.

I'd rather use something like pass and deal with the downsides. (Though I admittedly haven't switched yet.)


For me, something related: can I remove the data in a usable form? 1Password makes that easy, so like others here, I'm happy to pay them to perform the 'eternal vigilance' that secret-keeping entails.


We also allow export in something called 1PIF. It's a JSON format export of your data. It doesn't currently handle everything super smoothly, notably Documents which are new.

We'll have another solution in the not too distant future that should cover things and be a documented format that anyone with the know how could use.

Also important to note, that if your account ever lapses due to lack of payment. The account is still read-only. You can export your data if you wish even when the account is read-only. We do not lock you out of your data, we just prevent normal use of the application (browser extension, editing items, adding new items, etc). But the data you've already entered is entirely accessible if you want to copy/paste or export.

Kyle

AgileBits


Password Store (AKA 'pass') stores each password as a GPG-encrypted text file, so with gpg, $EDITOR, and cp/mv you have full control over your password data at all times without pass even having to get involved.


It’s nice to see a team of marketers working so hard to convince the masses. Kudos.


Yes, you can export it as a CSV file. They even warn you that it’s not secure.


> They even warn you that it’s not secure.

I don't think anyone who uses a password manager is exporting to CSV for security purposes.


I was trying to illustrate that not only can you extract data in an open format, they also are responsible enough to warn end users that the data is no longer encrypted. This isn’t for the benefit of your typical HN reader.


For now...


Removing the ability to get your own passwords out of your password management utility that you paid for would be corporate suicide.


Crippling it, not so much.

I moved away from 1password at the time of the subscription palaver. I managed to move everything to Keepass but each entry has it's own folder.

I don't blame 1Password for the state of my Keepass db (although they pretty much forced my hand) but the closed nature of 1Password does bite you in the arse when you decide to leave.


I switched from 1Password to LastPass last year and it was a smooth transition. If they’d had a Linux version I’d still be a customer right now.


They now have a chrome extension that supports Linux[1] and a command line app.[2]

[1] https://support.1password.com/getting-started-1password-x/

[2] https://support.1password.com/command-line-getting-started/


We evaluated Lastpass about a year ago and the UI was borderline unusable. Doesn't matter so much for technical teams, but it does in broader use cases.


What did you settle on? It’s basically just a browser extension.


I keep meaning to write some Applescript and/or browser glue for pass(1). Uses GPG, checks into Git, and even has an iOS app.


"Corporate suicide"? 99% of the users wont even notice the feature existed...


They will if you go out of business or decide to spin off the product.


"Corporate suicide" implies that it would be a problem for the company.

Users noticing it after the company is already "going out of business" does not qualify as such.


Yes, you're right, an already-dead company can't die a second time in this highly-hypothethical scenario. They're still dead.


For ever.


At some point you have to value people. The 1Password folks have never let me down, and have been very honest, so I trust them. The product has done nothing but improve over the years for me, increasing in value and ease of use. And then with how often LastPass has had security breaches, it was a no brainer for me to leave LastPass years ago, and I don't regret it.


Shifty Jelly has never let me down either, but they got acquired by NPR. Neither has Q Branch, but they ran out of money and had to shut down. Business for indies isn't predictable. Is AgileBits going to be around in 10 years? I hope so, but I think it's far more likely that they'll be swallowed up by some other company, at best. After getting burned by this over and over again, I just think it's more sensible to stick to OSS options that will probably exist in some compilable state even in the distant future.


> Shifty Jelly has never let me down either, but they got acquired by NPR.

Of all the entities they could be acquired by, I think NPR is the least offensive of all. And they've stated the intent is not to change how PocketCasts works. The other partners are WNYC, WBEZ, and PRX (helmed by Ira Glass). These are all major publishers of podcasts who have a vested interest in keeping PocketCasts a good app, and growing it. I think this is a bad example.

> Neither has Q Branch, but they ran out of money and had to shut down.

They would still be around if they had subscription revenue. Guess who has subscription revenue?

> Is AgileBits going to be around in 10 years?

They started 12 years ago. If you asked 12 years ago if they would still be around in 10 years, the answer would be yes.

> After getting burned by this over and over again, I just think it's more sensible to stick to OSS options that will probably exist in some compilable state even in the distant future.

Well, don't go LastPass if you want OSS.


There are open source 3d party applications on Linux that I've used to access 1Password password archives. The code is closed source but everything they're using to encrypt the passwords are open standards. You can build your own 3rd party open source platform to access them.


Do you have any suggestions for such software? I've been looking into this as I migrate to Linux and have yet to find something that does read and write for stuff stored in my Vault. I'd honestly be willing to pay for software that provided this.


The official solution is to subscribe to their subscription service (any tier works) and use 1Password X in-browser: https://support.1password.com/getting-started-1password-x/

Not sure about other solutions, open or closed; I moved over to their subscription service a few months ago and haven't looked back.


I work for AgileBits, makers of 1Password

We don't prevent people from writing 3rd party tools, but I would also be very wary of using them. Our stance is outlined here:

https://blog.agilebits.com/2013/03/06/you-have-secrets-we-do...

> We have to advise you to never enter your 1Password Master Password into anything that isn’t 1Password. We aren’t casting aspersions on the integrity or competence of any developers, but we simply can’t advise otherwise.

So as long as you're mindful of this advice from us, go forth and conquer.

Kyle

AgileBits


So if the app were open source and the maintainers decided to abandon it, are you going to download the code and keep it updated? If it is forked are you going to trust the new maintainers? Are you going to audit the source code?


If it was a matter of OS compatibility, I'd certainly be able to do it for iOS or macOS. Security, less so, but with luck there would be others to do that work, if the app had enough users. Surely it would be better than just implicitly trusting some company with a profit motive?

I'm not expecting anyone to do the work for free, by the way. You could still charge money for cloud sync or even app extensions and still keep the main repo open. Maybe the code could be a few revisions behind to incentivize people to pay.

In any case, from looking around, it seems that KeePass and possibly Bitwarden fit this bill.


Bitwarden has been great for me. After going from LastPass to 1Pass to KeePassXC to Bitwarden, I really appreciate the simplicity of a simple browser extension without the requirement for a local client.

Bitwarden just works and checks the boxes for me. I haven't tried it yet, but there is also a fork [1] that allows us to use our own hosting.

[1] https://github.com/jakeswenson/BitBetter


This is the big fallacy I see whenever someone uses open source just because the source code is public. Unless you're able to perform a full audit yourself, is it really any better than a closed offering like 1Password?


I suppose the theory is that open source is better (a) because you can audit it if you want to, and (b) it's more likely that someone out there has audited it.

In practice, (a) falls apart if the user doesn't have the knowledge, experience, or time necessary to perform an audit, which is quite likely for security software. And I feel like (b) isn't great either, as there are plenty of examples of major flaws in open source projects that went undetected for long periods - heartbleed is just one example.


I agree with that assessment, but how many vulnerabilities have been found in closed sourced software? If the software is popular enough, someone somewhere is going to find a vulnerability whether it's open or closed source. Look at all of vulnerabilities that Google has found in closed sourced software. It just takes more skill to find vulnerabilities and incentives. The black hats have found vulnerabilities in iOS that Apple still hasn't managed to patch - like the one that lets law enforcement break into a locked iPhone and bypass the fail login attempts.


I think the question is is the likelihood of the party finding the vulnerability being a “good guy” or a “bad guy” different between closed and open source. I’d suspect not, but who knows.


Stuxnet didn’t rely on open source software.

There are major unrevealed flaws in all software more complicated than “hello, world.”


Agree, open source is rights for the users, no matter they have the ability to audit or not.


Of course, the answer to all your questions is "not necessarily". Sure, it's totally possible for people to not audit the code, or let it be abandoned–but open source makes this probability much lower, whereas with closed-source software you have no choice in the matter at all.


I think you’re making a lot of assumptions when assuming the probability is much lower. I’d trust a really proficient small team being paid to produce secure, closed software more than a team of disinterested volunteers. I’d also trust a small group of passionate volunteers over a paid team of crappy engineers. I guess the point is that source being open or not isn’t really the important part, at least in my opinion.


I agree. I try and use solutions that have open source formats, and are preferably open source.

I have made an exception for 1Password, as it is so good. I hate subscription for software, unless there is a clear benefit. In this case, I don't see the benefit.


While our code is not, our vault formats are open. :)

Ben Woodruff AgileBits


I didn't know that. That adds to the esteem in which I hold 1Password and AgileBits. I think an open source format is almost as important as open source software.


Especially security related software companies, they have a tendency of degenerating into user-hostile malware businesses.


Comodo, Tripwire, Symantec, McAfee... on and on.


https://github.com/OblivionCloudControl/opvault

opvault file access has open source tools. It would suck if they changed out from under me in the future (1password is the best password manager and it’s really not even close) but my passwords are at least accessible.


Bitwarden is the answer for your concerns. I've moved to it and never looked back.

https://bitwarden.com


Interesting suggestion, thanks! Can you comment on how good the mobile apps work?


I agree, especially around subscriptions. Too many light burnings already.

I use and love 1Password, but there's no way I'm switching to the subscription model. When my version stops working (either through incompatibility or serious security flaw), I'll begrudgingly find something else to use.


KeePass works for me, and it's available on all the platforms I use.


You are making the same mistake with these arguments as many people make; nobody is complaining about paying for software.

People are complaining about subscriptions, because for example you easily loose track of what exactly it is your paying for.

Paying for an upgrade clearly shows you that you're paying some amount for some list of new features. You can then choose whether or not it's worth paying for. (just to name 1 disadvantage.)

For customers there are 0 benefits to a subscription model. For companies of course there are many.


> For customers there are 0 benefits to a subscription model. For companies of course there are many.

OP described in detail the benefit for customers--constantly updated software. Critical for something as security conscience as a password manager.


People updated software before they started using subscription models.

Paying for software meant they had to make more compelling updates.


You need software companies to provide you with security updates for their products. Insisting that you won’t pay for security updates without new features or that security updates should be offered gratis won’t lead to quality software - it just leads to feature bloat. Attaching a separate price to security updates aligns your needs with a software company’s incentives. Why is that a bad thing in your view?


If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more, since they have the functionality of your app hostage if you decide to cancel and the automatic monthly billing has no ties to the quantity or wuality of updates they push out.

That being said, security updates shouldbe part of the price you already paid, since a security flaw is a flaw in their original software.


> If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more

I'm not so sure - it'd be much easier to write the email saying "Sorry, we screwed up and got a critical security but wrong, but here's an update that fixes it." if a significant portion of your users are paying a subscription - compared to writing that same email just as marketing are preparing to try and convince everybody to pay for a new upgrade...

> That being said, security updates should be part of the price you already paid, since a security flaw is a flaw in their original software.

If that was how everything worked - our industry would be _very_ different. If everybody who ever charge money fo a piece of software was on the hook forever for all flaws it might have, you'd only ever be able to buy software from Apple or Oracle or Microsoft - there would need to be almost as any lawyers as developers in any software company.

I understand your idea - but it's the same idea as people who call up my work saying "Hey, the app you made us doesn't work any more, you need to fix it!" and everybody here is like "Who the hell are _they???_ Never even heard of them." and it turns out its a 32 bit iOS app that they paid for in 2013 and we haven't heard from since (and there's only 3 people left in the whole company who were around in '13, and none of them are iOS devs). We do not fix that for them as "part of the price they paid".


That being said, security updates shouldbe part of the price you already paid, since a security flaw is a flaw in their original software.

Security vulnerabilities generally aren’t considers latent defects under warranty laws (at least not in NA). I’m not sure what the tech world would look like if it were - for one thing, software teams would probably need a P.Eng. on their teams to ship. For another, using open source software would be even harder to do without an intermediary like Red Hat who would be willing to accept tort liability.

At any rate, your software vendor has no legal responsibility to provide you with security updates. Maybe they should. But you’ll pay for that anyways. How do you want to amortize those security updates? By paying the dividend discount price of the updates up front and risk having the product abandoned in a few years (cheating you out of your ‘dividend’), or by paying directly through a subscription?

If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more, since they have the functionality of your app hostage if you decide to cancel and the automatic monthly billing has no ties to the quantity or wuality of updates they push out.

That makes no sense - you have it completely backwards. Their incentive to provide me with timely security updates is my continued subscription fees. On the other hand, if you pay the dividend discount price for those security updates up front, they have every incentive to stop releasing updates and cheat you out of your update ‘dividend’.


> That makes no sense - you have it completely backwards. Their incentive to provide me with timely security updates is my continued subscription fees

You pay one subscription fee for both "I can use my app at all" and "security updates" together. Once there is enough inertia for you to not want to switch off, you'll probably keep paying (to use the app at all) even if they don't provide security updates.

If there were two fees - #1 a one time lifetime usage fee and #2 a security updates subscription fee then maybe that would make sense, but I don't think so otherwise


Agreed. This is the main distinction. If they are explicitly charging for security updates and being upfront that would be a completely different story. That being said, if they could do that then they can also charge for security updates piece-meal.


> At any rate, your software vendor has no legal responsibility to provide you with security updates. Maybe they should. But you’ll pay for that anyways.

Yes, those costs will ultimately be embedded in product pricing and borne by the customer, but that's good. It gives vendors a financial incentive to develop more secure software and reduce their security update costs (and earn more profit). (Nothing is perfectly secure, but a culture change and following certain practices can help. Think Microsoft pre-trustworthy computing memo and Microsoft today.)


> Maybe they should.


True in the traditional model. But the Mac App Store model doesn’t have paid upgrades, which meant there was no incentive for them to keep updating. With a subscription system, there’s (theoretically at least) the possibility that customers would jump ship if they feel the developers aren’t pulling their weight.


Lucky for MacOS users we don’t have to use it like iOS users on the iOS app store.


For something like a password manager, the most compelling updates are security fixes, but there are several problems with charging for these:

- It's unreasonable to expect people to pay the full price for minor security fixes that still need to go out

- Because security upgrades are invisible to the user, it may be harder for the customer to see their value v. new features

- The timeline of when security updates need to go out is less predictable than that of feature upgrades, resulting in unpredictable revenue and expenditure for both the vendor and the customer and the customer may not have the budget to pay for an unexpected security fix

- Customers often want to take time to consider whether it is worth paying for upgrades, whereas security fixes should be applied as soon as possible

- The vendor must invest a lot of resources in testing the security of their software even when no security upgrades are warranted


> - It's unreasonable to expect people to pay the full price for minor security fixes that still need to go out

The ideal model for locally-run software, in my opinion, is to sell perpetual licenses to each major version for a one-time cost and promise security and maintenance updates for a certain period. New features can go into new major versions that users have to pay for (sometimes with discounted upgrade pricing), or, on a discretionary basis, as free updates.

This used to be the typical business model for locally-run software. Microsoft, for example, sold Windows versions for a one-time cost, promised security and some other level of updates until a certain year (and new features could be added on a discretionary basis), and provided upgrade pricing for new major versions that added new features. This kept control in users' hands, as their paid-for software could be used forever (at least until and unless external factors, like hardware incompatibilities, prevented it from working), though of course it would be very dumb to use, say, XP today on an Internet-connected machine. I am generally against subscription models for local software where there is no legitimate reliance on an outside service, and also against the trend of trying to create such a reliance for no legitimate reason ("We've added cloud sync and that's what the subscription is for. Servers cost money every month, which is why we're charging you every month." - except I can handle my own file storage and don't want your sync service).


Ugh, this trend of 'cloud sync' is highly annoying. Let me put an encrypted file on something that resembles a filesystem. If I want cloud sync, I'll put that file on Dropbox/OneDrive/GDrive/Whatever else.

It's only become a big thing after iOS and it's lack-of-a-filesystem and lack of inter-app data flows locked users out of their own devices.

Quite often I don't want many of the "new features". For me, bug fixes and security fixes are the main thing, followed by compatibility updates. I'm quite happy to pay for the latter when it was me that caused the issue by updating my OS/hardware in the first place. I'd quite like some amount of the former to be included in the original cost.


It's become a big thing because it's convenient. Every time I sign into 1Password on any of my devices, all of my passwords are there. I don't need an account with Google, Dropbox, or Microsoft for it to work and I don't need to do any manual setup. It "just works", which is exactly what the average person wants their software to do.

Manually dealing with files is a sign of poor software design for simple use cases, in my opinion. I quite like the iOS model that abstracts the idea of a filesystem away from the user because the user never cared about the file system anyways. They just had to deal with it to do whatever they really wanted to do.


To be honest, if a password manager needs to be regularly updated in order to remain safe, I'm not sure I trust it with my passwords.


> "To be honest, if a password manager needs to be regularly updated in order to remain safe, I'm not sure I trust it with my passwords."

Huh. For my part, I'd have trouble trusting a password manager (or browser, or OS) that claimed it _didn't_ need regular updates in order to remain secure.


Everything on your computer, including the OS itself needs to be regularly updated in order to remain safe...

It's not just security, it needs to be updated to continue to run on your devices. New versions of iOS, Android, Windows and Mac OS change things that need to be taken into account. The browser extensions must be kept up to date. There is a lot of work to do just to keep things running without adding any new features.


The point was requiring regular updates to stay safe, so yes, security updates. The attack surface of a password manager would be infinitesimally smaller than that of an OS.

As far as general updates go, I agree with you, but these shouldn't need to be that frequent. I still have software from the XP era running on my computer.


Of course it's all upside for the company and down for the customer. Which company wouldn't love predictable revenue from customers every month. It's an amazing business model for software businesses, especially when the customer completely forgets about it and just let's their card be charged every month.


Just gonna piggyback off this and say the family plan is an amazing value if you have aging parents.

I recently upgraded to one, set up each of my parents with accounts, and moved all of their passwords out the physical and digital notes that their passwords were strung across and into 1password.

This means no more iCloud password resets every time they need an app or call me for IT support. It means I can help them securely manage their financial accounts and photos as they get older. I can share with them my Netflix login. And I sleep better at night knowing they’ll be aware when one of their previously common recycled passwords is compromised.


The family plan is honestly the best feature hands down. I setup my partner and my mom in it. There was some resistance at first to learning a "new thing". But now they love that they only have to remember one secure password and all their other passwords are automatically generated for them. No more pet names as passwords!


I am a long time 1Password user, purchased Mac licenses, IOS and Android over the years.

I was annoyed when it changed to being subscription based, the price wasn't an issue I think for the value it gives the price is fair, 1Password is the only thing now keeping me on a Mac.

The issue i had with it is you don't own the software and when my credit card expired and i forgot to update it losing access to passwords even if temporarily until updating the card details left a bad taste and showed the downside of being subscription only.

It's been on my list to move away ever since. 12 months on I've still not done it, there's lot's of alternatives but 1Password have the UX and functionality just right however i know i should move as i now don't own my passwords.


I was annoyed when it changed to being subscription based, the price wasn't an issue I think for the value it gives the price is fair, 1Password is the only thing now keeping me on a Mac.

1Password X works on Firefox and Chrome on Linux.


>1Password is the only thing now keeping me on a Mac

I was in the same position. Switched to Keepass and have had no issues using it on Linux and iOS (the latter as KyPass)


there's not even a grace period to export your passwords? If not, wow that's a major downside!

Comment elsewhere in this thread points out they have a Linux CLI app now as well.


When accounts are frozen (which is what happens if you stop paying) 1Password enters a read-only state. You can’t use the browser extensions, make modifications, or add new data, but you’ll have read-only access to your data.

We do have a CLI that runs on Linux (as well as Mac and Windows).

Ben Woodruff

AgileBits


Thanks for clarifying.


Well this one tool is 'only' $60 per year[0]. But what if your compiler moved to subscription, and your text editor and your e-mail client and ...

It's the thousand-cuts problem. And once you start on that path you can't go back, or else the tool stops working.

[0] which is a substantial chunk of a day's after-tax pay for many people in the UK, for example. 1/400th of their salary for a password database.


My compiler (MSVC) is subscription. My go-to editor for other stuff (PyCharm and other JetBrains editors) is a subscription. My email client isn't, but my email hosting (FastMail), which has a web client, is.

It doesn't even register -- they are tools I need for my work and I'm happy to pay yearly for them. It's worth nothing that with the exception of email (which, being on my own domain, I can always move elsewhere), I still keep usable licenses if I stop subscribing, I am not locked-in.


> And once you start on that path you can't go back, or else the tool stops working.

How would you feel about a subscription service that guaranteed updates? Essentially, upgrade pricing, but charged every month.


Will my compiler or IDE stop working if I don't pay the subscription fee? You can guess how I'd feel about that.


No: you’re paying for updates, not the privilege of getting to use the software.


So, you have a perpetual license to use the latest version of the software that you paid for?

Perfect.

... But JetBrains attempted to explain why this doesn't work with the subscription model. And failed IMO, but regardless.


You're absolutely right. I use over 400 tools. I'd be completely broke if I had to subscribe to them all.


It sounds like you feel like you underpaid. Then the solution is for them to charge more or charge for more of their products, not a subscription. A subscription basically forces you into paying for upgrades.

The only thing a subscription model is good for is it wrestes power from the consumer.

With the traditional model if they decide to stop updating the app, you wouldn’t buy the next version, and that would be your leverage. With a subscription model, they can decide to stop deivering updates, or deliver lower quality updates, and you’d be forced to pay perpetually just to keep the existing software operational.


Here's a counterpoint:

If someone pays $40 for, say, 1Password 5, they have no incentive to upgrade. It works well enough, and there's no reason to pay again. So, 1Password is stuck supporting a legacy product (and servers / APIs for it), the user is frustrated by an old version of the software, and the company gets no money so they're at risk of folding (which would hurt both the customer and 1Password).

I agree that subscriptions can get annoying. However, if it ultimately is about the same price, it ends up working out much better for both sides. And hey, they can always stop their subscription and go somewhere else if things get bad. They don't lose their buying power completely.


If they have no incentive to upgrade, that's because the newer versions don't add any value for the user. This makes sense: 1Password is a pretty mature product at this point and there probably isn't much room to add new features, unless you want to expand the scope of the product.

That is to say that I personally (and again, this is just my opinion) don't care about any new features and would be unlikely to upgrade from version 6 on that basis. I may upgrade to ensure I will continue receiving security updates and OS and browser extension compatibility updates, but it would be nice to know how long such updates to version 7 are guaranteed for (presumably they will eventually release version 8 for a new fee and discontinue such updates to version 7).

> (and servers / APIs for it)

The users (like me) who are against subscriptions are only using local vaults (managing the storage sync ourselves) and do not care for or want the web/sync services.


> newer versions don't add any value for the user

I disagree. Security software (as opposed to boxed titles prior to the Internet era), subject to frequent review and that is updated regularly does offer continuing value in a steady stream of updates.

As another commenter said, the price of security is eternal vigilance.


They should not be supporting new features on old versions, and 1Password does not require servers or APIs. If you are paying for their cloud hosting then that is a justifiable subscription cost, but I’m already use Dropbox.

They should be supporting security updates and this should be built into their costs. Security updates represent flaws in their product.

If the user is frustrated by an old oversion and looks to upgrade (whether to a competitor or a new version), then that makes upgrading justified, transparent, and intentional.

Their subscription model just serves to make upgrading less intentional, less transparent, and takes away power from the consumer. Also at their current pricing it’s a massive increase in cost without really deliverying much more value. You’re paying more than what it normally costs in a year, to only be able to use it for a year. It’s like forcing me to pay for their product on an installment plan, but I don’t rven get to keep using it in the end.

Whatever benefits they claim a subscription provides can also be achieved by having more frequent, smaller, incremental updates for features you can pay for.


Yes. This.

But don't forget compatibility updates. Underlying platforms change all the time, it makes sense for users to have to pay for these updates outside a certain time period.


They're not stuck supporting it. The original purchase can come with an amount of support. If the user needs more, they can pay for more.

This is how software worked for multiple decades before subscriptions came about.


You can look at it from a different perspective.

The customer could pay $5 and then cancel the subscription if they do not like the service.

With the license purchase they have to make a large commitment upfront.


In the old days with perpetually-licensed software, this was handled with a trial period (30-day demo or similar), or, where feasible, a feature-limited demo version (e.g. a game with one level as a demo). This is not a new problem or a problem without solutions.


[To play devil's advocate:] which were often cracked and released as warez...


I'd be highly skeptical of running a warez version of my password manager.


That's good for customers who ultimately cancel. For those actually using the service it will be a worse deal.


Is it possible to pay for a subscription and use a local vault?

I've no problem with the business model, but I'd rather keep the data to myself.

Edit: Answered my own question

> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.


Yes it is. The new release even brings local vault to Windows.


From what I'm reading now, it seems like it's read-only. Only to get things from a vault onto their servers.

I still don't understand how the revenue model (subscriptions) necessitates the technical solution (cloud storage).


> From what I'm reading now, it seems like it's read-only. Only to get things from a vault onto their servers.

With 1Password 6 for Windows that is the case, but not with 1Password 7.

> I still don't understand how the revenue model (subscriptions) necessitates the technical solution (cloud storage).

It doesn't. But that is the recommended solution. You _can_ subscribe and use a standalone vault. But you're missing out on functionality that you're paying for that way.

Ben Woodruff

AgileBits


Thank you Ben. Yes, I get that. There's a subset (maybe 10-20%) of data that I can't (in some cases because of legislation)/don't want to put in the cloud, while the majority would be just fine. So, yes, I'd have to accept the compromise.

Thank you again, I have now acquired a subscription and version 7 looks very nice indeed.


> Is it possible to pay for a subscription and use a local vault?

Yes, with 1Password 7 this is possible. It isn’t the recommended situation, and we don’t advertise it, but it is possible.

Ben Woodruff

AgileBits


I've been happy with 1password as well, other than two times my vault would not unlock until I restarted my computer.

Making it seem like you lost access to all your passwords seems just below security issues as far as high priority bugs, in my opinion..

https://discussions.agilebits.com/discussion/82915/why-cant-...


I have two free password managers. Both iOS. One open source, and one just free. https://github.com/UCFirefly/Pythonista Or https://itunes.apple.com/us/app/dyfynderx/id1345759526?mt=8


This story is similar to mine. I really don't want to have lots of subscriptions, but I use 1Password sooo much, it is a clear winner for my money.


not just that there’s a cost to keeping this kind of software useful, for the subscription agilebits is actually adding value.

unlike say adobe.


I had purchased a bundle for Win/OSX/Android a while ago, several years, bu somewhere around 2ish years ago, I jumped into the subscription model to support it going forward. Worth every penny to me.


I at least partly blame Apple and the MAS being such piece of shit for accelerating some of the sub trends we're seeing on the Mac now. It's really such a genuine shame, because in principle the MAS really could be an excellent idea, a way to unify and simplify a pain point of Mac use and boost security at a few levels without a need to alienate anyone or not support anything. Instead Apple had to make it an artificially pointlessly limited collection of tradeoffs and mediocrity.

In particular AgileBits is right about the missing upgrade pricing system really being a bummer. To this day Apple's decision to remove that remains one of the most perplexing decisions of anything they did with the MAS (or iOS App Store for that matter). The basic idea of paying just for marginal value added since original purchase whereas new purchasers are paying for the whole package from zero is an efficient, sensible and sustainable one that has supported the software industry well since the very beginning. Ongoing support of software costs money, particularly when Apple has made it another principle of theirs to be aggressive about pushing the platform forward vs backwards compatibility. No upgrades (or volume discounts or anything else) is still such a mind blowingly stupid decision in every respect. It's forced developers to make some tough choices unnecessarily, and IAP and subs are one way to go at it.


I at least partly blame Apple and the MAS being such piece of shit for accelerating some of the sub trends we're seeing on the Mac now. It's really such a genuine shame, because in principle the MAS really could be an excellent idea, a way to unify and simplify a pain point of Mac use and boost security at a few levels without a need to alienate anyone or not support anything.

I agree. Many of the applications that have moved out of the app store (e.g. Dash) have also ditched sandboxing.

Going back to the situation where every application can read your whole home directory is a large regression.

(Of course, non-MAS apps can also be sandboxed, but many developers do not do it.)


1Password 7 for Mac is sandboxed, regardless of where you download it from.

Ben Wooodruff

AgileBits


I remember when developers gathered at one point and submitted complaints in unison about the sorry state of Bug Reporter (rdar) at the time. I never heard if Apple responded to this directly but the tool did receive an update around the same time. Developers need to rally again, e.g. submitting the same rdar from 400,000 different people, on the topic of App Stores.


There are at least two elements to software maintenance: one is adding truly new features, and the other is making stupid changes just to keep old features working as they always did (often due to platform or hardware changes, especially with Apple!).

I see Apple coughing up none of the costs that they create by regularly fiddling with their platforms and hardware in breaking ways, yet that is a big reason why software can’t be sensibly “bought once”. Now they’ve come up with a scheme where they not only don’t give developers discounts for maintaining software but actually take yet another cut.

Don’t judge developers too harshly.


> There are at least two elements to software maintenance: one is adding truly new features, and the other is making stupid changes just to keep old features working as they always did (often due to platform or hardware changes, especially with Apple!).

I'm OK with the model that VMware is using, at least on the Mac.

You buy version X, you have version X. Version X gets updates for some amount of time. Eventually, a Mac OS upgrade makes version X no longer work, so you have to pay an upgrade price to upgrade to version Y. There is no subscription, but there is regular income to the company to make the updates you describe.


I like that model, too, but at least for something like 1Password I can see two issues. You'll have people using older versions with possible security vulnerabilities. If you're using hosted passwords you have to deal with dealing with multiple versions of the client indefinitely (although, you'll probably have to deal with a bit of that anyway)


When you include the hosting service, having a subscription (since you're providing an ongoing service) makes perfect sense. In this case, so does also forcing the current version.


I agree that subscriptions make perfect sense for services (because servers, support, etc. cost money on a monthly basis), but the trend seems to be to create an arbitrary reliance on a hosted service as a way to justify subscriptions. Luckily 1Password hasn't totally gone that way yet, since they still offer standalone licenses for local vaults, but I feel like it's the direction they're going.


This is what this article is about. The App Store offers no mechanism for upgrade pricing, your only options are to 1. upgrade existing app (free for existing users) or 2. release a new app (full price for existing users).


Yes. I feel that, because of the currently constantly changing nature of hardware and software platforms, subscriptions are going to be the only way of sustaining a business. It’s no longer even software as a service, but software IS a service.

The only exceptions are situations where hardware and platforms change slowly or not at all. e.g. Single player video games (and even that is largely consoles), certain kinds of embedded, etc.

People are already becoming frustrated with all the subscriptions they have, though. People are “fine” with paying to maintain things like their home and car. The problem with software is that it doesn’t really “break” from use. Updating the platform and hardware around the software is what can break it. It would be like the pipes in your home are indestructible and never burst in winter, but they can explode when building codes update or the water treatment plant changes it’s equipment.


I hope that it's only a matter of time before people start turning their pitchforks at Apple, Microsoft, maybe Google et al who are the perpetrators of the majority of this platform fiddling that stops software from working.


Although it's been said that they will continue supporting licenses through their website, they have made this feature _extremely_ difficult to find ever since introducing subscriptions. I've been a loyal user of 1Password for a long time, and I think it's great software. I use it on both my Macs, as well as on my iOS devices.

However, hiding the non-subscription feature is silly. I do not wish to add yet another subscription (especially something so crucial as my what manages my passwords; I need [edit] it to work, no questions asked), and I would be more than happy to purchase a new license for 1Password 7.


Most of the HN users reading this thread do understand the difference between licenses and subscriptions. It may seem strange but this is not the case for the vast majority of the users. We have customers emailing us about having a 1Password account/subscription since before 2015 (when we only had licenses).

We originally started with offering both licenses and subscription as equal options. Here is how it looked: https://web.archive.org/web/20160420141241/https://1password...

There was a lot of confusion with this design because people simply had no idea what to choose. It is ridiculous but we had many hundreds of customers purchasing both.

The subscription is a better option for most of our users because it takes care of so many things:

- no need to purchase separately on every platform

- no need to learn the difference between iCloud and Dropbox sync, and why sharing is not possible with iCloud option

- no need to learn how to set up a shared Dropbox folder

- no need to worry about backups when your computer or phone dies

- and more

Many of our long-time customers still use licenses and are happy with the existing setup and we want to keep them happy. This is the main reason we keep the licenses going and releasing new version for Mac and Windows support for licenses and standalone vaults.


Honestly, I will be happy if you continue to support licenses vs. subscriptions as an option + syncing with the cloud service of choice (I use iCloud). My use case is pretty simple. I don't need fancy integrations. I just want an easy to use solution that protects my passwords and enables me to use it across my Apple devices...which is what my (licensed) 1Password 6 does wonderfully for me now, across two Macs, my iPhone, and my iPad. For that feature set, I am willing to fork over for a new license at major versions. I just don't feel comfortable making my password management dependent on a subscription. Also, I would be more amenable to a subscription for a small amount for the iOS app (as that is more of a convenience than critical to my workflow; I use 1Password on the desktop much more frequently) so long as I can still purchase a license for my computers [edit] and have all the devices work together.


Thanks! Sounds like you will be happy then :)


Yep! I just purchased the 1Password 7 license from the beta app, i.e. voting with my wallet. :)


The standalone macOS app isn’t going to be much value to me if the iOS app requires a subscription though.

1Password accounts seem like a very attractive target for something like Stuxnet. I just can’t bring myself to put my trust in a corporation, given the history of pivots & acquisitions and subsequent licence changes & data repurposing.


The iOS application doesn't require a subscription to use. It works just fine as it always has with standalone vaults via iCloud or Dropbox (and WLAN from a desktop).

On iOS, scroll down the list, you'll see an option on the welcome screen to create a standalone vault. You're not on a subscription doing this.

Already have a vault synced to Dropbox or iCloud? Tap the requisite option on the welcome screen and it'll suck the data in from your sync source of choice. Again, no subscription required.

Kyle

AgileBits


What is the future of dropbox sync between desktop and iOS? Am I right in assuming that since you keep only mentioning iCloud that it won't be possible? I can just decline to upgrade the desktop client, but I can't just choose to ignore updates to the iOS client.


We just recently, as of version 6.8 I think it was, updated the Dropbox SDK to work with their newest API version.

There are no plans to remove Dropbox support. Especially not after we spent an entirely non-trivial amount of time getting the SDK updated.

Kyle

AgileBits


Why can't you just turn off automatic updates?


I feel the same way and I'm starting to look towards alternatives. Despite having bought (or had bought for me, at various jobs) somewhere between 10 and 15 individual licenses, 1Password won't ever get another dime from me after the way they've treated non-subscription customers. In addition to making it confusing to use my license, the command-line doesn't work at all without a subscription and now other software that integrates with 1Password is being made subscription only.

Like you, I would have happily done a paid upgrade to 1Password 7, but a subscription to access my passwords is a non-starter. And after having been made to feel like a second-class citizen for so long, they've burned any good will I had for them and I'm done buying anything from them.


> I feel the same way and I'm starting to look towards alternatives.

Enpass[0] is worth a look. Free on desktop, one-time fee on Mobile, sync via the cloud provider of your choice. Also available for Linux, which is what drew me to it.

[0] https://www.enpass.io/


Hi there,

Could you give me some details on what we've done to make you feel like a second-class citizen? I'm sorry if we've made you feel that way, it certainly isn't our intent but clearly we've done something that hasn't sat well with you.

Licenses aren't going away and we are definitely offering them for version 7. There are a variety of new features that both license and subscription users will see in version 7 as well.

The command line tool was made possible because our server component was written in Go and so we had a great deal of the work done as the command line tool is also written in Go. So there's a great deal of shared code there.

The original intent of the CLI was to allow administrators to automate the creation and deletion of users and vaults. They do this type of stuff all the time and having a tool accessible to them for this purpose was a goal of ours. It has the ability alter items and all that but I think for the most part it's used as an admin tool more than anything. Very little of this applies to the way the standalone vaults work.

Either way, I'd love to understand more about what we did to wrong you so I can pass that information along to the teams that need to see it.

Thanks,

Kyle

AgileBits


Sorry I missed your message from a couple of days ago, but in case you read this:

The feeling of being a second-class citizen comes from recently purchasing a new computer and the process of getting 1password configured.

- First, the webpage. The 'Try it free', 'pricing' and 'get started' links all go to a sign-up page that makes no mention of the non-subscription option. To download the software, I had to find the little 'download' link in the footer of the page. Given that it's still possible to signup for the subscription service after downloading, I'd like to see a more prominent 'download' to both support people like me who have an existing license and people who want to install first and sign-up second.

- Second, there's the experience when first starting the app. It actually took me about 30 seconds to figure out how to connect it to my existing vault that I keep in Dropbox. The sign-up flow is so prominent. It may have been different if I'd installed my license before connecting my vault, but I keep my license in my vault, so that's a bit of a chicken-and-egg problem.

- Third, on my new computer I discovered the Station app, which seems like a cool way to separate my persistent, always open tabs from my normal browser tabs. It has 1Password integration, but uses the CLI client to accomplish that, which means I'm out of luck and stuck having to copy-paste my password every time GMail wants to reverify. Adding support for non-subscription to the CLI would mean a lot since it's used to integrate with other apps.

Alternately, if you'd like to publish developer documentation on the native message protocol used by the Chrome extension, I'm happy to write code myself. I've wanted a modern version of http://sudolikeaboss.com for a while, but reverse engineering your protocol crosses my not-worth-the-effort boundary.

None of this is major, but it's all the little things that contribute to the feeling of being second-class in the eyes of AgileBits.


Thanks for providing this.

Regarding your first point. I've filed this feedback to our team in charge of the 1Password.com page. I don't have much more than that right now but I generally agree with you. There are probably reasons for why we focus this a bit differently... Notably, if I had to guess, that paying through IAP (which is how they'd likely end up paying if they sign up in app) costs us a significant amount more and offers far less flexibility. Just one potential reason I think.

For the second. We've rewritten this welcome screen multiple times... turns out getting it right is incredibly difficult. I think we've gone through something like 50 different variations of this single pane now. I honestly don't have anything on in mind that I can share here.. it's both frustrating for us because we know people are confused by it, but we also aren't sure how else we can present that information that's going to be more clear. It's always a teeter totter, trade one thing for something else, but we lose something as well. I do appreciate you commenting on this though, I'll pass it along to the rest of the team as well.

Station is one we don't generally recommend using in this way... First the blog post where we talk about this general concept: https://blog.agilebits.com/2013/03/06/you-have-secrets-we-do...

Then the quote from it that matters most:

> We have to advise you to never enter your 1Password Master Password into anything that isn’t 1Password. We aren’t casting aspersions on the integrity or competence of any developers, but we simply can’t advise otherwise.

So our general stance here is, you really shouldn't enter your Master Password/Secret Key into third party apps. We can't vouch for it and you're basically giving Station full access to your data doing this. Entering it into the CLI directly is great, but.. Station is gaining access to this information which is the issue we generally have with suggesting this type of thing.

Adding support for standalone vaults to our CLI is... difficult. The 1Password.com server is written in Go. As is the CLI. We were able to make the CLI in super fast form because we could piggy back on the code we have for the server, move a couple modules over to a new project, write some glue, wah-la. The CLI also started as a tool for management of accounts... think adding users, deleting users, adding vaults, granting access, etc. Admin type stuff. Literally none of this applies to standalone vaults.

At best we could write a CLI (separately) as part of the 1Password app that is in Objective-C/Swift, since we could piggy back on existing libraries we have in 1Password for Mac/iOS. But I really don't see very many people needing this... would it be cool? Absolutely... but... I don't think there's this great demand for it.

Regarding sudolikeaboss, I think we'd ultimately like to see something like that again. But the way sudolikeaboss worked was incredibly hacky and it was bound to break because of this. We'll have to take a look at this for future updates, but I don't see sudolikeaboss coming back as a thing, perhaps we can do something internally though. There was simply no time for this for 7.0 though. But maybe it's a neat idea for 7.1 or 7.2... both of which have some already huge features planned.

So to kind of re-iterate a little bit. The CLI exists because it was super easy to glue pieces together from existing code. It's not like we set out to write this to stick it to anyone, we wrote it because we seen a demand for it by administrators who were on unix type systems and they wanted ways to admin their accounts. It gained some editing/using features as well but those came after. Interestingly the CLI talks directly to the server for this, it doesn't have a copy of data locally... it doesn't really have any idea about data formats and such.

And sudolikeaboss, while cool, wasn't an officially endorsed product of ours... that isn't an excuse for breaking it, but it also shouldn't be a huge surprise that it did break due to the way it functioned. I personally would like to see something similar in the future though.

Hope that helps some... I understand these are all important to you though and I hope my response doesn't dismiss any of that importance. I'm only trying to explain from our side so you can see thought process a little bit. You also don't have to agree with our decisions, and I'm not trying to convince you that we did the right thing. I just find understanding why we do something makes it easier to at least accept how/why something happened.

Please do let me know if you have questions though. I'll keep an eye on this for a few more days. Otherwise, please email in and mention me and I'd be happy to help get you answers.

Kyle

AgileBits


> We have to advise you to never enter your 1Password Master Password into anything that isn’t 1Password

Correct me if I'm wrong, but couldn't you re-use the plumbing that you have for the Chrome extension? The blog post was here: https://blog.agilebits.com/2017/07/19/introducing-native-mes...

That way, software could integrate with 1Password by triggering 1Password to prompt the user for the master password, choose a password entry and send that data back to the application that triggered 1Password. That way, the master password is never sent to anything that isn't 1Password. This was the workflow of sudolikeaboss. The implementation of that, however, was hacky since it used a reverse engineered websocket connection behind the scenes. It would seem that the native messaging stuff is a little cleaner and would allow third-party apps to trigger 1Password in a way that, at most, a single password would ever be exposed.

I guess the ask would be to make that native messaging protocol that the Chrome extension uses a documented and stable thing. And since the 1Password application is used by both subscribers and licensees, that can become the preferred way for 3rd parties to integrate with 1Password in a way that users know only exposes individual passwords at the single point in time when they're used rather than the entire vault, for exactly the security reasons you mentioned.

BTW...as much as I've felt frustrated by some of the decisions AgileBits has made, in the few interactions I've had with people at your company, everyone has always been the above-and-beyond type, as you've exhibited here, so thank you for the effort to engage in this discussion, likely long after others have stopped reading this thread.


There are a few security related issues with how we handle the native messaging stuff.

There are two important things:

1. We check code signatures and compare them against what we know and expect. 2. The more we approve for this the more it feels like we're screening and supporting the ones we do approve.

We have opted to remove all browsers except those that are mainstream (Chrome, Firefox, Safari and Opera). I believe everything else has been removed. We also don't allow this to be disabled, for security reasons, as of recent versions.

sudolikeaboss would also require that we add their code signature to the app and it breaks the new rule we have on that.

If sudolikeaboss ever came back, it'd be a home grown solution internal from us. It's the only way we could make this work I think.

Security is really tough. We didn't want to start feeling like we had to screen all apps and vouch for them. It's a really slippery slope. Maybe we'll find other ways to accomplish this though. There are indeed some .. plans.. that might actually really impact this in the future! We'll have to see what comes from WWDC this year before we make next steps though.

And thanks for the kind words. I like hacker news, I hang out here and read stuff during my lunch and stuff, so it's a pleasure getting to converse with people here. :)

Kyle

AgileBits


I've been very happy with bitwarden. It's free to use (and open source if you want to self host). They have a 10 USD/year subscription if you care to some premium features and/or supporting the company.

As a free user I've contacted their support twice and they replied within minutes.


I thought Bitwarden was super cool until I realized that the self-hosted version still phones home to their servers. Not to say that you couldn't fix that, I mean, the source is all available.

But shamefully, as it stands, "self hosted" for Bitwarden really means "host on your server, with our server's permission"

Reference (see "Installation Id/Key"): https://help.bitwarden.com/article/install-on-premise/


I agree they are burying the hell out of it, but as it stands licenses for 1Password 7 (which is still in beta on Mac & Windows) can only be purchased from within the client, as they want to test the order flow which was rebuilt in this version.

The Windows version of 1Password 7 still can’t be licensed, they haven’t built that part yet. The Mac version however can be purchased, and if you plan on sticking with it I would do so now, as the price will be much higher in the near future. Right now it’s being offered at 50% off.


Where is it on their website? I haven't been able to find it at all.


They mention the discount in this blog post: https://blog.agilebits.com/2018/03/28/the-1password-7-beta-f...

"Licenses will be available for $64.99 when we launch later this year, but are available now for only $39.99."


I just went through this - there's a tiny "downloads" link at the bottom of their page that takes you to https://1password.com/downloads/

I just went through this. Install v7, open it, unlock your vault, and it'll prompt you to try a subscription, with a tiny option below to just buy a license.


Thanks for linking it. I looked all over and didn't see it.


I have no idea why they insist on making this impossible to find.

Here are the license links:

https://1password.onfastspring.com/in-app/1password-7-for-wi...

https://1password.onfastspring.com/in-app/1password-7-for-ma...


Does this version support WiFi Sync with 1Password on iOS?


1Password 7 for Mac continues to support WiFi Sync with 1Password for iOS.

Unfortunately however, 1Password 7 for Windows does not offer the WiFi Sync. There's more on that here: https://discussions.agilebits.com/discussion/87524/on-wlan-s...


I switched over to Enpass (https://www.enpass.io/) not too long ago and it's been great. At the time (about 2 years ago), it had the best feature parity with 1Password and it's continually gotten better over time.


I have no idea why they insist on making this impossible to find.

Here are the license links:

https://1password.onfastspring.com/in-app/1password-7-for-wi...

https://1password.onfastspring.com/in-app/1password-7-for-ma...


I have been using Bitwarden for some time now. It’s an open source password manager. There are apps for all major platforms and extensions to all major browsers. Checkout https://bitwarden.com/


Interesting in that you can host your own instance of their cloud server, but I really prefer something that uses standard cloud storage mechanisms (Dropbox, iCloud, etc.) for sync and works on top of that.

Like others here, I'll probably be reevaluating my choice when it feels like it's time to upgrade. For me, some of the open source solutions are perfect as far as the underlying storage format and sync technology, but lack good browser extensions that already understand all the quirks of various sites. That's the kind of thing that a commercial product can tend to do a better job at.


I use Enpass for this, which uses any kind of regular cloud storage backend and has a fully-featured desktop client and browser fill plugins for free. The mobile clients cost money ($10 per platform, once) which I think makes perfect sense.


It's simple enough to do with some version of KeePass. I'm currently using https://keeweb.info/ and Keepass2Android.


I use the same. The only PITA is unlocking it with my, rather long, pass phrase. I just find it really fiddly on mobile.


You can get it to recognize fingerprints or a short version of your password if it's even been fully unlocked for the current phone session. It's a little fiddly and may not meet the level of security you're looking for, but it's an option.


I knew about the short password, but hadn't seen the fingerprint option - that's just what I need to make it "secure enough" while being usable!


What do you use to fill browser login/passwords? There seem to be so many plugins for keepass


I don't use any plugins. I just copy/paste, which if you're doing it from the app stores the copied parameter in memory for a ~15 seconds, after which it is flushed.


1password is also supported by many mobile apps (on iOS at least).


I've been an early adopter and really they are coming in leaps and bounds. The only complaint I have is that integration with iOS apps is very very spotty, but I believe that's an issue with Apple muscling 3rd-parties away from that field (and to a certain degree, an issue with developers not following best practices in their apps).


+1 for bitwarden. Recently I've become a subscriber because I love their service and I wanted to support them.


Looks awesome. The only drawback i see is it doesn't support iCloud.

Personally i wouldn't want to store my passwords with the same company that creates the (encryption)software.

And i definitely wouldn't self-host (why burden yourself with the management of data-backups/updates/etc. when iCloud is available for free...)


To be precise, their base software is Free software, licensed under the AGPLv3. The also distribute non-Free (and non-Open Source, and non-gratis) software.

Their base software has an artificial limit in terms of number of users and number of 'collections', which goes contrary to the ethics of Free software.


This is not correct. All of Bitwarden source code is 100% open source. Even the few features that are paid. https://github.com/bitwarden


How can this be an issue if their base software is open source? Just recompile it with the numbers upped, surely?


Gah, you're right. Their paid services and limits seem to be related to their SAS offerings.


Your passwords are stored on their server. You'd have to compile and run your own server, which is more expensive than the $1/month they're asking for.


So you’re paying for the service they offer: a hosted version. You do so because it’s cheaper than hosting your own. There’s no conflict at all with any open source ethic.


Yes, that's exactly what I was saying.


> You'd have to compile and run your own server, which is more expensive than the $1/month they're asking for.

For people like me that already rent a VPS for their mail and website the marginal cost is $0 except for the time it would take for me to perform the installation and setup.

If the system is good and stable then the "cost" of the time that I would spend installing it on my server would be close to $0 when divided over the amount of time I use the software in the future.


I think another plus of buying their service is your supporting development of the software and saving yourself time, while a critical piece of your security software remains open source.


> which goes contrary to the ethics of Free software.

No it doesn’t. Free software doesn’t have to be free: Even on the GPL page it’s written that it’s even ok to sell free software. It’s only unethical if you equate OSS to software communism, but that’s another topic.

So anything that encourages the user to either use the freemium, then either dive into the code or either pay, is ethically correct. After all, you can download their AGPL, knock the limit, and redistribute. At which point you’ll be a contributor and while you’re at it, you’ll probably make a few other improvements: it means effectively free for contributors, which is awesome. See, it articulates quite well gratis, contributors and funding.

It’s only designed to make enterprises pay, which is good because they can “donate” huge sums for good software, so it funds the open-source community quite well. And it retains the qualities of OSS: You know what you install, you’re not tied to the editor if he dies, and if they stop improving the software, a contributor can take over their code and become more famous. Win-win-win.


Boo, I was looking for something that had a cli and integrated with every browser as well as had an ios app.

I've not looked again recently but lastpass is the only thing I've found that fits those bills.



I saw all that but it looks like you've got to pay a monthly fee for full access for their cloud storage. Not sure its worth the hassle of migrating to in this case.


Asked my buddy what he was using and he pointed me to this: https://www.enpass.io

Seems to fit the bill a bit better. And might mean $12/year less though thats not a huge problem.


Maybe, but Bitwarden is open source, and Enpass is not. It's not important for people unless it is important for them, and in that case it's usually very important.


It's $1/month to support open source software. That's not a bad price. You can also choose to use their hosting for free too; I was doing that for a few months before fully adopting it.


I already pay lastpass $12/year. Not sure its worth the hassle to convert all my login information.


So remember when 1Password claimed it was superior to LastPass for only requiring you to pay a one-time fee and not storing all of your stuff in the cloud?

Good times.


To be fair, it still does all that stuff.

I get that these moves make people nervous, and rightfully so. But as it stands every version of 1Password in active development (not including maintenance mode):

* Can be licensed standalone.

* Supports local & Dropbox vaults.

* Was released within the last year, actively supporting those features.

The only feature they’ve actually killed off (by not baking into future clients) is WLAN sync. This is a regression for some, but personally I always found it super impractical.

I agree that how they are going about this doesn’t inspire confidence that these features will remain in the product, but to some extent it does.

While they downplay the hell out of it, 1Password 6 for Windows was a ground up rewrite that ditched local vaults and standalone licensing. Those features were reintroduced in 1Password 7 for Windows, which is a pretty big backtrack for them and requires renewed development effort.

AgileBits doesn’t always make the right decision. They develop opinionated software, like most good developers. However, just like the MAS-only decision they made with 1Password 4 and stood by for some time, eventually they do right by their customers.

1Password 7 for Windows is a great example of that. As much as they would love to go cloud only, they heard the feedback and brought back those two key features. At this point, I can’t expect much more than that.


> eventually they do right by their customers

Not in my experience.

I moved to LastPass the moment Agile Bits decided to not support its (non subscription) 1Password paying customers in having a web access to the vault.

I had bought all 1Password versions + updates (Windows, Android, Mac, iOS) which put me well above $100. One day I simply couldn't use 1Password online, which I relied on for Chrome OS use. Dropbox decided, rightfully, that the public folder shouldn't be used as a static web server, which is what 1Password used as online vaults.

There was a long discussion in Agile Bits' forums about this issue. Agile Bits argued that it wasn't its responsibility to solve this since it was a Dropbox decision and its users could still store and sync the online vault manually on their own servers. I argued that losing automatic sync rendered the feature pretty much useless.

In any case, Agile Bits could have transitioned its users to the subscription model by either giving them subscription time or by offering an alternative to the Dropbox public folder, but it decided that its customers were not worth the effort.

I had a lot of respect for Agile Bits and 1Password, but this was a crappy way to treat its customers, specially considering 1Password was not a cheap product.

LastPass is not as elegant, but I'm happy with it.


> every version of 1Password in active development...Can be licensed standalone

This is incorrect. The command line client is subscription-only.


Fair enough, I wasn’t familiar with this client.


The CLI and 1Password X require a subscrition and membership based vaults, correct.

Ben Woodruff

AgileBits


Are you sure they’ve killed WLAN sync??


1Password 7 for Windows does not have WLAN sync. If that is something you have a need for, we’re collecting feedback: https://discussions.agilebits.com/discussion/87524/on-wlan-s...

Ben Woodruff

AgileBits


They’ve announced it will not be built into the Windows client as they would have to rewrite it for the new codebase.

It’s still available for the Mac client, but they’ve essentially said they won’t be supporting it in the future.


How far into the future? 1Password 8?


They don't seem to have. It's still shown in 1Password 7's betas, anyway.


Thank you for the info. If anyone is here from AgileBits/1Password please chime in.


Sure. 1Password for Mac had WLAN sync implemented in version 4 there is no reason for us to remove it.

1Password for Windows is a full rewrite and the new codebase never had WLAN sync. We wanted to see if people really need it when we announced 1Password 7 for Windows: https://blog.agilebits.com/2018/03/20/introducing-1password-...

I think so far we had about 90 people expressing interest in it. For a product with over 15 mln customers, that is a very low number.


How many customers read your blog? That post has 225 comments. From that base, 90 people expressing interest in a feature sounds HUGE.

I don't care about that feature... but this HN thread is the first I'd noticed that 1Password 7 for Windows actually exists and finally brings back local vault support. I care very much about that. I'd have liked to know about that the minute a public beta landed. But... I spend approximately 0 minutes a day thinking about ways I could better engage with AgileBits.

Maybe y'all could spare some minutes to figure out how to better engage with me, a customer who gave you some money 3+ years ago and has hardly heard a peep from you since.


That is a real challenge. On one hand we love talking about 1Passsword and what we’re working on. On the other hand...

1) We often don’t even have contact details for customers (e.x. App Store purchases) 2) When we do have such contact details they may have only been given for the purpose of completing a transaction, and did not agree to receive a newsletter or ongoing communications 3) Even when none of the above is a barrier it is very time intensive to send a newsletter. Not only does it require a fair bit of time to craft but the volume of inflows to our customer support team after sending a newsletter are huge.

I understand and agree with your position that putting the onus of keeping up on what is happening at AgileBits on the customer is no solution, but we do have to balance the above considerations. We’ll continue to look for ways we can do better.

Ben Woodruff

AgileBits


Did you subscribe to our newsletter? We also sent an email about it.

Blog and newsletter are the only options we have to communicate with our customers. I agree that it is not enough and not everyone receives this information.

If you have an idea how we can make it better, please let me know!


Please add the ability to delete a single item from the Trash. This feature has been missing for a long time.


While I could understand people being upset about this, I pay for a 1password family subscription. It really is a terrific investment. As far as subscription services go it's about the best bang for my buck that I get. A sustainable service model is important for something I rely on so much - especially something that needs to keep on security lockdown.

Also makes it easy for the family to share hulu, netflix, whatnot.


I wonder if it's so much better than for example Bitwarden for families, which is $1/month. (https://bitwarden.com )

Also, the switch to the "1password cloud", instead of the already freely available iCloud/Google Cloud/Dropbox etc, just seems like a move to make people believe their expensive subscription are justified. There was absolutely no demand for a "1password cloud".

This entire push to subscription-hell makes me sick...

(i've had 1Password paid versions, OSX & iOS, for like 7 years btw.)


If you look at 1Password features, a lot of them are simply not feasible to implement without having a server-side component. Most of them revolve around sharing, permissions, automatic backups, account recovery, 2FA, etc.

Vault sharing is simply impossible with iCloud. Sharing with Dropbox requires manual set up of shared folders.


If you don't have a server-side component, you already have 2FA - your password and your non-syncing device.


This is a very good point that most people fail to understand. We get frequent demands to add 2FA to standalone vaults... the best we can do is try to explain.

Ben Woodruff

AgileBits


There was plenty of demand for a "1password cloud" as you call it. It's one of my favorite features.

I like that I don't need a Dropbox, Google Drive, iCloud, OneDrive, etc. subscription for 1Password to work. It's convenient.


I'd give them the $5 a month for a subscription but I want to host the data on iCloud.


You can do that. It is possible to have a subscription and also host a vault on iCloud.

If you only want to use iCloud then you might be served better with a license.


I just switched over as a long time standalone user, and I completely agree. The 1Password Families subscription provides a tremendous amount of value and the product just keeps getting better.


What value does it provide beyond the old family license pack + syncing of shared vaults via free Dropbox tier?


For families:

* Must simpler setup for sharing

* Permissions (read-only vaults, etc)

* Secret Key that is used in addition to the master password to better protect data stored in the cloud

* Account recovery (can be done by the family organizer for other family members if they forget their password or lose the secret key)

* Travel mode

* Automatic backups

* Individual item history

* Multifactor Authentication (TOTP)

* Mac, Windows, Android, and iOS apps included

* Support for Linix and Chromebooks with the new 1Password X extension.

In addition to that, sync is faster and more reliable. There is no worries about Dropbox/iCloud throttling when you set up a new device, etc.

1Password Teams and Business have additional features that build on top of that.


Probably nothing other than ease of use, but the old model isn't part of the equation for me. 5 bucks a month for my whole family to have good password security practices, and for 1password to sustain continuous updates, is a great deal.


Something as critical as "password infrastructure" should absolutely never be a subscription model. Pay software, sure. But by no means should anybody other than you have the ability to refuse access, especially some company where you are nothing but a $5/month number.

I would be more forgiving if the subscription was for value-added features, like dynamic syncing, or remote encrypted storage. But it ain't.


Dynamic syncing and remote encrypted storage is exactly what 1password subscription gives you - I add something and it's available on all my devices right away (or my family's devices if I'm sharing it). There are tons of open source options out there if you're not looking for a paid/hosted option.


> or remote encrypted storage

That’s a key component of a 1Password subscription, they host your vaults and handle annoying details like access control, etc.


If remote services were an add-on, and nonpayment left your clients still able to use the program, I see no issue. That's not what happens. You're locked out of all your stuff on nonpayment for the "subscription".

This trend of subscription-ifying is horrifying. It's turning users into digital sharecroppers, for a guaranteed line of money. And 'easy-to-import, hard-to-export' is the modus operandi for these companies.

Sure, I'll take the karma hit. I already have with the prior post here. Evidently, people seem on the most part OK with allowing their personal data be trapped behind subscription paywalls... Well, they're OK with it until they're not.

EDIT: Lets make this crystal-clear what my complaint is:

> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.

No Pay, Forget to Pay, can't afford == FUCKED.

Long story short, they hold your data hostage for the "New and Improved Business Plan".


This is not true. You're not locked out.

From 1Password:

  Your data is yours. Even if you cancel your subscription and your account is frozen, you can still sign in to 
  1Password.com or in the apps to view and export your data.


At first, they're not a monopoly, people who worry about that could easily use other open-source and probably less convenient solution. Secondly, after the subscription ends the apps simply go into read-only mode. You still have access and can export all of your passwords.

We may argue about it but the most expensive solutions are still the most consumer-friendly.


I completely disagree. If it is critical then it requires constant monitoring and regular updates.


I really like 1Password, it has been my daily driver for years. The creators gifted me versions for macOS and iOS years ago, so I never had to pay for it - which I would have done happily and, in fact, just recently did.

But the push to the cloud versions gives me headache. I don’t want to sync using their cloud - I actually sync using a WiFi server. While it’s (still) possible to obtain the standalone versions, it’s difficult to find them. And I expect that in a few years, they’ll be gone completely.

I am looking into Bitwarden at the moment as a self-hosted alternative but I haven’t decided yet.


It's worth noting (and not super obvious because of their marketing) that "getting a subscription" and "using their cloud sync" are not a mutual requirement. You can pay via subscription and continue using local/Dropbox/etc vaults.

This part was super confusing to me until I dug deeper when a friend upgraded.

So the primary impact of switching from standalone license to subscription, if you're planning on using 1Password for a while, is that instead of paying a larger chunk of money every so often when they drop a new major version, you move to paying a flat couple bucks a month or larger chunk per year.


The developer's comments on the article contradict what you're saying:

> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.

> As it stands, though, how you purchase 1Password is intrinsically tied to where you store your vaults and how you sync them


If you download 1Password through our website instead of the Mac App Store you can indeed use a subscription with standalone vaults. It isn’t the recommended configuration, as you’re paying for features you can’t use, but it is possible. We intentionally don’t talk about this in marketing as in the past it has caused a lot of confusion, particularly with less technical users. HN is obviously a different audience, and we can talk about that here.

Ben Woodruff

AgileBits


It's super frustrating how vague and contradictory they're being about this :\

I understand why they're subscription-only for the mac app store, as a way around its insane lack of pricing flexibility. Makes sense, fully support, etc. But they seem to be continually pushing the non-cloud options further and further away from visibility :|


Late update: I asked on twitter, got an answer: https://news.ycombinator.com/item?id=17115334

Subscriptions will only support cloud sync, not local.


Sorry for the confusion. This is simply incorrect and I need to hunt down who is saying otherwise and get this fixed on our end.

If you have a subscription you can create standalone vaults outside of your subscription and sync those using iCloud, Dropbox or WLAN sync if you wish.

This behaves the same in version 7 as it did in version 6.

Kyle

AgileBits


The first reply on the top comment of the official blog post says "1Password 7 from the Mac App Store will only support our hosted service" so you should probably start by correcting that...


Thanks, looking into addressing that now.

Kyle

AgileBits


I get the impression that anything that is not on the agilebits cloud is legacy and they will eventually stop supporting the other options bit by bit, despite what they say on HN forums.

I understand the attraction, from a software development standpoint it's much easier to make everything work well when you control the server and client software together.


This. The writing is on the wall ever since the subscription model hit. I'm holding out until stuff breaks, and then I'll transition to something open source for my very modest needs.


Thanks for pointing that out, that was, indeed, not clear to me either. But I expect this will change at some point, for the sake of simplicity for end users. Giving up security for convenience.


I doubt that, personally, because of exactly the reasons you and others are noting in this thread.

Especially in a world where they successfully convince everybody to pay a monthly subscription, the effect of losing every user who wants local vaults would be an immediate visible blow to their revenue stream.

Their goal in moving to subscription services seems less driven by simplicity and more with making that revenue stream more predictable. But whoever runs the marketing side of the house decided the best way to pitch the change was by saying how great the cloud hosting was, and looking around at these comments I hope they realize their error.


So I asked on Twitter, got an answer: https://twitter.com/1Password/status/998337650380738560

Assuming that's correct (since the blog post still strikes me as vague), the answer is clear in their reply: memberships are exclusively cloud, standalone licenses are exclusively local backups / sync.


I’m currently using the 1Password 7 beta with a subscription and no standalone license. I have one vault that is stored in Dropbox and another that is just local.

I have no idea why they’ve decided to handle what they’ve called out elsewhere in this thread as an “advanced feature” that won’t be going away by lying about the feature not existing.

It seems so weird because their subscriptions work exactly how I’d want them to work, but all their public statements actively prevent people like me from knowing that.


Yeah, if it is (and stays) like "memberships get all apps + cloud sync + can still use dropbox sync" I'll happily switch. But I've asked them this question like 4 or 5 times now, and each time I've gotten a slightly different answer.

It's completely ridiculous. And it's burning trust, in a fairly inherently distrustful crowd like you get when you're in the security / crypto field.


I'll clarify for you then :) I'm a developer on our Apple team (Mac and iOS).

If you purchase a subscription you can create standalone vaults and sync them to Dropbox, iCloud, WLAN or Folder just as if you had purchased a license. You'll have both an account (which has vaults in it) and standalone local vaults that can be synced as above.

This is how it behaves in version 6 and nothing has changed with this in version 7.

So if you'd rather have a subscription AND just use standalone vaults you're welcome to do that.

Not however that this may not be true for Android or Windows. I'd have to double check with those teams as to how they do it but at least with regard to Apple platforms this is a viable option if you so choose.

I've brought this topic up internally and hope that we can all be on the same page. My suspicion is that someone from a non-Apple side of the company is answering these. It's tough because our Windows and Android apps are still trying to play catchup with Mac and iOS, so they may not do things that Mac and iOS do.

I do apologize for the confusion though. That said though you can take my answer and trust it. If you have questions though please reach out to our support and mention me specifically (Kyle) and they'll get you in touch with me.

Kyle

AgileBits


Android is important to me, so I'm still curious there, but yes! Perfectly clear.

At least on Android it's fairly easy to make a new IME and just use my background dropbox syncer, so I have a backup plan if needed.


Only one standalone vault is allowed for Android, it doesn't have multiple vault support.

However if you have an active subscription to 1Password.com it will unlock the Pro features for that single standalone vault. So it behaves similarly to how 1Password for iOS does in this regard. The difference is that 1Password for iOS supports multiple vaults.

Hope that helps!

Kyle

AgileBits


I've used 1Pw local sync for years, and it's very finicky. When I've contacted support, they only offered suggestions like "restart the app", or "upgrade to the latest version" (even though there's nothing in the changelog which seems possibly relevant). Some days I'll add two new passwords, sync to my other Mac (multiple times, even), and only one of them is transferred.

The move to their own "cloud" as the primary sync system pretty much ensures other sync methods will never get properly fixed. I wouldn't have recommended 1Pw to people looking for non-cloud sync in the past, and now I definitely wouldn't.


As a counterexample: I've been using dropbox sync for years, 1000+ passwords, only ever had one problem due to a conflict ("lost" password I made on mobile, resolved by picking the right conflict-file in dropbox).

That said, I refuse to use cloud-stored browser-accessed password managers, and it's looking more and more like they're pushing for that to be the only option. Not there yet, but oh boy are they pushing it down into the deepest corners of the website.


> I've been using dropbox sync for years

> That said, I refuse to use cloud-stored browser-accessed password managers

There seems to be a disconnect here?

Ben Woodruff

AgileBits


Not even slightly. Encrypted at rest -> who cares where it is stored or how it's synced.

Desktop app: I can stop updating, firewall the app, use offline, airgap a computer, I have many options for reducing my attack surface.

Website: I have literally no way of locking down a version, possible-but-I-haven't-seen-it to be notified of changes (but likely not block them), and it would be rather trivial for the site to ship new JS that simply uploads your password once entered.

Not that I think you are. I assume you'll approach that with the same level of care as you've given your apps (which has been fantastic). But I do think that you're a gigantic payout if someone successfully breaks in. Why should I throw my eggs into such a large, internet-connected basket?

---

For comparison, injecting a malicious update into the apps to do the equivalent of a trivial, invisible JS change means: 1) getting a change into the binary (maybe they brought their own tho), 2) breaking into your app-signing system which is hopefully among your most-secure locations[1], 3) distributing the app to both customers and employees with a visible update notification, and 4) not getting caught before I download it. For each app. Websites are far, far easier to take control of.

[1]: I'm not aware of any server-side security-oriented frontend-web stack which would mitigate this in the slightest. I hope there is though! I'd love to read up on it if anyone knows of one.


Hi Ken.

It is finicky! There are multiple components outside of 1Password control when you are using Dropbox, iCloud, or WiFi sync.

We do our best to find, troubleshoot, workaround these issues. We have built an entire Troubleshooting and Diagnostics utility just for that: https://support.1password.com/diagnostics/

For the majority of users sync with third-party services works well. However, there cases when it gets finicky.


Hi Roustem!

I don't use any third-party services. I use what 1Pw calls "Folder" sync, as it's the only non-cloud method available. 1Pw on Mac #1 saves a binary file to disk, and 1Pw on Mac #2 loads that file from disk. There's no components here out of 1Pw's control. Sometimes, 1Pw simply doesn't write the file on Mac #1, as I can tell by the modification timestamp.

I ran 1PasswordTroubleshooting.app, and sent in the 400KB report it generated. The response I got from tech support mentioned nothing about what might have been found in that file (or what they expected to find, which could prevent data from getting from the application to the filesystem). They simply gave the usual spiel about restarting/upgrading.


> So the primary impact of switching from standalone license to subscription, if you're planning on using 1Password for a while, is that instead of paying a larger chunk of money every so often when they drop a new major version, you move to paying a flat couple bucks a month or larger chunk per year.

One thing that is not clear to me is what happens with the subscription license if you go a long time without internet access. With the standalone license, it checks the validity of the license when I enter it, and then I'm good as far as I've been able to tell forever more.

If I take a laptop with a 1Password subscription, fully validated and synced, and spend 6 months with no internet access, will 1Password continue working?

Remember, 1Password is often used for more than just internet passwords, so wanting to use it with no internet access is not unreasonable.


I'm surprised that no-one on this page has mentioned PasswordSafe (https://www.pwsafe.org). Open-source, supports cloud (Dropbox and iCloud sync) and local storage, available on Windows, Linux, Mac, iOS and Android, and has good pedigree (Bruce Schneier). Gets regularly updated.

I've been using this for years across multiple devices and O/S. A real lifesaver.


> If I take a laptop with a 1Password subscription, fully validated and synced, and spend 6 months with no internet access, will 1Password continue working?

Yes. Obviously it won’t sync with your other devices until you restore connectivity.

Ben Woodruff

AgileBits


> While it’s (still) possible to obtain the standalone versions, it’s difficult to find them. And I expect that in a few years, they’ll be gone completely

They mentioned somewhere on their site (I don't remember exactly where...it might have been in an answer to a question on the forums) that one of the points of 1Password 7 is to bring the standalone versions up to parity with the subscription version.

Right now, standalone and subscription are essentially different products, with all new feature work going into the subscription product. With 1Password 7, they become essentially one product with different licensing options.

It sure didn't sound like they plan to get rid of standalone.


Every release of 1Password includes both subscription and standalone features. The download is available here: https://1password.com/downloads/

We always try to implement the new features for both standalone and subscription customers, when it is possible. There are features that are based on the server doing the heavy lifting (permissions, travel mode, account recovery, backups, item history) and they are not available in the standalone mode.


Can I pay for a subscription and store my passwords locally?


Yes. In advanced mode you can create vaults outside 1Password service.


But the push to the cloud versions gives me headache. I don’t want to sync using their cloud - I actually sync using a WiFi server.

But it has nice benefits as well, they have a Chrome/Firefox extension (1Password X) that goes with their cloud that works on Linux. Understandably, it would be harder for them to offer this on top of Dropbox or Wifi sync.


There's no requirement whatsoever that 1Password X be exclusive to a privately-run cloud. Easier to build, possibly (though since it includes the difficulty of building the cloud service in the first place... oh hell no, 100x harder), but it could work just as well with manual syncing (point to a url -> download the backup, or just give it the file).


Implementing things is not the hardest part. Supporting customers is the hardest part. Things will break and with manual syncing support is going to be a nightmare.

Also, syncing is never easy.


My point is that it doesn't need to sync. Ignore syncing. I'd even prefer to download and upload the backups by hand, rather than put it all in someone else's control in a browser environment.

Cloud password systems are like running all your security-sensitive code in an Electron app - an impossibly large attack surface with many significant flaws in some of your most-sensitive use. It doesn't make sense if you care about security at all. At least extensions are moderately well sandboxed compared to websites (since it'd be trivial to ship new javascript from their site).


> Ignore syncing

Try building a password manager that doesn’t sync and let me know how sales go. :)

> Cloud password systems are like running all your security-sensitive code in an Electron app - an impossibly large attack surface with many significant flaws in some of your most-sensitive use. It doesn't make sense if you care about security at all. At least extensions are moderately well sandboxed compared to websites (since it'd be trivial to ship new javascript from their site).

You are correct in that the web browser is a very hostile environment. We're working to minimize what tasks need a web browser, and have already got it such that the entire sign-up flow can be completed in-app at least on iOS.

Ben Woodruff

AgileBits


> Try building a password manager that doesn’t sync and let me know how sales go. :)

Well... 1Password arguably doesn't sync (until the cloud stuff). It stores files on disk, dropbox syncs it behind the scenes. Given my backup size vs how often I change it: I honestly wouldn't care if it were one blob that were uploaded / downloaded at once for every change, rather than all the small pieces it does now (I assume this is to speed up sync (by a ton)? It's also a major source of sync conflicts that lose data, since dropbox will store both copies on conflict (minus bugs), so it's a horse apiece).

So it works pretty well, apparently. See also KeePass* and many other local-only password managers which people sync via scripts / dropbox / etc. They're doing fine, though 1P is dramatically better than the competition and I'm plenty happy paying for it.


1Password X is an extension that is sandboxed. However, default sandbox is not enough. We also spent a huge amount of effort on its security model. Here is more information about it:

https://support.1password.com/1password-x-security/


If you are looking for a standalone version of 1Password then it is exactly the same version: https://1password.com/downloads/

We do not make two different versions of the app.

More

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: