I have zero problem with giving AgileBits money on a regular basis, especially for this sort of software. Good cryptographic software is worth paying for and they’re not charging a lot. BUT my biggest problem with a subscription model for 1PW is that If they’re purchased or go out of business or discontinue their product or whatever, an essential repository of my most valuable data can become inoperative overnight. So the paradox is that 1PW represents a class of software that I have no problem supporting with ongoing payments while also being a class of software for which the subscription model is exceptionally risky.
1 Like
Really? How often has that happened?
I understand and agree. I have chosen to move my data out of 1Password, not because of their subscription, but in order to continue storing my password data locally on my Mac, accessing it via a native Mac app.
Broadly speaking, I’m in the same boat. I’d happily pay a recurring license fee for their stuff either way if they said that’s what they needed. It really ticks me off though that they completely removed support for local vaults. I’m with you - I like having my data. And when I first bought 1PW, it was possible to actually put your entire vault on a flash drive so that you could access it securely on any computer. Their current “emergency kit” incarnation is “have a piece of paper with our secure access key”.
Very infrequently, but it would be interesting to know how often 1PW requires a connection to “phone home”. I’m thinking of stories I’d heard about subscription iOS apps “expiring” when people wind up being off the grid for an extended period of time, even if the app is paid up for a year. The app couldn’t phone home to check in, so it expired.
2 Likes
With 1PW exactly no times. With other mission critical software, once was enough.
I want to be clear: I really like 1PW and AgileBits seems like a great company that I want to support. I purchased their products at full price and I would love to support them going forward. I don’t think that they’re behaving unethically, but I would like to see them address this potential failure mode, one they’ve introduced by pushing their new service model.
1Password provides the ability to export all of one’s data to text or CSV, which works with the cloud-based subscription product (which I’ve had since it launched) while the machine is offline. No surprise — the password data is cached locally.
Beyond that, I believe it is unusual, if not unreasonable, to expect a consumer product to provide what essentially amounts to a dead-man switch: “If we go out of business we promise to make sure you get your data”. That sort of promise isn’t worth the electrons it’s displayed with.
I initially baulked at electron but having looked at the alternatives I am now happily running 1P8 on my Mac with no issues at all.
As pointed out the daily use of the actual app in negligible so not sure how much the electron thing is a real concern.
I happily pay for a subscription I use 1P cloud based vaults and have done for a long time. Personally I would rather use a dedicated service designed with security in mind than trust myself to handle this/ anyway isn’t syncing through Dropbox just another cloud service?
Use it or not, move elsewhere or stay that’s the beauty of a free market. Choice
Oh and it’s strange how many tech savvy people kick up about electron yet VSCode is the number one choice of most coders and it’s electron!
4 Likes
It is. The thing I have a problem with (and I still use 1Password, despite this) is that putting it on their server means that you have to have a special, 1Password-assigned key that you can’t change, can’t memorize, and without which your data is completely inaccessible in an emergency.
The old “I’ll come up with a really good password, and trust that” method is what I much prefer. Using that method I could use Dropbox, or iCloud, or whatever and I’d be fine as long as I memorized my master password.
I can’t recommend 1Password to my friends & family with that other restriction in place.
1 Like
1Password wouldn’t be nearly as valuable a product without the secret key (or security via circle of trusted devices, which is nearly the same thing.) It’s not just there to be annoying when you drop your phone in a lake. I understand how that makes it a difficult recommendation for friends and family who prioritize security below convenience.
The questions about how long offline caching lasts, and how often the app needs to phone home to continue allowing offline access, are good ones—I hope to have an answer soon.
As far as protection against the company disappearing, paper is probably best. I would be surprised though if a bankruptcy judge allowed the product to shut down in a self-destructive way. In a world war 3 or massive solar flare situation, all bets are off, of course, regardless of digital security strategy.
I agree completely, and understand the reason they need that secret key if they’re putting the passwords on their server. It adds significant value.
The tradeoff you mention is - I believe - the default for the average end user. I have a hard time getting friends / family / customers to remember iCloud passwords though (which they use somewhat frequently), much less stuff they’d use once in a blue moon. It’s amazing how often the conversation isn’t “where did I note that password”, but rather “how do I reset it?”
Thankfully I don’t know this next person I’m talking about, but I even saw somebody talking about crypto and hurling expletives about why it’s unconscionable that the people who designed crypto wallets didn’t build in a password reset mechanism. 
I’m assuming that 1PW’s new target market is now companies where noting of keys can be centrally managed and mandated by management.
2 Likes
Believe me, I understand the trouble. If I had a relative who needed secure credentials management, didn’t understand how to use it, but would actually remember to use 1Password, I’d probably set up the account so I also had access. Companies and families have similar UX—companies don’t centrally store the secret key for their users, they just have another logged in user do account rescue for the locked-out user, and in the process that person’s secret key is set up again on their devices.
I bet, though, that such a person is capable of understanding some of 1Password’s end-user-focused documents. The one about the secret key is really good, for example! There’s some technical language about entropy bits, but everything at the top is just focused on getting people to keep their emergency access PDF/printout. Signing into new devices is mostly handled by the UX on each client (asking for a QR code scan, etc.) so it doesn’t need to be referenced often.
https://support.1password.com/secret-key-security/
My guess is that there is a narrower and narrower group that is capable of using specialty software by themselves, that can’t learn one or two new concepts in order to do so.
1 Like
It’s a case of damned if you do damned if you don’t. If 1P did not offer a security key they would get slated for that!
I store my secret key in a DEVONthink database without any qualms really.
1 Like
That presumes the conclusion though - that the cloud is what a user wants. 1PW has made it pretty clear that the key is necessary because of the move to the cloud - not just an additional enhancement across the board.
This is reflected in their decisions regarding their non-cloud product. Until this last year 1PW has offered a product with local vaults, protected by a user-created password. No separate 1PW-generated security key. And as far as I know, nobody was upset about the lack of that key on their local vaults. This year they’re removing local vaults entirely, which forces all the users to move to the cloud (the complaint that started this thread 
), which is why the security key is necessary in the first place. Without the forcing of 1PW’s cloud, the security key isn’t necessary.
Wouldn’t you have to additionally (instead of the secret key) remember the credentials of your syncing service of choice?
Without shared vaults, the key, as a separate entity, wouldn’t be necessary either. A key is, of course, necessary for the encryption algorithm but it could be derived from your 1 password for a single-user vault.
I don’t think so. Assuming that you have your vault data local and that the syncing service is only used for syncing (as is the case with local vaults), then you could safely store your sync service credentials in 1PW.
I prefer to say the secret key isn’t required. When using a local vault it is up to the user to create a long complex password for the 1PW vault. It is also their responsibility to select a reliable syncing method and secure that with a long complex password. If the user does a poor job of selecting passwords or syncing method and their vault is breached they have no one to blame but themselves.
IMO, when we “partner” with Agilebits and use 1Password.com the secret key reinforces the security of even weak passwords. Which is good for both parties.
No it sets out their business model, if they have it wrong people will leave at a rate that makes the product unviable, if they have it right that will not happen. What is right for one is wrong for another, again I say again it’s just a matter of choice. Choose to use them or not, they have the right to pursue their own business model as do most/many of us. Some of course do not.
Or you could use a second password that you’re capable of remembering. That’s what I did for iCloud syncing. I have my Apple password memorized, along with my 1PW main password.
Yes, a secondary key could conceivably be used for local vaults - but 1PW has never offered that as an option in any version - which would seem to indicate that they either don’t think it’s a substantial benefit, or that they thought the user inconvenience outweighed the benefit when dealing with local vaults.
This is the part I’m replying to. The necessity of any given user having the key in question is because they made a previous business decision to discontinue support for local vaults in favor of their own cloud. And I’m not sure that “damned if you do, damned if you don’t” applies to that. What consumer backlash would there have been if they’d continued offering local vaults as an option?
And to reiterate, I agree that they have the right to make whatever decision they want. I just find it very hard to believe that they had to abandon a local storage option, as their company communications seem to indicate.
Sorry to all, but I have just tried out the new 1PW extension in Safari on my iPad. At NO MOMENT was I told by the upgrade text ( still on v7 mind you) that I would now get the following message when trying to connect to a forum web page I follow
QUOTE
Sorry Stand-alone vaults are no longer supported, to access you need a 1PW account
UNQUOTE
And if I follow the link I now NEED A SUBSCRIPTION.
Is this ethical in any way??? I started the thread and I have fallen into the trap myself….
And now my vault will no longer sync via Dropbox as usual. HIT AND SUNK by Agile Bits Software.
I will not only change my password manager, I will unsubscribe to any podcaster that even dares to recommend these guys….