It looks like July 1 is the inevitable day when 1Password 7 (or more specifically the classic browser plugins) will stop working. I won’t be upgrading to 1Password 8. People have discussed various reasons here before but let’s just leave it at my interests and those of Agile Bits are no longer aligned. Other than a short foray at the beginning with KeePassX, I’ve used 1Password for more than 10 years and have accumulated roughly 700 entries of various types in the database.
So, time to find an alternative. My main needs are:
macOS and iOS applications that feel like they belong on mac and iOS
Ability to export data for future migration (no vendor lock-in) - CSV or other appropriate formats.
Sync between devices without mandating the company’s sync services.
Local vaults and ability to sync over wifi or iCloud
Smooth browser password filling. Support for Safari, Chrome and Brave
Ability to generate and fill one-time passwords. Yeah a separate authenticator might be more secure, but the 1P approach takes the friction away and consequently I enable 2FA on just about every service I can.
Some variety in entry types. I’m currently using logins, passwords, credit cards, wifi routers, software licenses, secure notes, identities/adresses in 1P
Ideally evidence of independent security assessment or disclosure/explanation about security algorithms and practices practices.
Regular updates to support new OS releases
Ideally a one-time purchase option but I could probably tolerate a reasonably-priced subscription model for the right product.
Password generation capabilities with control of the generation rules (length, complexity, memorable etc)
Reliable 1Password data import (.1pif format)
This will be for personal use only. I don’t need any family/team capabilities. I’m fine with (well-written) Electron apps as long as performance is good.
Apple’s built-in password manager still seems a bit limited to me so I think a third party solution will be needed. I haven’t got as far as installing and testing any of these yet but the following look to meet most of my criteria:
iCloud keychain is more limited than most of the options in this thread, but I found that it was good enough for what I needed. In case anyone is wondering about it, I found Simon Støvring’s instructions on moving to iCloud from 1Password very helpful. He also goes into the pros and cons of doing this and there’s a link to a shortcut that directly opens the passwords pane as though it is a separate app.
Bitwarden may be Electron on the Mac but works great on iOS/iPadOS so I wouldn’t dismiss it over the fact that it’s not entirely native on the Mac (but then again I don’t see major issues with that as its extensions work across browsers just fine).
I moved from Dashlane to Bitwarden about two years ago and have not looked back since. It meets most of the requirements on the list above, and it’s free but has a reasonably priced annual subscription for those who want to support it and get a few extra features.
I moved to iPassword 8, but am watching this thread because of the rough edges. If something else out there is good enough it’ll be worth the switch. The problem is that 1Password was basically perfect and crushed most of the good competition, LastPast crushed themselves with their hack, and now that 1Password is getting less good it seems like there are no other good options left.
The rollout of PassKeys is likely to shake up the password manager field. If Apple, Google, and Microsoft decide to play nice and create cross platform utilities with the ability to easily export & import passwords/passkeys it may be game over for some developers. Especially the ones that offer free/one time purchase apps.
@just1more, I see that you have listed twelve highly specific needs for your next password app. My recommendation to you is to upgrade to the latest release of 1Password. You sound like a very picky person and I doubt you’ll be happy with anything else. On the bright side, it is also the easiest path for you to follow! You’re just going to have to bite the bullet and make every effort to re-align your interests with those of Agile Bits.
Sure. Your hardware may be obsolete before passkeys become the primary method of authentication, if that even happens.
As I see it most people today don’t use password managers, and if say Apple or Microsoft were to create a cross platform solution most people who use both would have no need for one. And those that do would probably need advanced features. So devs face more competition in a smaller market.
As far as the rest, I don’t see how a developer can afford to maintain an app that requires constant attention and sell it as a one time purchase, for a price that people would accept. And I don’t trust free pw managers.
Thanks @tomtom. I’ll look into this too. I think iCloud keychain will be a decent solution for most users. Apple will get the basics working reliably and probably be content with that. It will be fine for 70% or more users but I suspect most MPU people will want more
I agree @WayneG but it’s taking much longer than I expected. Not of the popular sites I use regularly have Passkey support yet. I’ve been watching WebAuthn/Passkeys since about 2019 since it’s highly relevant to my work. We did a proof-of-concept implementation this year with our product and have concluded it’s still not ready for prime time - at least not in our context.
It will be awesome when it’s widely adopted. It’s about the only technology I can recall that delivers improved security AND a better user experience.
Picky… probably. I prefer to think of it as being clear about what I want. Agile Bits have chosen to go after enterprise customers as their primary market. That’s a perfectly legitimate business decision for them to make. But it also means less focus on their traditional market. It’s good to have options and it’s time for me to review them.
Once Passkeys are mainstream anything that still relies on username and password is going to seem antiquated. I think there will still be a role for password managers (perhaps they become Passkey managers) but people who don’t use them (the majority) should be much better off in terms of security. Fingers crossed anyway.
“Electron is an open-sourced framework for building Desktop GUI applications using web technologies.”
Some people don’t like it because it’s not native to the Mac. Others because they say it consumes too many resources. Still others like me don’t care as long as the program works as advertised. Electron is used in a great number of cross platform apps. For example, 1Password is written in Rust with an electron based UI
IMO if you are happy with BitWarden its use of electron is not a reason to change.