Could not disagree more. I used 1Password for years and the things I miss are very, very minor and BW has already added several features I like since I started using it. I don't regret switching at all.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
1Password 8 for Mac Released With New Design and Features
- Thread starter MacRumors
- Start date
- Sort by reaction score
Could not disagree more. I used 1Password for years and the things I miss are very, very minor and BW has already added several features I like since I started using it. I don't regret switching at all.
Yep:
Keep your secrets & passwords safe and secure | 1Password
They have posted the results of their security audits. There is also a (VERY LONG) document that goes in to great detail on how data is secured on the client, on servers, and in transit.
Honestly, I tried 1password 8. It's very cool. I understand the frustration about the subscription model. I pay for it because my use of 1password is 10x worth what I pay monthly.
But what I don't understand is this whole "it's electron.. boo" thing. One of the most greatest apps and editor of all times, which is VS Code, is entirely built on Electron. And it is one of the most fast and lightweight apps on my mac.
Perhaps at least you should try the app before complaining?
But what I don't understand is this whole "it's electron.. boo" thing. One of the most greatest apps and editor of all times, which is VS Code, is entirely built on Electron. And it is one of the most fast and lightweight apps on my mac.
Perhaps at least you should try the app before complaining?
"One hack" is a gross exaggeration. Even if someone hacked the 1Password servers, all they would get is a blob of data. The actual passwords are encrypted (and each vault is separately encrypted, so a hacker would need thousands of encryption keys, which consist of two separate parts.)Because the money people that basically own 1Password now:
1Password Closed a $620 Million Series C Funding
1Password, a password management platform, closed a $620 million Series C funding, raising the company's valuation to $6.8 billion.thinkremote.com
Gotta Money...
But to be fair, now that the Electron app called 1password 8 now stores all passwords in the cloud we are only ONE hack away from totally password breaches.
! cool !
by which I mean,
Secrets and Apple Password, a great alternative to 1password.
It is fine if you don't want to use 1Password for any reason. To each is their own. But making baseless claims about their security isn't helpful.
The only thing gross here is the forced move of passwords to a central server.
Hate to say it, but once 1Password 7 stops functioning, I'll be moving onto a different product.
I could [barely] tolerate a subscription-only payment plan if the app is great, but removing the option for a local-only vault is the ultimate dealbreaker for me. Cloud-hosted vaults are a negligible benefit for the increased risk. I don't care how perfectly secure they claim their infrastructure is, housing that much sensitive data makes them a huge, juicy target for cybercriminals who will never cease trying to crack their safe. Even having an account on 1Password would make *me* a much bigger target.
Just waiting for the day Agilebits suffers a security breach and, per due diligence, tell their customers they really should change all of their 200+ cloud-stored passwords. "Just to be safe." Have fun doing that....
I could [barely] tolerate a subscription-only payment plan if the app is great, but removing the option for a local-only vault is the ultimate dealbreaker for me. Cloud-hosted vaults are a negligible benefit for the increased risk. I don't care how perfectly secure they claim their infrastructure is, housing that much sensitive data makes them a huge, juicy target for cybercriminals who will never cease trying to crack their safe. Even having an account on 1Password would make *me* a much bigger target.
Just waiting for the day Agilebits suffers a security breach and, per due diligence, tell their customers they really should change all of their 200+ cloud-stored passwords. "Just to be safe." Have fun doing that....
Obviously I am. It’s not open source. It’s closed source and proprietary. It’s a perfectly reasonable question or else you’re just believing words on a webpage.
Why try it? It’s so much easier to complain.
I haven’t tried 8 yet, but I might soon. I don’t mind the subscription, I pay more for Netflix and there isn’t much on lately. I also pay for the family plan and $12 per person per year is a deal for what it does.
iCloud Keychain is password syncing across devices leveraging an iCloud account and peer encryption keys.
Under the covers it uses a keychain which is visible in the Keychain Access application (which is what I assume you mean by Keychain Manager).
However, unless you are doing some serious development, debugging or sysadmin-work like Kerberos troubleshooting, you typically would never run Keychain Access. You can see, manipulate and export/import browser passwords using the 'Passwords' section of settings on an iOS or Mac device.
Is iCloud Keychain open source? Can I inspect the source code? Nope. So by your requirements, Apple can not be trusted to store passwords.
I don’t use keychain. I prefer to use an open standard so I can move my database between apps should I wish or should the app go dark. I also prefer to be able to put it where I like.
And I didn’t say anything of the sort. You just put a load of words in my mouth. I simply asked if it’s verifiable. To which you answered. Thanks for the link. Now you’re piping up protecting the other dude for saying I asked a stupid question. So don’t know what that’s about.
The two big advantages AgileBits has are password sharing with families/coworkers and android support.
To counterpoint that list with iCloud Keychain:
#0 Is supported on Apple devices and well as on Windows via a web extension. It supports export and input with other password managers (via a CSV text file). Third party browsers on Mac tend to not support it, third party browsers on iOS AFAICT can't support it, and there is no official support for Android or Linux
#3 I believe uses the same resources to do password security checks as 1Password, and will drive you to a password change page if the site supports it
#4 Has a native integration and application, while AgileBits has now rewritten their integrations and apps to be cross-platform US and cross-browser via JavaScript (in the form of Web Extensions and Electron)
#5 1Password Web Access is terrifying security theatre and nobody should ever use it unless they are willing to have someone compromise all their accounts. Install the official app/web extensions from a secure source.
Oh yeah, I remember that. Then Phase 2 happened (several years later?) where they were like it's time to let the one-time license go so we are sunsetting that...blah blah blah. *rolls eyes*
Can't believe I didn't follow the beta more carefully to notice that they were actually using Electron in ANY part of their workflow. So disappointed at what used to be a great company, obviously not anymore with poor choices.
And before anyone asks, yes I do know how Electron-based frameworks run and the ridiculous resource loads they demand with an infinite number of sub-processes/modules being run and using a ton of threads, many more than a "normal" fully-native app uses.
They are trying to spin this as just using some basic Electron parts while the main work was done in Rust. Well that really doesn't matter all that much. The tons of processes are still spawned and will run the entire time your Mac is on, not just while a specific tab in a browser, for example, is open. No, 1Password will spawn those processes and grow and continue to consume increasing memory as time goes by, until you reboot and things start all over again.
To add, yes the UI is very clunky and absolutely feels and functions like say, a Java app would run like. A massive step not just backwards for 1Passsword, but just in an entirely new and horribly unfortunate stumble, trip and fall (fail?).
After putting this on my other Mac, I'm staying with version 7 for now while I have to find a replacement. While there are tons, only a few really stand up enough to act as a semi replacement, one that I was hoping I wouldn't have to settle for. Possible best next option is LastPass, though it won't be the best experience as was old 1Password, which is just so very disappointing.
And before anyone asks, yes I do know how Electron-based frameworks run and the ridiculous resource loads they demand with an infinite number of sub-processes/modules being run and using a ton of threads, many more than a "normal" fully-native app uses.
They are trying to spin this as just using some basic Electron parts while the main work was done in Rust. Well that really doesn't matter all that much. The tons of processes are still spawned and will run the entire time your Mac is on, not just while a specific tab in a browser, for example, is open. No, 1Password will spawn those processes and grow and continue to consume increasing memory as time goes by, until you reboot and things start all over again.
To add, yes the UI is very clunky and absolutely feels and functions like say, a Java app would run like. A massive step not just backwards for 1Passsword, but just in an entirely new and horribly unfortunate stumble, trip and fall (fail?).
After putting this on my other Mac, I'm staying with version 7 for now while I have to find a replacement. While there are tons, only a few really stand up enough to act as a semi replacement, one that I was hoping I wouldn't have to settle for. Possible best next option is LastPass, though it won't be the best experience as was old 1Password, which is just so very disappointing.
Have you had a read of any of their security audits? https://support.1password.com/security-assessments/
Or would you rather just be an angry keyboard warrior?
So if it was working just fine for you in the beta, and you didn't notice that it was an Electron app - why are you suddenly disappointed about this today?
Have you actually looked to see how many resources 1Password 8 is using? The attached screenshot doesn't seem unreasonable.
Electron apps in the early days got a bad name for themselves, and it was mostly warranted at the time. Electron apps have generally come a long way, and when optimised well it's generally not a big issue.
Strangely, many people complaining here are probably running other Electron apps without even realising it. Discord, Slack, Skype, MS Teams, GitHub Desktop just to name a few.
I upgraded to 1Password 8 for Mac this morning. I'm really loving it so far. Universal AutoFill is amazing! No more manually entering passwords for browser authorisation prompts.
I think people are unfairly writing 1Password 8 off before even trying it - or because they think it's cool to get on the hate bandwagon. I challenge people with this mindset to try it for themselves first. Don't be an uninformed hater.
Cool, now use it on Android, Linux, or other browsers.
People need to stop comparing the 2. iCloud Keychain is find if you’re all Apple, but useless on any other platform. Bitwarden free version is 100 times better than Keychain and does more.
I did not take part in the beta. I said I should have followed it closely, but didn't realize I had to as I never thought something as foolish as this was coming. And if you think your screenshot shows good memory usage, I'm not sure what to say other than for what 1Password does and is, that is not good memory usage.
Worse even, that memory usage will likely grow indefinitely until you reboot. 1Password stays running, so resource management and low memory features are a necessity. When mentioning Electron and it's huge downfalls, I don't think most people are realizing this factor. If you keep the Mac Slack app running for work all day, like so many of us are stuck with, which is an Electron app, just watch its memory footprint and spawned processes throughout the day.
Sorry but there is not an honest answer to fixing their problems at this point. They went down the highway to hell and seem to be "very happy" with their choice. Well their users aren't. If they are going for just Enterprise customers with this move as some have mentioned, it makes a bit of crap-sense but they will lose a big portion of their Mac base. At least, I sure hope they do as this surely deserves a cancellation. One that I'm making within the week after choosing a replacement.
Sad, 1Password has been with me for decades. One stupid choice like this completely destroys all of that history. Of course there's a ton more to explain to people that don't understand what the Electron part of their new app will do or not do for them, but they'll figure it out on their own given some time. I on the other hand, do know and have now used version 8, which is actually worse than I even thought. Not even talking about the sluggish performance. I'm talking about the UI and features. The UI is clunky and as everyone else that's been with the Mac long enough to know what fits and what doesn't.
This new version absolutely does NOT fit in with macOS's - everything.
Everything is just.....off.
This thread has other posts with all of the details that I'm barely scraping the surface of. All of which are downgrades and problems. Once again, enough of my time spent writing about version 8. I am better off spending the next 20 minutes finding a suitable alternative to switch to. They've probably already written off "personal" users anyway from the sound of things. If enterprise is what they want, then whatever. What a waste.
Sorry, I miss read your first post about partaking in the beta. I also did not partake in the beta, but I have been following its development.
I'd also like to add that I never said it was good memory usage - but it certainly isn't terrible either. Safari is using around 300 MB with 3 tabs open. Firefox is using around 3 GB with 3+ windows and countless tabs open. Discord is using around 600 MB.
I leave both Slack and Discord open on my Mac indefinitely. And my Mac might be restarted once a month at most. Discord's memory usage is never an issue, and it never appears sluggish as I see with Slack. As I said before, there are good and bad Electron apps.
I'd argue that the average user has no idea what Electron is, and will be none the wiser that anything under the hood other than the UI has changed. It's a very small vocal minority who are shouting about this change.
I—like you—think Teams is a dumpster fire, but companies use it for a very simple reason: it's "free" for most of them. They've pledged their unyielding fealty to O365 along ago, *especially* if there's some crusty suit(s) at the top who've refused learning any new skills since 1992. Said suits would panic if they saw an email/calendar interface that didn't say "Outlook" on it somewhere.
Couple all that and free with lazy, checked-out sysadmins/IT directors who are ridden with inertia and can tell the clueless MBA above them that they've "saved" the company $$$ independent of any other consideration...and it's a perfect storm!
Thinking about quality, performance, UI/UX and/or any other thing that relates to actually using software...doesn't cross these types' minds.
You're lucky to have management that thinks with their brains, and not just their wallets. That's the exception...not the rule when it comes to enterprise software decisions like this.
1Password is one of the best secure platform in the industry. Read this blog post from 1P. There is a lot of information about this.
What if 1Password gets hacked? | 1Password
1Password has never been hacked. But if it was, your passwords and information would still be safe. Here’s why.
I've been a happy user of Keeper for my passwords. I know it's a subscription, but I suppose the developers should get compensated for keeping the product supported and releasing new features. I don't know why I chose Keeper at the time, but I like it a lot and haven't found a compelling reason to switch to something else.