It does indeed. If you can't answer your own question, I'd suggest using Apple's implementation. I was satisfied with when testing it, but my workflows align better with 1Password.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
1Password Releases Safari Extension for iOS 15 and iPadOS 15
- Thread starter MacRumors
- Start date
- Sort by reaction score
It does indeed. If you can't answer your own question, I'd suggest using Apple's implementation. I was satisfied with when testing it, but my workflows align better with 1Password.
Absolutely, I was commenting on people using 1P7 local vaults versus concerns about 1P cloud vaults.
If you do things like Yubikey, which 99% of people will not, then the other risks I raised around local storage on a general computing device become less of an issue too.
1Password saves more than just passwords.
You can store pretty much anything. I keep my virtual cards saved in mine (like my virtual Apple Card) for quick and easy autofill. It can save other stuff to like product and licensing keys, and much more. It also is much faster to instantly create or save a new login, as you can type in your username and password into the login field, tap one button, and now it's saved in your vault.
There's benefits to using autofill password (for example, it'll work in third party apps), but there are advantages to using the extension (autofilling more than passwords, easier to save things to your vault). I have both enabled.
All 1P has to do is enable people to buy standalone instead of forcing them to subscribe to use features we’ve had for years.
Yes, 1Password subscription for the last 2 years. Like Lastpass, Bitwarden, iCloud Keychain all stores your private data on secure cloud servers.
AgileBits' forced transition to subscriptions, their removal of the standalone vault from 1Password, their transition from native Mac to Electron, plus their glib defenses of these steps on social media, is appalling business behavior. Who removes features from a subscription service?
I purchased a gift card from them that had more than 2 years' worth of subscription balance. I've just now canceled my subscription with more than 1 year balance left over. Their move to cloud-only storage is less secure, period. I guess I'll be moving to KeePassXC and friends, or self-hosted (LAN-only, on-demand) Bitwarden.
I purchased a gift card from them that had more than 2 years' worth of subscription balance. I've just now canceled my subscription with more than 1 year balance left over. Their move to cloud-only storage is less secure, period. I guess I'll be moving to KeePassXC and friends, or self-hosted (LAN-only, on-demand) Bitwarden.
Yes of course.
Another issue with the new extension:
There is no TouchID / FaceID to authenticate during usage. Only a setting "required authentication after" 15 (or other minutes) or manually lock the device.
So if someone (kids, wife, friends you hand the device over for a short time) or even nows your device PIN they can access my vaults without any protection!
This even works after the device was locked as the new extension does not know If a device has been locked or not.
And I don't want to manually lock the extension all the time!
I will stay with the old version!
This is not accurate.
You don’t lose functionality when upgrading to 7.8 if you use an iCloud synched vault. It continues to work as normal without a subscription. You don’t get to use the new Safari extension, but you can password fill using the same method you did under iOS 14.
I did hit that update button.. my saving grace is that because my kids are still using the 6s, I'm using iTunes 12.6.5.3 (the last version with the App Store), so I was able to pull the old version out of the trash and restore it.
Can't do it. I'm happy to support them by buying a release every couple of years. But I rarely do subscriptions. I'm still on version 6 and it does all I need. Soon, iOS will natively do all I need. They could have gotten a good deal of $$ out of me if they had stayed away from subscriptions. That being said, I'm sure they have made plenty
I'm still on 6 as well.. my problem is that I'm on a 10 year old Mac, and while it's still solid (hasn't had a single bit of repair/service), I can't go any further on MacOS than Sierra (High Sierra crashes horribly on it), and since this year is the last year of Intel CPUs, I'll be going Silicon. Normally that wouldn't be a problem, but since 1Password 7 is available, but the ability to purchase standalone licenses is NOT available, I'm stuck for as long as Rosetta works when I get a new Mac.
The one thing that people seem to forget about cloud vaults or having a 3rd party manage your vault is the legal liability aspect of it. People don't tend to realize that while they are given the feature of convenience by having your data available everywhere because of the cloud, the takeaway from that is that for the data you have in the cloud, you may not legally own it.
Now, speaking for the US here: if the authorities were hypothetically investigating you (generic) for any reason, if they needed something from you that is in your possession, they would require a warrant for them to obtain that information from you, n'est-ce pas?
Well, not so if that data belonging to you is in the hands of a 3rd party. Since they aren't directly involved with that investigation, a simple subpoena could be used to have that 3rd party hand over your data. That's a problem. And yes, while everyone can say "well, they don't have a way to get into my vault because they'd need my password!", the problem is that they have physical access to your vault: as in, they have their physical hands on it. It would be in their possession. All of this was brought to light by an investigation NPR did regarding a person's data, their digital trail, and their 4th Amendment Constitutional right:
Your Digital Trail: Does The Fourth Amendment Protect Us?
Could government agents really get access to all your private data in less than a minute? Experts say no but warn we are moving in that direction.
www.npr.org
If people are okay wth the potential of that happening, and not being secure in having their own data - and passwords to your sensitive data at that - then more power to them. However, when it comes to sensitive information like this, let alone any other sensitive info one may store in 1Password (I store my family's Social Security Numbers, Passports, Birth Certificates, etc.), I would not want to give up the security and being secure in that data (meaning, only I have physical possession of that data) for the sake of convenience.
BL.
So help me to understand this.
I use 1Password 6 on my Mac, and I'm at 1Password 7.7.8 on my iPhone and iPad. If I update to 7.8 on my iPhone and iPad, I should still be able to sync my data to the vault that is on my Mac? I do no synching to iCloud or any other cloud service.
BL.
Why on earth there isn’t immediate lock down for the extension? The default duration is one day which is just crazy. The minimum length is 15 minutes. After set period of time the extensions locks and allows you to use Touch ID to unlock it.
Last edited:
Of course my computer is not immune. The difference is two fold. One, I am in complete control of my data. If I want to be super paranoid and have my 1P vault stored on a computer that is always disconnected from the internet I can. Or I could run it in a fully isolated VM. Two, and this cannot be overstated, my computer has an infinitesimally smaller attack surface than 1Password's servers have.
The bottom line is this - by forcing its user to store their password vault on a cloud server, AgileBits is decreasing the security for its users. Full stop, end of story.
Which version? I mean, I've been on a standalone license, going back to 1Password 3. The problem I'm going to have is the move to Apple Silicon. when I do, I'll lose 1Password 6; yes, I know I can use Rosetta 2 to keep using it, but at some point, that is going to end, so it will be either 1Password 8, or nothing at all (you can't buy standalone licenses for 1Password 7 anymore).
BL.
I highly suggest checking out Minimalist Password manager - https://minimalistpassword.com.
The vault is local, with the option of syncing via iCloud. Plus, there is an option for a subscription, $20/year, or you can purchase it outright for $60. It's definitely lacking in some features at the moment (at least when compared to 1Password), but they have a good road map (https://minimalistpassword.com/news/road-map) and a very responsive dev team (every time I've emailed them with a suggestion or question, I've gotten a response within a couple of hours). I've imported all of my 1Password items into Minimalist, and while I need to spend more time really combing through everything, the import looks good so far.
Not entirely true, 7.8 removes the 1Password share sheet. Not a huge deal, but if you're using local vaults, you're still losing a feature while gaining none.
Last edited:
The bottom line is this - 1Password has never been hacked. Users computers are being hacked, tracked and exploited every single day. Full stop, end of story.
*sigh* That's great that they've never been hacked, but they still have a massive attack surface and I'm sure there are hackers actively trying to breach their security. Bottom line, MY computer has never been hacked, and for me that's all that matters. Getting rid of user choice is NEVER a good option.
Last edited:
I do understand your concerns. I shared very similar thinking on this in the past. I'm comfortable with what 1Password are doing now, and I believe any risks are absolutely minuscule (even if a hacker got to all our cloud hosted vaults, retrieved copies of them, it would take so long to decrypt even one account that the data would be rendered useless).
That being said, I can appreciate why you and others think a local vault option should always be there. I believe AgileBits have even said they are looking into possibly offering local vaults eventually with 1Password 8.
The potential local vault option for 1Password 8 essentially requires you to run a full blown instance of 1Password.com on a dedicated computer. That adds an incredible amount of complication for the average user that doesn't want to store their password in 1P's cloud. Plus, there is no guarantee the team at Agile Bits will actually do this. At this point, and it pains me to say this, I don't trust a damn word that comes out of their mouth (or more accurately out of their fingers).
Honestly, I rarely used it. It was good for sharing a password with another app - like Notes or Mail or something. The share sheet removal really isn't a big deal, but its removal is greatly compounded by Agile Bits more recent user-hostile decisions.