if they go subscription only
bye bye
and i used it for like...7-8years now
bye bye
and i used it for like...7-8years now
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Security Experts Wary as 1Password Subscriptions Push Users to Cloud-Based Vaults
- Thread starter MacRumors
- Start date
- Sort by reaction score
Customer for 9 years here. I remember the last time they pulled an ignorant and arrogant move by removing the ability to sync locally. Tried to force everyone to Dropbox or a similar service. The roar of the users was loud enough we got a separate utility to use for syncing. Wasn't great but when the later release came out, we had WiFi syncing and now that is called WLAN I believe.
Still, they don't seem to have learned not to alienate their customer base.
Still, they don't seem to have learned not to alienate their customer base.
i think they are thinking
how do we get more money out of our user database without working much on the app?
Subscription!
Need more money agilebits
make good app updates and we will pay for them, no problem for that.
That is because 1Password promised to continue developing a standalone version. People trusted them. Agilebits broke their promise.
Please.... The gripes (broken promises--subscription only for new versions) and concerns (loss of local vaults) are legitimate.
You're correct....All the cloud IS hackable; hence, the concern. BTW, Keychain can be used without backing it up to iCloud.
People are upset because they now have to buy something else and options are few.
Just wanted to say thanks to everyone who mentioned Enpass in the thread. Really nice app, available on every(?) major OS out there. And the desktop apps are even free.
I've been a long time 1P user but their recent business decisions are questionable. If the Windows version today does not support a local vault anymore, it is not long until the next Mac / iOS version will behave the same. Sure, older versions will keep working with local data...
Oh and their so called "changelog" on the app store is just driving me crazy, how hard would it be to just stick to the facts there?
Anyway, Enpass seems to be the alternative I was starting to look for.
I've been a long time 1P user but their recent business decisions are questionable. If the Windows version today does not support a local vault anymore, it is not long until the next Mac / iOS version will behave the same. Sure, older versions will keep working with local data...
Oh and their so called "changelog" on the app store is just driving me crazy, how hard would it be to just stick to the facts there?
Anyway, Enpass seems to be the alternative I was starting to look for.
Sounds about right to me. I'm also cynically investigating a move toward something free and open source, like KeePassX or KeePassXC. I value having my data under my watchful control. Maybe that's antiquated. So be it.
there are a lot of free apps out there but to be honest, there is quite a difference between a good paid ap and the free apps
1Password is very well made and smooth as silk
1Password certainly has the aesthetic edge. It's beautiful to use on iOS and MacOS.
Is it only me or Enpass doesn't work with Touch ID on iOS?
I'm torn between Enpass and another gem I've found (Secrets), Secrets is more expensive but I have no problem with that if it's more polished than Enpass as long as it's not a subscription.
I'm torn between Enpass and another gem I've found (Secrets), Secrets is more expensive but I have no problem with that if it's more polished than Enpass as long as it's not a subscription.
So before you go looking for another password program, read this:
https://1password.com/files/1Password for Teams White Paper.pdf
Then ask your new password program vendor for their equivalent. Don't be surprised if you don't get anything. You pay for what you get. The above paper will also teach and debunk a lot of what you think you know about Password managers and how they work - some of them are not as secure as you think.
https://1password.com/files/1Password for Teams White Paper.pdf
Then ask your new password program vendor for their equivalent. Don't be surprised if you don't get anything. You pay for what you get. The above paper will also teach and debunk a lot of what you think you know about Password managers and how they work - some of them are not as secure as you think.
Last edited:
Regarding the security of 1password: the iOS-app doesn´t recognize a touch-id-change. It simply uses the new changed fingerprint. If someone is aware of your ios-passcode for whatsoever reason, this person could simply change the touch-id-fingerprint and would be able to unlock the 1password-app.
Although very unlikely, this is a major flaw in my opinion at the threshold of perfect security measures, which they claim for. They are stating, that it isn´t possible to implement a changed-touch-id-detection for any app, not just for 1password.
This is not true: Dashlane, Lastpass and Enpass are capable to detect a changed fingerprint and require the masterpassword again. So the subscription-fee at least in this regard is discussible.
Although very unlikely, this is a major flaw in my opinion at the threshold of perfect security measures, which they claim for. They are stating, that it isn´t possible to implement a changed-touch-id-detection for any app, not just for 1password.
This is not true: Dashlane, Lastpass and Enpass are capable to detect a changed fingerprint and require the masterpassword again. So the subscription-fee at least in this regard is discussible.
I ditched 1Password a while ago when they first started talking about subscriptions (I could see where it was going) I now use https://www.passwordstore.org/ its a free command line GPG based script that works great and syncs with a git repo (local or cloud based) the iOS app has just come onto the App Store too https://appsto.re/gb/DY13hb.i
It's probably not going to work for your grandparents but if your moderately tech savvy you can set it up in about 30 mins.
It's probably not going to work for your grandparents but if your moderately tech savvy you can set it up in about 30 mins.
Thanks for the advice. I keep a password locked/touchID note locally with all of my unique passwords. No one but me has access to either my mac or phone. I use 2 factor as well whenever available. I'm too cheap to pay for a subscription service. Safari auto-generates passwords but I always use private browsing, clear cookies, etc so it's very inconvenient for me to use auto-generated gibberish for me. If I'm attacked, I'll finally have to give in and change my practices.
A few days ago they said they are going to support both models, subscription and standalone versions. More info here: https://blog.agilebits.com/2017/08/01/1password-6-7-for-windows-a-feature-buffet/ and in the comments section. If I understood well, WLAN, Dropbox and other features will come back to 1Password 7 for Windows and the rest of the platforms.
I'd be willing to pay the full subscription price if I got the apps for all platforms as the subsciption currently is without the hosted vault requirement. Unfortunately they do not provide this option.
If standalone vaults is truly a thing they plan to keep supporting and offering, I guess I can a) stop looking for a 1password replacement for all my family, friends and myself, and b) go back to recommending 1password to every person I possibly can.
I hope this is not a joke and if they did take the huge amount of feedback seriously enough to change course, kudos to AgileBits!
I hope this is not a joke and if they did take the huge amount of feedback seriously enough to change course, kudos to AgileBits!
Really? Well then I stand corrected. Thank you for the tip. I will look again.
They always had this, but I read on one of the recent updates that it's easier to do now.
There is no mention of a one off purchase option ANYWHERE on the 1Password website and yet they claim that this is to avoid confusion for customers who might not understand the difference between the two products.
They will assess the success of the Subscription model when they see which service customers prefer!
This is what 1Password employee Eva_Schweber says:
"Full disclosure, I work for AgileBits, the folks that make 1Password.
Our subscriptions options remain new and we are still figuring a lot of things out. One of the ongoing issues has been customer confusion between licenses and account. That is why we have made it a bit harder to locate information about licenses on our site. Nothing insidious, just an attempt to make it easier for the majority of our customers to locate what they are looking for without confusing them."
iPassword have squandered the trust of thousands of customers, I believed they were honest and that their product was secure. Secure for the very reason that it was hosted on your own machine and nowhere else.
I've recommended it to everybody I know and I'm ashamed at the underhand way the company has handled this change and whitewashed the "choice" by hiding and now elimination the one off payment option.
I would willingly pay for yearly upgrades to the stand alone product, it's constantly being refreshed and companies need secure revenue but I will not pay for my data to be hosted on another company's servers.
They will assess the success of the Subscription model when they see which service customers prefer!
This is what 1Password employee Eva_Schweber says:
"Full disclosure, I work for AgileBits, the folks that make 1Password.
Our subscriptions options remain new and we are still figuring a lot of things out. One of the ongoing issues has been customer confusion between licenses and account. That is why we have made it a bit harder to locate information about licenses on our site. Nothing insidious, just an attempt to make it easier for the majority of our customers to locate what they are looking for without confusing them."
iPassword have squandered the trust of thousands of customers, I believed they were honest and that their product was secure. Secure for the very reason that it was hosted on your own machine and nowhere else.
I've recommended it to everybody I know and I'm ashamed at the underhand way the company has handled this change and whitewashed the "choice" by hiding and now elimination the one off payment option.
I would willingly pay for yearly upgrades to the stand alone product, it's constantly being refreshed and companies need secure revenue but I will not pay for my data to be hosted on another company's servers.