Security Experts Wary as 1Password Subscriptions Push Users to Cloud-Based Vaults

[campyguy]

There is no mention of a one off purchase option ANYWHERE on the 1Password website and yet they claim that this is to avoid confusion for customers who might not understand the difference between the two products.

Get your knickers unbunched, sheesh. Open the MAS, second purchase option - 1Password Standalone - $64.99. Less than 10 seconds to find the app and purchase options. QED.

 

[CatalinApple]

There is no mention of a one off purchase option ANYWHERE on the 1Password website and yet they claim that this is to avoid confusion for customers who might not understand the difference between the two products.

They will assess the success of the Subscription model when they see which service customers prefer!


This is what 1Password employee Eva_Schweber says:

"Full disclosure, I work for AgileBits, the folks that make 1Password.

Our subscriptions options remain new and we are still figuring a lot of things out. One of the ongoing issues has been customer confusion between licenses and account. That is why we have made it a bit harder to locate information about licenses on our site. Nothing insidious, just an attempt to make it easier for the majority of our customers to locate what they are looking for without confusing them."

iPassword have squandered the trust of thousands of customers, I believed they were honest and that their product was secure. Secure for the very reason that it was hosted on your own machine and nowhere else.

I've recommended it to everybody I know and I'm ashamed at the underhand way the company has handled this change and whitewashed the "choice" by hiding and now elimination the one off payment option.

I would willingly pay for yearly upgrades to the stand alone product, it's constantly being refreshed and companies need secure revenue but I will not pay for my data to be hosted on another company's servers.

Her post dates back from 372 days ago, exactly when they launched the individual plan. To some this post might be confusing because they will think that this information is just brand new. Nor the payment options nor the location of where you can buy the standalone version have been hidden. If anyone would just use the search function for 15 seconds everything would be perfectly fine. I have the feeling that the majority of customers, like it happens to any other company aren't willing to do some research and if it happens that they won't find what they are looking for within a fraction of a second they will complain immediately. People have become kinda lazy. They are expecting everything on a silver platter without even lifting a finger or doing anything else for what they desire.

 

[Keebler]

Perhaps I am missing something here, but what is the criticism actually based on? It seems that AgileBits denies sunsetting either local storage or one-time purchases.

As long as they continue to offer the option to store everything locally, I see no problem. They have always been piggy-backing on other sync services and offered syncing over Wi-Fi, but I can see clear advantages for a server-based solution of their own. Apple is doing this too, after all (e.g. iCloud Keychain and iMessage in iCloud). They even place iCloud prominently in the device setup.

I oppose the subscription model too, but so far they haven’t announced whether this will be the only way to obtain 1Password in the future. They also have not given a ‘cut-off date’ for standalone updates and have been very generous (having paid for 1Password at least 5 years ago – I cannot even remember when). Even if they do require a subscription, to me that would mean that the service would become more expensive and I'd have to consider whether that price is still worth it to me.



However, this is the kind of product you always want to have the latest version of, at least I do. I expect from them to improve the security and fix security bugs. I am already relying on them in terms of a service, not so much a standalone product.

Hi,

I remain hesitant as I'll definitely keep my version local BUT, the pessimistic part of me wonders how many versions until the locally stored option isn't available because x version won't (conveniently) work with x iOS forcing an upgrade to the subscription/cloud model.

I personally hate subscriptions. I don't mind paying $30 per app either - I'm not looking to be cheap. For me, it comes down to wanting to own the software. If an app is touted to have a bunch of features which I know I'll use, I don't mind paying upfront to own it.

Cheers,
Brian

 

[gcortesi]

They are b.s.ing - all they are saying is you can keep using your current license.

There will be no new version with local vaults, there will be no offical way of purchasing a license (for new users) and the windows version already does not include a way to even create a local vault.

The way they want to go is clear, they are just trying to lull people into silence.

It's disgusting, I have to say it in those strong words.

The latest version for Mac (Password 7), which supports local vaults, is available for purchase as an individual license (even for new users), here: https://1password.onfastspring.com/in-app/1password-7-for-mac

For a limited time, the full price of $64 is discounted $15, making a license cost $49. This license is good for any number of Macs owned. I just bought it - no subscription needed. This is also not an upgrade price - it is a full license for a new user (or existing user). This info was tucked away in this blog - https://blog.agilebits.com/2018/05/22/1password-7-for-mac-the-best-ever/. You can also pay the subscription price and use the app as before, with local vaults. The subscription pricing essentially then becomes a maintenance fee to provide ongoing version updates - approximately $36/year.

One note - if you are running Mojave (10.14 - any Beta version), the Touch ID isn't working. Otherwise it works fine, and of course works fine with 10.13.

 

[macintoshmac]

The latest version for Mac (Password 7), which supports local vaults, is available for purchase as an individual license (even for new users), here: https://1password.onfastspring.com/in-app/1password-7-for-mac

For a limited time, the full price of $64 is discounted $15, making a license cost $49. This license is good for any number of Macs owned. I just bought it - no subscription needed. This is also not an upgrade price - it is a full license for a new user (or existing user). This info was tucked away in this blog - https://blog.agilebits.com/2018/05/22/1password-7-for-mac-the-best-ever/. You can also pay the subscription price and use the app as before, with local vaults. The subscription pricing essentially then becomes a maintenance fee to provide ongoing version updates - approximately $36/year.

One note - if you are running Mojave (10.14 - any Beta version), the Touch ID isn't working. Otherwise it works fine, and of course works fine with 10.13.

Touch ID is working fine for me on Mojave beta and has worked right from the first beta till now.

Also, somehow, for India, the cost comes at 1.5x the subscription pricing. So, better to keep the subscription and be happy.

 

[gcortesi]

Touch ID is working fine for me on Mojave beta and has worked right from the first beta till now.

Also, somehow, for India, the cost comes at 1.5x the subscription pricing. So, better to keep the subscription and be happy.

I meant to say TouchID is not working with 1Password with Mojave beta. See this thread : https://discussions.agilebits.com/discussion/comment/450153/#Comment_450153. Right now Agilebits developers and Apple have been working on this to get it working. Numerous users confirmed 1Password broke for them after Mojave Beta 1. Touch ID works fine otherwise, just not for 1Password.

 

[macintoshmac]

I meant to say TouchID is not working with 1Password with Mojave beta. See this thread : https://discussions.agilebits.com/discussion/comment/450153/#Comment_450153. Right now Agilebits developers and Apple have been working on this to get it working. Numerous users confirmed 1Password broke for them after Mojave Beta 1. Touch ID works fine otherwise, just not for 1Password.

I meant especially for 1Password itself. Perhaps I got lucky, but it works for me and I faced no issues with respect to running 1Password on a beta.

 

[drumcat]

BTW, truly appreciate the built-in two-factor. Very nice.

 

[macintoshmac]

BTW, truly appreciate the built-in two-factor. Very nice.

This particular thing got me to enable 2FA on all supported websites that I use.

I am waiting for the iOS 12 API integration so that passwords and 2FA can be done in a more streamlined fashion, hopefully.

 

[tangfish]

Is there a listing of which sites/services are compatible with 1P 2FA? Seems like trial and error is quite hit and miss.

 

[macintoshmac]

Is there a listing of which sites/services are compatible with 1P 2FA? Seems like trial and error is quite hit and miss.

While I admit I am new to 1Password, I believe the 2FA feature can be enabled for all websites that support 2FA. There is nothing like 1P 2FA. Our very own MacRumors supports 2FA. The process of adding 2FA in 1P logins is pretty easy and once set, there is a code always waiting for you to copy and paste in the fields as needed.

1P also has a feature that tells you which sites have 2FA support (once you fill the login details).

 

[tangfish]

Apple for example, does not allow 2FA via 1P, that I can tell.

 

[macintoshmac]

Apple for example, does not allow 2FA via 1P, that I can tell.

Apple uses its own devices only for 2FA. I have not come across any other major website that uses 2FA via an authenticator app and can not be configured with 1P.