Thursday, October 3, 2013

1Password 4

1Password 4 is now available, with some great new features like multiple vaults, 1Password mini, security audit, favorites, and a better browser extensions user interface. I still don’t really like the idea of browser extensions, as there seems to be no way to audit where they are sending my information.

There’s much to like in the new interface, however:

The blog post mentions 96 beta releases and 20,000 beta testers, so I was surprised to find version 4.0 a little rough:

  1. Unlike in 1Password 3, text in Secure Notes is not fully searchable.
  2. The pop-up menu for changing vaults activates on mouse-up instead of mouse-down.
  3. The multiple vaults feature is not supported by the iOS app (or iCloud), and if you move your primary vault the iOS app won’t be able to find it.
  4. There’s no good way to move items between vaults. The Item ‣ Share menu looks like it will let you copy multiple items, but it only copies one at a time. You can export from one vault and import into another, but this entails writing all the decrypted data to your hard disk.
  5. The Basics section of the manual refers to an “In Depth” section that doesn’t seem to exist.
  6. The Preferences window simultaneously says that Dropbox is not running (with a button to install it) and that it is running.
  7. When I created a new vault, it continued to show the password detail pane for an item in my old vault.
  8. There was much talk earlier about the new Cloud Keychain format that’s more secure. However, 1Password 4 does not seem to actually be using this with Dropbox. Perhaps it’s only for iCloud? [Update: AgileBits support has confirmed this.]
  9. It can no longer export to a regular CSV file, only to its custom JSON-based format.

Update (2013-10-03): Not related to this release, but I wanted to note: 1Password users who have an iPad 1 are now out of luck. 1Password 3 for iOS uses the old Dropbox API that’s no longer functional. 1Password 4 for iOS requires iOS 6, so the iPad 1 can’t run it.

Update (2013-10-07): Some users are reporting data loss and other Dropbox sync problems. Dropbox syncing is not working well for me, either, since the update to 4.0. I’ve made changes on both my mac and iPhone that have not propagated to the other device.

Update (2013-10-08): The Dropbox syncing problems seem to be caused by a bug in its sandbox code:

10/8/13 10:15:16.012 AM[191]: 400200 [SYNC:0x7fcba4255c20:<OPAgileKeychainSyncer (Dropbox) 0x7fcba40466a0>] E setupKeychainProfile | Cannot sync, failed to load keychain profile: Error Domain=com.agilebits.onepassword.ErrorDomain Code=100 "Failed to load profile" UserInfo=0x7fcbab813b10 {NSURL=file://localhost/Users/mjt/Dropbox/1Password.agilekeychain/data/default/.1password.keys?applesecurityscope=626663396665363865323330313061613433663164306265336362366163323738383463626332363b30303030303030303b303030303030303030303030303032303b636f6d2e6170706c652e6170702d73616e64626f782e726561642d77726974653b30303030303030313b30313030303030343b303030303030303030303139313339663b2f75736572732f6d6a742f64726f70626f782f3170617373776f72642e6167696c656b6579636861696e, NSLocalizedDescription=Failed to load profile, NSUnderlyingError=0x7fcbab806d30 "The file “.1password.keys” couldn’t be opened because you don’t have permission to view it."}
10/8/13 10:15:16.101 AM sandboxd[81765]: ([191]) deny file-read-data /Users/mjt/Dropbox/1Password.agilekeychain/data/default/1password.keys
10/8/13 10:15:16.122 AM sandboxd[81765]: ([191]) deny file-read-data /Users/mjt/Dropbox/1Password.agilekeychain/data/default/.1password.keys

Here’s another thread of other users having the problem. You can work around the bug by putting your 1Password.agilekeychain in ~/Dropbox/1Password.

Update (2013-11-09): I had a problem where some old bank accounts (probably from 1Password 2.x or 3.0 and last edited in 2009) were showing up blank in 1Password 4. At first I thought the data file was corrupted, but I found that I could view the bank information in 1Password Anywhere. So I think the problem was simply that 1Password 4 didn’t fully recognize items from an older format.

Update (2013-12-20): 1Password 4.1 restores the ability to search the notes. To do this, you have to select Search All Fields in the menu.

8 Comments RSS · Twitter

[...] Link. "no longer export to a regular CSV file, only to its custom JSON-based format." Sigh. I’ll wait for these to be fixed. [...]

Having participated in the later stages of the beta, I feel they made a realistic decision to release; some compatibility issues and Mac App Store uncertainty meant they had to beat Mavericks. The browser extension changes have been extremely positive, if not overdue.

AgileBits' development process has always been looser than I would choose myself; on the other hand, while they will delay fixes, they seldom ignore bugs for years like Apple does. They're also extremely responsive to feedback; a long email I sent about 1Passwd in 2006 was responded to by one of the developers in a generous manner which I still remember years later — that's a lot of goodwill earned.

The worst of the bugs I reported (startup crashes, wildly confusing UI) are now fixed, but there is a substantial list of nits and minor bugs that they're continuing to work through. The first couple versions of the new iOS app were similarly rough, but it's now an app I enjoy using, so I imagine the same will be true in time. Right now, the things that bug me the most are issues with sites not filling immediately after an unlock, and limited keyboard accessibility (Command-arrows, page up/down/home/end) in 1P Mini.

The volume of feedback on their forum is overwhelming (ideally they'd use something more Stack Overflow-like to handle duplicates, but they do keep on top of things and the state of the art here is still depressingly bad). There's plenty of interaction with the developers and support staff; I got some turnaround with a UI mockup I presented being turned into a prototype (and ultimately rejected; it really was a bad idea).

One thing I never reported, but perhaps should have, is the startup time regression. 1P 4 takes nearly 3 seconds to start up on my ~1-year-old Mac, whereas 1P 3 requires much less than a second. 1P Mini definitely reduces the number of times I need to start up the full 1P, but it's still annoying.

To address some of your specific concerns:

The non-widescreen layout has been promised to come back in a future version (one of the cofounders likes it, if nothing else). I hope it's more useful than the list view in Mental Case 2 and what Apple's been doing with the Finder list view. I don't see much if any text truncation, unlike, say, the new RadarWeb. You know you can resize the column, right?

Popovers are definitely overused on the Mac; I see very few instances in which they're preferable to another interface element (oddly enough, one place where I thought they worked well, in Calendar, they're gone in Mavericks, replaced by…well, the full rant will have to wait until after the final release). I agree with hiding the Web form details by default: they are often useless noise. A disclosure triangle would make more sense; same for the password history.

Multiple vault support was added quite late in beta, so I'm sure it'll be coming to iOS eventually.

I posted in the beta forums about many of the items on your list, so at least some of them are known issues (mousedown not working for various UI elements, not being able to move multiple items to a different vault, etc.). As Nicholas said, AgileBits tends to be very responsive so it doesn't hurt to let them know yourself.

I can understand why they chose to release now, but am also hoping that these are addressed in time. Overall it's a great update.

Re: the Cloud Keychain format. Apart from the issue of it not yet being supported on all platforms, I believe they mentioned that they haven't yet added 1PasswordAnywhere functionality to it (so you can access it through a web browser). Sounds like a high priority. In the meantime, it's only enabled if you use iCloud syncing, as that ensures that all platforms you sync to support it.

@Nicholas Which part of 1Password 3 doesn’t work with Mavericks? The Safari extension?

Mavericks doesn’t even have an announced ship date, and yet they released version 4 without having their own direct-sale version ready. It just feels like this was unnecessarily rushed.

I know about resizing the column, but the end result is that my window is much bigger than what I was using with version 3, while showing less important information.

I lot of sites I use have secondary passwords or PINs, so the form details are needed on every access. Sadly, the extra fields are not available in 1Password mini.

All that said, I generally like what they’re doing with the app.

I’ve found AgileBits to be very responsive. No complaints there. One of their engineers just sent me an in-depth answer to one of my questions.

Any possibility of supporting Linux in the future?

I think there's something broken about the 1Password to helper communication, but honestly I can't remember; it's probably in the forum somewhere. Do you really expect there to be an announced Mavericks ship date? I think it's much more likely it'll just show up some day. Particularly given wildly variable Mac App Store review times, I don't blame them.

I just checked, and my 1P4 window is a bit wider and a bit shorter than the corresponding 1P3 window — basically a wash. Unlike some other software (particularly OmniOutliner/OmniFocus) where I've complained mightily about a loss of information density, I don't find the same problem with 1P's list, and certainly prefer the multiline display to a list view shoved into a column as with 1P 3. Here's a screenshot:

I can see how the secondary passwords not being available in 1P mini is a big deal though if you're affected by it. For every site with a secondary password I use, it's prompted on a separate page so I have a separate 1P login defined for it.

@Nicholas I expect that there will at least be strong rumors that the current Mavericks build is the GM. I was thinking that they could have submitted this build of 1Password and held it for release while continuing to improve it. But, on reflection, I guess there would be no way to keep that build ready for release while a new one was under review. So there was no great solution for their situation.

In 1Password 3, you could hide the date column and make the center view narrower, or put the list on top (which worked great with the shorter rows).

One more thing, for completeness since I just ran into this thread: wider export/import features will also be restored.

Leave a Comment