Friday, July 14, 2017

1Password Standalone Vaults and PasswordWallet

Dave Teare:

Now the thing is, I know it’s not realistic to expect everyone to be able to be able to join one of our memberships at this time. As great as 1Password memberships are, I know that our excitement for them can cause some people to become worried. After all, many have corporate policies or regional restrictions that prevent them from using a hosted solution like ours, and so they’re understandably concerned and want to know that there’s a future for them with 1Password.

These worries are compounded by the fact that 1Password 6 for Windows was designed from the ground up to support 1Password Teams customers only (and then later expanded to include family and individual plans), and we are unsure how this adventure will play out on the Windows side of the world, so we haven’t made any public announcements about when support for standalone vaults will be added, if ever. Many Mac users worry that the same fate awaits 1Password 6 for Mac, and that we will remove support for local vaults and force them to pay again.

[…]

We know that not everyone is ready to make the jump yet, and as such, we will continue to support customers who are managing their own standalone vaults. 1Password 6 and even 1Password 7 will continue to support standalone vaults. But 1Password memberships are indeed awesome and are the best way to use 1Password, and as such, I am going to continue to nudge you over when ever I can 🙂

This partial commitment is nice to hear, although it would have been nicer a few days ago when I asked about support for standalone vaults beyond version 6 and the response was:

I know it’s not the answer you want, but we will never publicly commit to Dropbox, iCloud, or local vaults for the future. Even if we bring local vaults forward in a hypothetical new version of 1Password which does not yet exist, that’s not to say that the subsequent version will continue that[…]

They seemed to be trying to thread a needle by specifically not promising continued support for local vaults, conflating this with not commenting on future product directions in general and the idea that all software eventually breaks, and then saying there was nothing to worry about because they have no plans to actively remove the feature. Reading between the lines, the strong implication was that they wanted at least the option to go cloud-only in version 7 without going back on their word.

I took this as a signal to start looking at other options, because the centralized cloud model, while very convenient for most customers and for AgileBits’ support people, seems inherently less secure to me and won’t work with Little Snitch blocking all network access. Additionally, it doesn’t work with 1PasswordAnywhere, doesn’t work with 1Password’s local backup feature, and maintains only a partial local cache (attachments not guaranteed).

So, by the time of Teare’s announcement, I had already investigated some alternatives, selected PasswordWallet (based in part on a recommendation from Wolf Rentzsch), and converted one of my vaults.

(Sidenote: During this process I learned that 1Password’s CSV export—with “All Fields” selected—does not actually export all of the fields, and that the 1PIF export format is undocumented. So migrating my nearly 2,000 entries would have been impractical if I hadn’t been able to write some code to massage the JSON-like 1PIF into a format suitable for PasswordWallet’s CSV/TSV importer. I feel stupid for having taken the time a few years ago to manually move my data from 1Password’s Notes field into custom fields/sections.)

For the near term, I will likely use a mixed setup. My main vault is in PasswordWallet, and I see no reason to convert it back. We also have a successful family setup that syncs multiple 1Password vaults via Dropbox, and that now seems like it should keep working for at least a few years. 1Password and PasswordWallet are both good apps, and I hope that both will be successful long into the future.

With that in mind, here are some advantages that I see with PasswordWallet:

And some things I prefer about 1Password:

Update (2017-07-16): See also: Rui Carmo.

Rene Ritchie:

To put it bluntly, AgileBits is moving to a more sustainable business model that will allow them to better develop and support 1Password now and into the future.

[…]

So, if you’re already a 1Password user, avoid all the FUD and take your own hard look at the new direction.

I tend to agree that subscriptions make their business more sustainable, so it’s interesting that Teare seems to deny that:

Please don’t think our excitement for memberships has anything to do with money. […] We were doing just fine selling individual licenses and AgileBits was already steadily growing before 1Password Teams was even introduced. We created 1Password Memberships because we had a vision for how 1Password could be even better and we followed our dreams. The result has been stupendously awesome and better than our wildest dreams! Today, over 95% of our revenues are coming from subscribers, which is truly mind blowing.

When you look at that 95% statistic and this comment from AGKyle a year ago:

That said, we don’t have any immediate plans to remove the standalone products. However, if a vast majority of our users switch to 1Password Family or 1Password Teams (and as of today, an Individual plan!) then it doesn’t make a ton of sense to keep the standalone product around. So, it’s probably one of those speak with your wallet kind of scenarios.

it makes perfect sense why they were reluctant to commit to supporting standalone vaults in version 7. They also made it really hard to “speak with your wallet” because in the last year there was no paid upgrade, and they removed the standalone version from their store. And they rewrote the Windows version of the app without support for local vaults (yet).

A lot of people are throwing around accusations of FUD, but it seems to me that the source of the uncertainty was AgileBits itself: actions like these and public statements from employees such as Kyle. I see Teare’s post not as a “correction” of misinformation but as an actual policy change. Before, they implied that standalone might be dropped and refused to commit to it. Now they’ve committed for at least one more version.

Update (2017-07-20): Tim Bray:

I understand, and I support AgileBits wanting to become a subscription biz. But I still want to keep my data and password away from their servers. This all seems fine to me. I pay my monthly rent to Adobe and it’s for Lightroom & Photoshop, not for their unexciting server-side offerings.

So AgileBits, why not? Please go ahead and start asking for subscriptions. But don’t ask paranoid people like me to go anywhere near 1Password.com.

AgileBits has addressed the situation in Why We Love 1Password Memberships, but it’s really unsatisfying, totally ignoring the security concerns. And (I guess I shouldn’t be surprised) failing to acknowledge the business advantages for them in making this move.

Update (2017-08-02): AgileBits:

With this release, we finally have enough visibility to chart a course for the future, so we’re happy to announce that standalone vaults will be back on the menu in 1Password 7 for Windows. 1Password 7 will be free with your 1Password membership, but if memberships aren’t for you, paid licenses will also be available.

14 Comments RSS · Twitter

I would miss 2FA and iCloud support if I switched to PasswordWallet. On the other hand, moving on to a cloud-based password storage seems to be very risky indeed – sooner or later, 1 Password will get pwned I guess …

@Martin, if you're using iCloud to sync your passwords, then you're already using cloud-based password storage, no?

@Nigel The difference is that iCloud being compromised would only leak the encrypted files, whereas 1Password.com being compromised could lead to bigger problems because it serves code that has access to your password.

@Michael True—I saw your comments on the AgileBits forums too and that's a very good point. Nice reminder that all clouds aren't equal, and the devil is in the implementation details.

There's some legit criticism of the push to the cloud service. You've raised good points, and some other commenters on the AgileBits forums / blog have as well.

There's also a ton of poorly-thought-through reactions. Seeing people rush to use other solutions that they haven't subjected to the same level of scrutiny reminds me of the Guardian / WhatsApp encrypted messaging debacle.

@Nigel Agreed; there are poorly-thought-through reactions on both sides. No, they are not forcing people to the cloud. Yes, they are very strongly encouraging and did a lot of things to imply that they would be forcing at some point in the future. No, 1Password.com is not a terrible idea; it may in fact raise overall security because the ease of use will let more people use it. But, yes, there are a number of new potential vulnerabilities that it introduces.

My own pet peeve is that the Agile folks in the forum and on Twitter continually dismiss legitimate concerns, either (a) without really understanding them, or (b) by deliberate misleading. This happened twice today already. Whenever the JavaScript issue—which they already acknowledged earlier in the thread—is pointed out, they repeat that it’s secure because they don’t store your password, which is completely missing the point. They are repeatedly spreading misinformation about their own product that makes it sound more secure than it actually is.

@Nigel:

Michael got my meaning right. I should have written 'SaaS' instead of 'cloud' I guess. BTW, LastPass already got hacked …

@Michael:

They will force users to the cloud sooner or later, no doubt. (But that offers an opportunity for others if there is sufficient demand.)

[…] most recently rebought the Mac version of 1Password for $20 from the Mac App Store in 2011, and I bought the iOS version for $8 in 2012. Since then […]

@Michael,

One of the AgileBits crew here (but posting under my own steam)… thanks for the write-up. It was shared and discussed among the team, and your honesty and even-handedness was (and is) appreciated. I came across the link again today and just wanted to point you to the latest over on the blog, as it lays out the road ahead a little more clearly – especially (and happily!) as pertains to local vault support in the forthcoming version of 1Password for Windows. Cheers!

@Tully Good news! I saw that post yesterday and had it in the queue for today’s blog update, but you beat me to it. :) Thanks for stopping by.

@Michael,

Other than going with PasswordWallet because of that (old) recommendation, what made you decide for it instead of something like KeypassXC? What other alternatives did you consider? I keep using 1Password standalone.

I had paid for the cloud offering when it first came out to continue to support development but I never made the move to the cloud. I cancelled and did not renew this year. I wanted to keep supporting 1Password yet the way they were answering to all legitimate concerns did not stand with what I expected.

@Roman I downloaded PasswordWallet, and it seemed to do the things I wanted. I e-mailed the developer a few questions and suggestions and got an immediate reply.

I didn’t investigate KeypassXC in depth. I think I looked at the Web site, saw no iOS version, and stopped right there. Now I see that there is an iOS app, but it’s by a different developer?

I also read a bunch of roundups and comments:

https://www.imore.com/best-password-manager-apps-mac
http://thesweetsetup.com/apps/best-password-manager-and-why-you-need-one/
http://thewirecutter.com/reviews/best-password-managers/

[…] 1Password Standalone Vaults and PasswordWallet […]

Can anyone enlighten me why using 3rd party password manager in the first place, since we already have Keychain, which I guess is magnitude of secure than anybody else.

And how can I trust 3rd party password manager not phoning home my master password and decrypting all my passwords? Is it impossible technically?

All my photos in my iPhone/iPad that's NSFW were moved immediately after shot to a local private folder accessible only to Files app, and except camera and photo editing app, all other kinds of apps are only allow to access Selected Photos, that's the Recent folder.

>Can anyone enlighten me why using 3rd party password manager in the first place, since we already have Keychain, which I guess is magnitude of secure than anybody else.
>
>And how can I trust 3rd party password manager not phoning home my master password and decrypting all my passwords? Is it impossible technically?

The security architecture of 1Password is well-known, and if there were such a function, 1) we'd know about it by now and 2) the company would likely have an irrecoverable reputation problem.

That said, I mostly agree that Keychain is good enough. There are certain things 1Password can do that Keychain can't (such as sharing a specific password between family members, or using the same keyring on platforms like Android and Windows), but for most people, I think Apple provides a pretty good solution.

Leave a Comment