So, I'll join the chorus here by saying that I've picked up the subscription fee.
I've been using their software daily for over three years. During that time, they have consistently improved their product and have been open about issues (as far as I am concerned). I was a little irked when I saw the subscription model. I was like, "hey, I paid for this." So, I looked up how much I paid in licenses by looking them up.. in 1Password. Turns out I paid about $40 for the Mac, Windows, iOS, and Android clients. That's $40 over three years for something that I use daily.
Then, look at the $5/mo subscription for families. I get something that gives me access to all their software versions (Mac, Windows, iOS and Android) for five people, my entire family (if my cat ever decides to get a computer). I am a software professional. I pay for tools that keep me going and return me money because they offer me productivity. I pay for Things, Bear, iThoughts, and may other apps that have helped me greatly.
One important statement I make to people is: _the price for security is eternal vigilance_. There are always new ways things get attacked and new ways to be more secure. I realized that I was gladly willing to pay $60/year to keep me and my family going while keeping AgileBits running as well. If there was anything that deserves a subscription, it is your security software. If its any consolation, several of my developer friends feel the same way.
As time goes on, I've gotten less and less comfortable using proprietary software for critical tasks. If 1Password were open source, I'd actually be pretty happy to subscribe. But as it stands, I have no faith that the product won't change out from under me in the future, whether due to a pivot, an acquisition, or some other reason. The incentives align in favor of the business, not the customer. IMHO, subscriptions are already pointing in that direction.
I'd rather use something like pass and deal with the downsides. (Though I admittedly haven't switched yet.)
For me, something related: can I remove the data in a usable form? 1Password makes that easy, so like others here, I'm happy to pay them to perform the 'eternal vigilance' that secret-keeping entails.
We also allow export in something called 1PIF. It's a JSON format export of your data. It doesn't currently handle everything super smoothly, notably Documents which are new.
We'll have another solution in the not too distant future that should cover things and be a documented format that anyone with the know how could use.
Also important to note, that if your account ever lapses due to lack of payment. The account is still read-only. You can export your data if you wish even when the account is read-only. We do not lock you out of your data, we just prevent normal use of the application (browser extension, editing items, adding new items, etc). But the data you've already entered is entirely accessible if you want to copy/paste or export.
Password Store (AKA 'pass') stores each password as a GPG-encrypted text file, so with gpg, $EDITOR, and cp/mv you have full control over your password data at all times without pass even having to get involved.
I was trying to illustrate that not only can you extract data in an open format, they also are responsible enough to warn end users that the data is no longer encrypted. This isn’t for the benefit of your typical HN reader.
I moved away from 1password at the time of the subscription palaver. I managed to move everything to Keepass but each entry has it's own folder.
I don't blame 1Password for the state of my Keepass db (although they pretty much forced my hand) but the closed nature of 1Password does bite you in the arse when you decide to leave.
We evaluated Lastpass about a year ago and the UI was borderline unusable. Doesn't matter so much for technical teams, but it does in broader use cases.
At some point you have to value people. The 1Password folks have never let me down, and have been very honest, so I trust them. The product has done nothing but improve over the years for me, increasing in value and ease of use. And then with how often LastPass has had security breaches, it was a no brainer for me to leave LastPass years ago, and I don't regret it.
Shifty Jelly has never let me down either, but they got acquired by NPR. Neither has Q Branch, but they ran out of money and had to shut down. Business for indies isn't predictable. Is AgileBits going to be around in 10 years? I hope so, but I think it's far more likely that they'll be swallowed up by some other company, at best. After getting burned by this over and over again, I just think it's more sensible to stick to OSS options that will probably exist in some compilable state even in the distant future.
> Shifty Jelly has never let me down either, but they got acquired by NPR.
Of all the entities they could be acquired by, I think NPR is the least offensive of all. And they've stated the intent is not to change how PocketCasts works. The other partners are WNYC, WBEZ, and PRX (helmed by Ira Glass). These are all major publishers of podcasts who have a vested interest in keeping PocketCasts a good app, and growing it. I think this is a bad example.
> Neither has Q Branch, but they ran out of money and had to shut down.
They would still be around if they had subscription revenue. Guess who has subscription revenue?
> Is AgileBits going to be around in 10 years?
They started 12 years ago. If you asked 12 years ago if they would still be around in 10 years, the answer would be yes.
> After getting burned by this over and over again, I just think it's more sensible to stick to OSS options that will probably exist in some compilable state even in the distant future.
There are open source 3d party applications on Linux that I've used to access 1Password password archives. The code is closed source but everything they're using to encrypt the passwords are open standards. You can build your own 3rd party open source platform to access them.
Do you have any suggestions for such software? I've been looking into this as I migrate to Linux and have yet to find something that does read and write for stuff stored in my Vault. I'd honestly be willing to pay for software that provided this.
> We have to advise you to never enter your 1Password Master Password into anything that isn’t 1Password. We aren’t casting aspersions on the integrity or competence of any developers, but we simply can’t advise otherwise.
So as long as you're mindful of this advice from us, go forth and conquer.
So if the app were open source and the maintainers decided to abandon it, are you going to download the code and keep it updated? If it is forked are you going to trust the new maintainers? Are you going to audit the source code?
This is the big fallacy I see whenever someone uses open source just because the source code is public. Unless you're able to perform a full audit yourself, is it really any better than a closed offering like 1Password?
I suppose the theory is that open source is better (a) because you can audit it if you want to, and (b) it's more likely that someone out there has audited it.
In practice, (a) falls apart if the user doesn't have the knowledge, experience, or time necessary to perform an audit, which is quite likely for security software. And I feel like (b) isn't great either, as there are plenty of examples of major flaws in open source projects that went undetected for long periods - heartbleed is just one example.
I agree with that assessment, but how many vulnerabilities have been found in closed sourced software? If the software is popular enough, someone somewhere is going to find a vulnerability whether it's open or closed source. Look at all of vulnerabilities that Google has found in closed sourced software. It just takes more skill to find vulnerabilities and incentives. The black hats have found vulnerabilities in iOS that Apple still hasn't managed to patch - like the one that lets law enforcement break into a locked iPhone and bypass the fail login attempts.
I think the question is is the likelihood of the party finding the vulnerability being a “good guy” or a “bad guy” different between closed and open source. I’d suspect not, but who knows.
If it was a matter of OS compatibility, I'd certainly be able to do it for iOS or macOS. Security, less so, but with luck there would be others to do that work, if the app had enough users. Surely it would be better than just implicitly trusting some company with a profit motive?
I'm not expecting anyone to do the work for free, by the way. You could still charge money for cloud sync or even app extensions and still keep the main repo open. Maybe the code could be a few revisions behind to incentivize people to pay.
In any case, from looking around, it seems that KeePass and possibly Bitwarden fit this bill.
Bitwarden has been great for me. After going from LastPass to 1Pass to KeePassXC to Bitwarden, I really appreciate the simplicity of a simple browser extension without the requirement for a local client.
Bitwarden just works and checks the boxes for me. I haven't tried it yet, but there is also a fork [1] that allows us to use our own hosting.
Of course, the answer to all your questions is "not necessarily". Sure, it's totally possible for people to not audit the code, or let it be abandoned–but open source makes this probability much lower, whereas with closed-source software you have no choice in the matter at all.
I think you’re making a lot of assumptions when assuming the probability is much lower. I’d trust a really proficient small team being paid to produce secure, closed software more than a team of disinterested volunteers. I’d also trust a small group of passionate volunteers over a paid team of crappy engineers. I guess the point is that source being open or not isn’t really the important part, at least in my opinion.
I agree. I try and use solutions that have open source formats, and are preferably open source.
I have made an exception for 1Password, as it is so good. I hate subscription for software, unless there is a clear benefit. In this case, I don't see the benefit.
I didn't know that. That adds to the esteem in which I hold 1Password and AgileBits. I think an open source format is almost as important as open source software.
opvault file access has open source tools. It would suck if they changed out from under me in the future (1password is the best password manager and it’s really not even close) but my passwords are at least accessible.
I agree, especially around subscriptions. Too many light burnings already.
I use and love 1Password, but there's no way I'm switching to the subscription model. When my version stops working (either through incompatibility or serious security flaw), I'll begrudgingly find something else to use.
You are making the same mistake with these arguments as many people make; nobody is complaining about paying for software.
People are complaining about subscriptions, because for example you easily loose track of what exactly it is your paying for.
Paying for an upgrade clearly shows you that you're paying some amount for some list of new features. You can then choose whether or not it's worth paying for.
(just to name 1 disadvantage.)
For customers there are 0 benefits to a subscription model.
For companies of course there are many.
You need software companies to provide you with security updates for their products. Insisting that you won’t pay for security updates without new features or that security updates should be offered gratis won’t lead to quality software - it just leads to feature bloat. Attaching a separate price to security updates aligns your needs with a software company’s incentives. Why is that a bad thing in your view?
If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more, since they have the functionality of your app hostage if you decide to cancel and the automatic monthly billing has no ties to the quantity or wuality of updates they push out.
That being said, security updates shouldbe part of the price you already paid, since a security flaw is a flaw in their original software.
> If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more
I'm not so sure - it'd be much easier to write the email saying "Sorry, we screwed up and got a critical security but wrong, but here's an update that fixes it." if a significant portion of your users are paying a subscription - compared to writing that same email just as marketing are preparing to try and convince everybody to pay for a new upgrade...
> That being said, security updates should be part of the price you already paid, since a security flaw is a flaw in their original software.
If that was how everything worked - our industry would be _very_ different. If everybody who ever charge money fo a piece of software was on the hook forever for all flaws it might have, you'd only ever be able to buy software from Apple or Oracle or Microsoft - there would need to be almost as any lawyers as developers in any software company.
I understand your idea - but it's the same idea as people who call up my work saying "Hey, the app you made us doesn't work any more, you need to fix it!" and everybody here is like "Who the hell are _they???_ Never even heard of them." and it turns out its a 32 bit iOS app that they paid for in 2013 and we haven't heard from since (and there's only 3 people left in the whole company who were around in '13, and none of them are iOS devs). We do not fix that for them as "part of the price they paid".
That being said, security updates shouldbe part of the price you already paid, since a security flaw is a flaw in their original software.
Security vulnerabilities generally aren’t considers latent defects under warranty laws (at least not in NA). I’m not sure what the tech world would look like if it were - for one thing, software teams would probably need a P.Eng. on their teams to ship. For another, using open source software would be even harder to do without an intermediary like Red Hat who would be willing to accept tort liability.
At any rate, your software vendor has no legal responsibility to provide you with security updates. Maybe they should. But you’ll pay for that anyways. How do you want to amortize those security updates? By paying the dividend discount price of the updates up front and risk having the product abandoned in a few years (cheating you out of your ‘dividend’), or by paying directly through a subscription?
If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more, since they have the functionality of your app hostage if you decide to cancel and the automatic monthly billing has no ties to the quantity or wuality of updates they push out.
That makes no sense - you have it completely backwards. Their incentive to provide me with timely security updates is my continued subscription fees. On the other hand, if you pay the dividend discount price for those security updates up front, they have every incentive to stop releasing updates and cheat you out of your update ‘dividend’.
> That makes no sense - you have it completely backwards. Their incentive to provide me with timely security updates is my continued subscription fees
You pay one subscription fee for both "I can use my app at all" and "security updates" together. Once there is enough inertia for you to not want to switch off, you'll probably keep paying (to use the app at all) even if they don't provide security updates.
If there were two fees - #1 a one time lifetime usage fee and #2 a security updates subscription fee then maybe that would make sense, but I don't think so otherwise
Agreed. This is the main distinction. If they are explicitly charging for security updates and being upfront that would be a completely different story. That being said, if they could do that then they can also charge for security updates piece-meal.
> At any rate, your software vendor has no legal responsibility to provide you with security updates. Maybe they should. But you’ll pay for that anyways.
Yes, those costs will ultimately be embedded in product pricing and borne by the customer, but that's good. It gives vendors a financial incentive to develop more secure software and reduce their security update costs (and earn more profit). (Nothing is perfectly secure, but a culture change and following certain practices can help. Think Microsoft pre-trustworthy computing memo and Microsoft today.)
True in the traditional model. But the Mac App Store model doesn’t have paid upgrades, which meant there was no incentive for them to keep updating. With a subscription system, there’s (theoretically at least) the possibility that customers would jump ship if they feel the developers aren’t pulling their weight.
For something like a password manager, the most compelling updates are security fixes, but there are several problems with charging for these:
- It's unreasonable to expect people to pay the full price for minor security fixes that still need to go out
- Because security upgrades are invisible to the user, it may be harder for the customer to see their value v. new features
- The timeline of when security updates need to go out is less predictable than that of feature upgrades, resulting in unpredictable revenue and expenditure for both the vendor and the customer and the customer may not have the budget to pay for an unexpected security fix
- Customers often want to take time to consider whether it is worth paying for upgrades, whereas security fixes should be applied as soon as possible
- The vendor must invest a lot of resources in testing the security of their software even when no security upgrades are warranted
> - It's unreasonable to expect people to pay the full price for minor security fixes that still need to go out
The ideal model for locally-run software, in my opinion, is to sell perpetual licenses to each major version for a one-time cost and promise security and maintenance updates for a certain period. New features can go into new major versions that users have to pay for (sometimes with discounted upgrade pricing), or, on a discretionary basis, as free updates.
This used to be the typical business model for locally-run software. Microsoft, for example, sold Windows versions for a one-time cost, promised security and some other level of updates until a certain year (and new features could be added on a discretionary basis), and provided upgrade pricing for new major versions that added new features. This kept control in users' hands, as their paid-for software could be used forever (at least until and unless external factors, like hardware incompatibilities, prevented it from working), though of course it would be very dumb to use, say, XP today on an Internet-connected machine. I am generally against subscription models for local software where there is no legitimate reliance on an outside service, and also against the trend of trying to create such a reliance for no legitimate reason ("We've added cloud sync and that's what the subscription is for. Servers cost money every month, which is why we're charging you every month." - except I can handle my own file storage and don't want your sync service).
Ugh, this trend of 'cloud sync' is highly annoying. Let me put an encrypted file on something that resembles a filesystem. If I want cloud sync, I'll put that file on Dropbox/OneDrive/GDrive/Whatever else.
It's only become a big thing after iOS and it's lack-of-a-filesystem and lack of inter-app data flows locked users out of their own devices.
Quite often I don't want many of the "new features". For me, bug fixes and security fixes are the main thing, followed by compatibility updates. I'm quite happy to pay for the latter when it was me that caused the issue by updating my OS/hardware in the first place. I'd quite like some amount of the former to be included in the original cost.
It's become a big thing because it's convenient. Every time I sign into 1Password on any of my devices, all of my passwords are there. I don't need an account with Google, Dropbox, or Microsoft for it to work and I don't need to do any manual setup. It "just works", which is exactly what the average person wants their software to do.
Manually dealing with files is a sign of poor software design for simple use cases, in my opinion. I quite like the iOS model that abstracts the idea of a filesystem away from the user because the user never cared about the file system anyways. They just had to deal with it to do whatever they really wanted to do.
> "To be honest, if a password manager needs to be regularly updated in order to remain safe, I'm not sure I trust it with my passwords."
Huh. For my part, I'd have trouble trusting a password manager (or browser, or OS) that claimed it _didn't_ need regular updates in order to remain secure.
Everything on your computer, including the OS itself needs to be regularly updated in order to remain safe...
It's not just security, it needs to be updated to continue to run on your devices. New versions of iOS, Android, Windows and Mac OS change things that need to be taken into account. The browser extensions must be kept up to date. There is a lot of work to do just to keep things running without adding any new features.
The point was requiring regular updates to stay safe, so yes, security updates. The attack surface of a password manager would be infinitesimally smaller than that of an OS.
As far as general updates go, I agree with you, but these shouldn't need to be that frequent. I still have software from the XP era running on my computer.
Of course it's all upside for the company and down for the customer. Which company wouldn't love predictable revenue from customers every month. It's an amazing business model for software businesses, especially when the customer completely forgets about it and just let's their card be charged every month.
Just gonna piggyback off this and say the family plan is an amazing value if you have aging parents.
I recently upgraded to one, set up each of my parents with accounts, and moved all of their passwords out the physical and digital notes that their passwords were strung across and into 1password.
This means no more iCloud password resets every time they need an app or call me for IT support. It means I can help them securely manage their financial accounts and photos as they get older. I can share with them my Netflix login. And I sleep better at night knowing they’ll be aware when one of their previously common recycled passwords is compromised.
The family plan is honestly the best feature hands down. I setup my partner and my mom in it. There was some resistance at first to learning a "new thing". But now they love that they only have to remember one secure password and all their other passwords are automatically generated for them. No more pet names as passwords!
I am a long time 1Password user, purchased Mac licenses, IOS and Android over the years.
I was annoyed when it changed to being subscription based, the price wasn't an issue I think for the value it gives the price is fair, 1Password is the only thing now keeping me on a Mac.
The issue i had with it is you don't own the software and when my credit card expired and i forgot to update it losing access to passwords even if temporarily until updating the card details left a bad taste and showed the downside of being subscription only.
It's been on my list to move away ever since. 12 months on I've still not done it, there's lot's of alternatives but 1Password have the UX and functionality just right however i know i should move as i now don't own my passwords.
I was annoyed when it changed to being subscription based, the price wasn't an issue I think for the value it gives the price is fair, 1Password is the only thing now keeping me on a Mac.
When accounts are frozen (which is what happens if you stop paying) 1Password enters a read-only state. You can’t use the browser extensions, make modifications, or add new data, but you’ll have read-only access to your data.
We do have a CLI that runs on Linux (as well as Mac and Windows).
My compiler (MSVC) is subscription. My go-to editor for other stuff (PyCharm and other JetBrains editors) is a subscription. My email client isn't, but my email hosting (FastMail), which has a web client, is.
It doesn't even register -- they are tools I need for my work and I'm happy to pay yearly for them. It's worth nothing that with the exception of email (which, being on my own domain, I can always move elsewhere), I still keep usable licenses if I stop subscribing, I am not locked-in.
It sounds like you feel like you underpaid. Then the solution is for them to charge more or charge for more of their products, not a subscription. A subscription basically forces you into paying for upgrades.
The only thing a subscription model is good for is it wrestes power from the consumer.
With the traditional model if they decide to stop updating the app, you wouldn’t buy the next version, and that would be your leverage. With a subscription model, they can decide to stop deivering updates, or deliver lower quality updates, and you’d be forced to pay perpetually just to keep the existing software operational.
If someone pays $40 for, say, 1Password 5, they have no incentive to upgrade. It works well enough, and there's no reason to pay again. So, 1Password is stuck supporting a legacy product (and servers / APIs for it), the user is frustrated by an old version of the software, and the company gets no money so they're at risk of folding (which would hurt both the customer and 1Password).
I agree that subscriptions can get annoying. However, if it ultimately is about the same price, it ends up working out much better for both sides. And hey, they can always stop their subscription and go somewhere else if things get bad. They don't lose their buying power completely.
If they have no incentive to upgrade, that's because the newer versions don't add any value for the user. This makes sense: 1Password is a pretty mature product at this point and there probably isn't much room to add new features, unless you want to expand the scope of the product.
That is to say that I personally (and again, this is just my opinion) don't care about any new features and would be unlikely to upgrade from version 6 on that basis. I may upgrade to ensure I will continue receiving security updates and OS and browser extension compatibility updates, but it would be nice to know how long such updates to version 7 are guaranteed for (presumably they will eventually release version 8 for a new fee and discontinue such updates to version 7).
> (and servers / APIs for it)
The users (like me) who are against subscriptions are only using local vaults (managing the storage sync ourselves) and do not care for or want the web/sync services.
I disagree. Security software (as opposed to boxed titles prior to the Internet era), subject to frequent review and that is updated regularly does offer continuing value in a steady stream of updates.
As another commenter said, the price of security is eternal vigilance.
They should not be supporting new features on old versions, and 1Password does not require servers or APIs. If you are paying for their cloud hosting then that is a justifiable subscription cost, but I’m already use Dropbox.
They should be supporting security updates and this should be built into their costs. Security updates represent flaws in their product.
If the user is frustrated by an old oversion and looks to upgrade (whether to a competitor or a new version), then that makes upgrading justified, transparent, and intentional.
Their subscription model just serves to make upgrading less intentional, less transparent, and takes away power from the consumer. Also at their current pricing it’s a massive increase in cost without really deliverying much more value. You’re paying more than what it normally costs in a year, to only be able to use it for a year. It’s like forcing me to pay for their product on an installment plan, but I don’t rven get to keep using it in the end.
Whatever benefits they claim a subscription provides can also be achieved by having more frequent, smaller, incremental updates for features you can pay for.
But don't forget compatibility updates. Underlying platforms change all the time, it makes sense for users to have to pay for these updates outside a certain time period.
In the old days with perpetually-licensed software, this was handled with a trial period (30-day demo or similar), or, where feasible, a feature-limited demo version (e.g. a game with one level as a demo). This is not a new problem or a problem without solutions.
Is it possible to pay for a subscription and use a local vault?
I've no problem with the business model, but I'd rather keep the data to myself.
Edit: Answered my own question
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
> From what I'm reading now, it seems like it's read-only. Only to get things from a vault onto their servers.
With 1Password 6 for Windows that is the case, but not with 1Password 7.
> I still don't understand how the revenue model (subscriptions) necessitates the technical solution (cloud storage).
It doesn't. But that is the recommended solution. You _can_ subscribe and use a standalone vault. But you're missing out on functionality that you're paying for that way.
Thank you Ben. Yes, I get that. There's a subset (maybe 10-20%) of data that I can't (in some cases because of legislation)/don't want to put in the cloud, while the majority would be just fine. So, yes, I'd have to accept the compromise.
Thank you again, I have now acquired a subscription and version 7 looks very nice indeed.
I had purchased a bundle for Win/OSX/Android a while ago, several years, bu somewhere around 2ish years ago, I jumped into the subscription model to support it going forward. Worth every penny to me.
I at least partly blame Apple and the MAS being such piece of shit for accelerating some of the sub trends we're seeing on the Mac now. It's really such a genuine shame, because in principle the MAS really could be an excellent idea, a way to unify and simplify a pain point of Mac use and boost security at a few levels without a need to alienate anyone or not support anything. Instead Apple had to make it an artificially pointlessly limited collection of tradeoffs and mediocrity.
In particular AgileBits is right about the missing upgrade pricing system really being a bummer. To this day Apple's decision to remove that remains one of the most perplexing decisions of anything they did with the MAS (or iOS App Store for that matter). The basic idea of paying just for marginal value added since original purchase whereas new purchasers are paying for the whole package from zero is an efficient, sensible and sustainable one that has supported the software industry well since the very beginning. Ongoing support of software costs money, particularly when Apple has made it another principle of theirs to be aggressive about pushing the platform forward vs backwards compatibility. No upgrades (or volume discounts or anything else) is still such a mind blowingly stupid decision in every respect. It's forced developers to make some tough choices unnecessarily, and IAP and subs are one way to go at it.
I at least partly blame Apple and the MAS being such piece of shit for accelerating some of the sub trends we're seeing on the Mac now. It's really such a genuine shame, because in principle the MAS really could be an excellent idea, a way to unify and simplify a pain point of Mac use and boost security at a few levels without a need to alienate anyone or not support anything.
I agree. Many of the applications that have moved out of the app store (e.g. Dash) have also ditched sandboxing.
Going back to the situation where every application can read your whole home directory is a large regression.
(Of course, non-MAS apps can also be sandboxed, but many developers do not do it.)
I remember when developers gathered at one point and submitted complaints in unison about the sorry state of Bug Reporter (rdar) at the time. I never heard if Apple responded to this directly but the tool did receive an update around the same time. Developers need to rally again, e.g. submitting the same rdar from 400,000 different people, on the topic of App Stores.
There are at least two elements to software maintenance: one is adding truly new features, and the other is making stupid changes just to keep old features working as they always did (often due to platform or hardware changes, especially with Apple!).
I see Apple coughing up none of the costs that they create by regularly fiddling with their platforms and hardware in breaking ways, yet that is a big reason why software can’t be sensibly “bought once”. Now they’ve come up with a scheme where they not only don’t give developers discounts for maintaining software but actually take yet another cut.
> There are at least two elements to software maintenance: one is adding truly new features, and the other is making stupid changes just to keep old features working as they always did (often due to platform or hardware changes, especially with Apple!).
I'm OK with the model that VMware is using, at least on the Mac.
You buy version X, you have version X. Version X gets updates for some amount of time. Eventually, a Mac OS upgrade makes version X no longer work, so you have to pay an upgrade price to upgrade to version Y. There is no subscription, but there is regular income to the company to make the updates you describe.
I like that model, too, but at least for something like 1Password I can see two issues. You'll have people using older versions with possible security vulnerabilities. If you're using hosted passwords you have to deal with dealing with multiple versions of the client indefinitely (although, you'll probably have to deal with a bit of that anyway)
When you include the hosting service, having a subscription (since you're providing an ongoing service) makes perfect sense. In this case, so does also forcing the current version.
I agree that subscriptions make perfect sense for services (because servers, support, etc. cost money on a monthly basis), but the trend seems to be to create an arbitrary reliance on a hosted service as a way to justify subscriptions. Luckily 1Password hasn't totally gone that way yet, since they still offer standalone licenses for local vaults, but I feel like it's the direction they're going.
This is what this article is about. The App Store offers no mechanism for upgrade pricing, your only options are to 1. upgrade existing app (free for existing users) or 2. release a new app (full price for existing users).
Yes. I feel that, because of the currently constantly changing nature of hardware and software platforms, subscriptions are going to be the only way of sustaining a business. It’s no longer even software as a service, but software IS a service.
The only exceptions are situations where hardware and platforms change slowly or not at all. e.g. Single player video games (and even that is largely consoles), certain kinds of embedded, etc.
People are already becoming frustrated with all the subscriptions they have, though. People are “fine” with paying to maintain things like their home and car. The problem with software is that it doesn’t really “break” from use. Updating the platform and hardware around the software is what can break it. It would be like the pipes in your home are indestructible and never burst in winter, but they can explode when building codes update or the water treatment plant changes it’s equipment.
I hope that it's only a matter of time before people start turning their pitchforks at Apple, Microsoft, maybe Google et al who are the perpetrators of the majority of this platform fiddling that stops software from working.
Although it's been said that they will continue supporting licenses through their website, they have made this feature _extremely_ difficult to find ever since introducing subscriptions. I've been a loyal user of 1Password for a long time, and I think it's great software. I use it on both my Macs, as well as on my iOS devices.
However, hiding the non-subscription feature is silly. I do not wish to add yet another subscription (especially something so crucial as my what manages my passwords; I need [edit] it to work, no questions asked), and I would be more than happy to purchase a new license for 1Password 7.
Most of the HN users reading this thread do understand the difference between licenses and subscriptions. It may seem strange but this is not the case for the vast majority of the users. We have customers emailing us about having a 1Password account/subscription since before 2015 (when we only had licenses).
There was a lot of confusion with this design because people simply had no idea what to choose. It is ridiculous but we had many hundreds of customers purchasing both.
The subscription is a better option for most of our users because it takes care of so many things:
- no need to purchase separately on every platform
- no need to learn the difference between iCloud and Dropbox sync, and why sharing is not possible with iCloud option
- no need to learn how to set up a shared Dropbox folder
- no need to worry about backups when your computer or phone dies
- and more
Many of our long-time customers still use licenses and are happy with the existing setup and we want to keep them happy. This is the main reason we keep the licenses going and releasing new version for Mac and Windows support for licenses and standalone vaults.
Honestly, I will be happy if you continue to support licenses vs. subscriptions as an option + syncing with the cloud service of choice (I use iCloud). My use case is pretty simple. I don't need fancy integrations. I just want an easy to use solution that protects my passwords and enables me to use it across my Apple devices...which is what my (licensed) 1Password 6 does wonderfully for me now, across two Macs, my iPhone, and my iPad. For that feature set, I am willing to fork over for a new license at major versions. I just don't feel comfortable making my password management dependent on a subscription. Also, I would be more amenable to a subscription for a small amount for the iOS app (as that is more of a convenience than critical to my workflow; I use 1Password on the desktop much more frequently) so long as I can still purchase a license for my computers [edit] and have all the devices work together.
The standalone macOS app isn’t going to be much value to me if the iOS app requires a subscription though.
1Password accounts seem like a very attractive target for something like Stuxnet. I just can’t bring myself to put my trust in a corporation, given the history of pivots & acquisitions and subsequent licence changes & data repurposing.
The iOS application doesn't require a subscription to use. It works just fine as it always has with standalone vaults via iCloud or Dropbox (and WLAN from a desktop).
On iOS, scroll down the list, you'll see an option on the welcome screen to create a standalone vault. You're not on a subscription doing this.
Already have a vault synced to Dropbox or iCloud? Tap the requisite option on the welcome screen and it'll suck the data in from your sync source of choice. Again, no subscription required.
What is the future of dropbox sync between desktop and iOS? Am I right in assuming that since you keep only mentioning iCloud that it won't be possible? I can just decline to upgrade the desktop client, but I can't just choose to ignore updates to the iOS client.
I feel the same way and I'm starting to look towards alternatives. Despite having bought (or had bought for me, at various jobs) somewhere between 10 and 15 individual licenses, 1Password won't ever get another dime from me after the way they've treated non-subscription customers. In addition to making it confusing to use my license, the command-line doesn't work at all without a subscription and now other software that integrates with 1Password is being made subscription only.
Like you, I would have happily done a paid upgrade to 1Password 7, but a subscription to access my passwords is a non-starter. And after having been made to feel like a second-class citizen for so long, they've burned any good will I had for them and I'm done buying anything from them.
> I feel the same way and I'm starting to look towards alternatives.
Enpass[0] is worth a look. Free on desktop, one-time fee on Mobile, sync via the cloud provider of your choice. Also available for Linux, which is what drew me to it.
Could you give me some details on what we've done to make you feel like a second-class citizen? I'm sorry if we've made you feel that way, it certainly isn't our intent but clearly we've done something that hasn't sat well with you.
Licenses aren't going away and we are definitely offering them for version 7. There are a variety of new features that both license and subscription users will see in version 7 as well.
The command line tool was made possible because our server component was written in Go and so we had a great deal of the work done as the command line tool is also written in Go. So there's a great deal of shared code there.
The original intent of the CLI was to allow administrators to automate the creation and deletion of users and vaults. They do this type of stuff all the time and having a tool accessible to them for this purpose was a goal of ours. It has the ability alter items and all that but I think for the most part it's used as an admin tool more than anything. Very little of this applies to the way the standalone vaults work.
Either way, I'd love to understand more about what we did to wrong you so I can pass that information along to the teams that need to see it.
Sorry I missed your message from a couple of days ago, but in case you read this:
The feeling of being a second-class citizen comes from recently purchasing a new computer and the process of getting 1password configured.
- First, the webpage. The 'Try it free', 'pricing' and 'get started' links all go to a sign-up page that makes no mention of the non-subscription option. To download the software, I had to find the little 'download' link in the footer of the page. Given that it's still possible to signup for the subscription service after downloading, I'd like to see a more prominent 'download' to both support people like me who have an existing license and people who want to install first and sign-up second.
- Second, there's the experience when first starting the app. It actually took me about 30 seconds to figure out how to connect it to my existing vault that I keep in Dropbox. The sign-up flow is so prominent. It may have been different if I'd installed my license before connecting my vault, but I keep my license in my vault, so that's a bit of a chicken-and-egg problem.
- Third, on my new computer I discovered the Station app, which seems like a cool way to separate my persistent, always open tabs from my normal browser tabs. It has 1Password integration, but uses the CLI client to accomplish that, which means I'm out of luck and stuck having to copy-paste my password every time GMail wants to reverify. Adding support for non-subscription to the CLI would mean a lot since it's used to integrate with other apps.
Alternately, if you'd like to publish developer documentation on the native message protocol used by the Chrome extension, I'm happy to write code myself. I've wanted a modern version of http://sudolikeaboss.com for a while, but reverse engineering your protocol crosses my not-worth-the-effort boundary.
None of this is major, but it's all the little things that contribute to the feeling of being second-class in the eyes of AgileBits.
Regarding your first point. I've filed this feedback to our team in charge of the 1Password.com page. I don't have much more than that right now but I generally agree with you. There are probably reasons for why we focus this a bit differently... Notably, if I had to guess, that paying through IAP (which is how they'd likely end up paying if they sign up in app) costs us a significant amount more and offers far less flexibility. Just one potential reason I think.
For the second. We've rewritten this welcome screen multiple times... turns out getting it right is incredibly difficult. I think we've gone through something like 50 different variations of this single pane now. I honestly don't have anything on in mind that I can share here.. it's both frustrating for us because we know people are confused by it, but we also aren't sure how else we can present that information that's going to be more clear. It's always a teeter totter, trade one thing for something else, but we lose something as well. I do appreciate you commenting on this though, I'll pass it along to the rest of the team as well.
> We have to advise you to never enter your 1Password Master Password into anything that isn’t 1Password. We aren’t casting aspersions on the integrity or competence of any developers, but we simply can’t advise otherwise.
So our general stance here is, you really shouldn't enter your Master Password/Secret Key into third party apps. We can't vouch for it and you're basically giving Station full access to your data doing this. Entering it into the CLI directly is great, but.. Station is gaining access to this information which is the issue we generally have with suggesting this type of thing.
Adding support for standalone vaults to our CLI is... difficult. The 1Password.com server is written in Go. As is the CLI. We were able to make the CLI in super fast form because we could piggy back on the code we have for the server, move a couple modules over to a new project, write some glue, wah-la. The CLI also started as a tool for management of accounts... think adding users, deleting users, adding vaults, granting access, etc. Admin type stuff. Literally none of this applies to standalone vaults.
At best we could write a CLI (separately) as part of the 1Password app that is in Objective-C/Swift, since we could piggy back on existing libraries we have in 1Password for Mac/iOS. But I really don't see very many people needing this... would it be cool? Absolutely... but... I don't think there's this great demand for it.
Regarding sudolikeaboss, I think we'd ultimately like to see something like that again. But the way sudolikeaboss worked was incredibly hacky and it was bound to break because of this. We'll have to take a look at this for future updates, but I don't see sudolikeaboss coming back as a thing, perhaps we can do something internally though. There was simply no time for this for 7.0 though. But maybe it's a neat idea for 7.1 or 7.2... both of which have some already huge features planned.
So to kind of re-iterate a little bit. The CLI exists because it was super easy to glue pieces together from existing code. It's not like we set out to write this to stick it to anyone, we wrote it because we seen a demand for it by administrators who were on unix type systems and they wanted ways to admin their accounts. It gained some editing/using features as well but those came after. Interestingly the CLI talks directly to the server for this, it doesn't have a copy of data locally... it doesn't really have any idea about data formats and such.
And sudolikeaboss, while cool, wasn't an officially endorsed product of ours... that isn't an excuse for breaking it, but it also shouldn't be a huge surprise that it did break due to the way it functioned. I personally would like to see something similar in the future though.
Hope that helps some... I understand these are all important to you though and I hope my response doesn't dismiss any of that importance. I'm only trying to explain from our side so you can see thought process a little bit. You also don't have to agree with our decisions, and I'm not trying to convince you that we did the right thing. I just find understanding why we do something makes it easier to at least accept how/why something happened.
Please do let me know if you have questions though. I'll keep an eye on this for a few more days. Otherwise, please email in and mention me and I'd be happy to help get you answers.
That way, software could integrate with 1Password by triggering 1Password to prompt the user for the master password, choose a password entry and send that data back to the application that triggered 1Password. That way, the master password is never sent to anything that isn't 1Password. This was the workflow of sudolikeaboss. The implementation of that, however, was hacky since it used a reverse engineered websocket connection behind the scenes. It would seem that the native messaging stuff is a little cleaner and would allow third-party apps to trigger 1Password in a way that, at most, a single password would ever be exposed.
I guess the ask would be to make that native messaging protocol that the Chrome extension uses a documented and stable thing. And since the 1Password application is used by both subscribers and licensees, that can become the preferred way for 3rd parties to integrate with 1Password in a way that users know only exposes individual passwords at the single point in time when they're used rather than the entire vault, for exactly the security reasons you mentioned.
BTW...as much as I've felt frustrated by some of the decisions AgileBits has made, in the few interactions I've had with people at your company, everyone has always been the above-and-beyond type, as you've exhibited here, so thank you for the effort to engage in this discussion, likely long after others have stopped reading this thread.
There are a few security related issues with how we handle the native messaging stuff.
There are two important things:
1. We check code signatures and compare them against what we know and expect.
2. The more we approve for this the more it feels like we're screening and supporting the ones we do approve.
We have opted to remove all browsers except those that are mainstream (Chrome, Firefox, Safari and Opera). I believe everything else has been removed. We also don't allow this to be disabled, for security reasons, as of recent versions.
sudolikeaboss would also require that we add their code signature to the app and it breaks the new rule we have on that.
If sudolikeaboss ever came back, it'd be a home grown solution internal from us. It's the only way we could make this work I think.
Security is really tough. We didn't want to start feeling like we had to screen all apps and vouch for them. It's a really slippery slope. Maybe we'll find other ways to accomplish this though. There are indeed some .. plans.. that might actually really impact this in the future! We'll have to see what comes from WWDC this year before we make next steps though.
And thanks for the kind words. I like hacker news, I hang out here and read stuff during my lunch and stuff, so it's a pleasure getting to converse with people here. :)
I've been very happy with bitwarden. It's free to use (and open source if you want to self host). They have a 10 USD/year subscription if you care to some premium features and/or supporting the company.
As a free user I've contacted their support twice and they replied within minutes.
I thought Bitwarden was super cool until I realized that the self-hosted version still phones home to their servers. Not to say that you couldn't fix that, I mean, the source is all available.
But shamefully, as it stands, "self hosted" for Bitwarden really means "host on your server, with our server's permission"
I agree they are burying the hell out of it, but as it stands licenses for 1Password 7 (which is still in beta on Mac & Windows) can only be purchased from within the client, as they want to test the order flow which was rebuilt in this version.
The Windows version of 1Password 7 still can’t be licensed, they haven’t built that part yet. The Mac version however can be purchased, and if you plan on sticking with it I would do so now, as the price will be much higher in the near future. Right now it’s being offered at 50% off.
I just went through this - there's a tiny "downloads" link at the bottom of their page that takes you to https://1password.com/downloads/
I just went through this. Install v7, open it, unlock your vault, and it'll prompt you to try a subscription, with a tiny option below to just buy a license.
I switched over to Enpass (https://www.enpass.io/) not too long ago and it's been great. At the time (about 2 years ago), it had the best feature parity with 1Password and it's continually gotten better over time.
I have been using Bitwarden for some time now. It’s an open source password manager. There are apps for all major platforms and extensions to all major browsers. Checkout https://bitwarden.com/
Interesting in that you can host your own instance of their cloud server, but I really prefer something that uses standard cloud storage mechanisms (Dropbox, iCloud, etc.) for sync and works on top of that.
Like others here, I'll probably be reevaluating my choice when it feels like it's time to upgrade. For me, some of the open source solutions are perfect as far as the underlying storage format and sync technology, but lack good browser extensions that already understand all the quirks of various sites. That's the kind of thing that a commercial product can tend to do a better job at.
I use Enpass for this, which uses any kind of regular cloud storage backend and has a fully-featured desktop client and browser fill plugins for free. The mobile clients cost money ($10 per platform, once) which I think makes perfect sense.
You can get it to recognize fingerprints or a short version of your password if it's even been fully unlocked for the current phone session. It's a little fiddly and may not meet the level of security you're looking for, but it's an option.
I don't use any plugins. I just copy/paste, which if you're doing it from the app stores the copied parameter in memory for a ~15 seconds, after which it is flushed.
I've been an early adopter and really they are coming in leaps and bounds. The only complaint I have is that integration with iOS apps is very very spotty, but I believe that's an issue with Apple muscling 3rd-parties away from that field (and to a certain degree, an issue with developers not following best practices in their apps).
To be precise, their base software is Free software, licensed under the AGPLv3. The also distribute non-Free (and non-Open Source, and non-gratis) software.
Their base software has an artificial limit in terms of number of users and number of 'collections', which goes contrary to the ethics of Free software.
Your passwords are stored on their server. You'd have to compile and run your own server, which is more expensive than the $1/month they're asking for.
So you’re paying for the service they offer: a hosted version. You do so because it’s cheaper than hosting your own. There’s no conflict at all with any open source ethic.
> You'd have to compile and run your own server, which is more expensive than the $1/month they're asking for.
For people like me that already rent a VPS for their mail and website the marginal cost is $0 except for the time it would take for me to perform the installation and setup.
If the system is good and stable then the "cost" of the time that I would spend installing it on my server would be close to $0 when divided over the amount of time I use the software in the future.
I think another plus of buying their service is your supporting development of the software and saving yourself time, while a critical piece of your security software remains open source.
> which goes contrary to the ethics of Free software.
No it doesn’t. Free software doesn’t have to be free: Even on the GPL page it’s written that it’s even ok to sell free software. It’s only unethical if you equate OSS to software communism, but that’s another topic.
So anything that encourages the user to either use the freemium, then either dive into the code or either pay, is ethically correct. After all, you can download their AGPL, knock the limit, and redistribute. At which point you’ll be a contributor and while you’re at it, you’ll probably make a few other improvements: it means effectively free for contributors, which is awesome. See, it articulates quite well gratis, contributors and funding.
It’s only designed to make enterprises pay, which is good because they can “donate” huge sums for good software, so it funds the open-source community quite well. And it retains the qualities of OSS: You know what you install, you’re not tied to the editor if he dies, and if they stop improving the software, a contributor can take over their code and become more famous. Win-win-win.
I saw all that but it looks like you've got to pay a monthly fee for full access for their cloud storage. Not sure its worth the hassle of migrating to in this case.
Maybe, but Bitwarden is open source, and Enpass is not. It's not important for people unless it is important for them, and in that case it's usually very important.
It's $1/month to support open source software. That's not a bad price. You can also choose to use their hosting for free too; I was doing that for a few months before fully adopting it.
So remember when 1Password claimed it was superior to LastPass for only requiring you to pay a one-time fee and not storing all of your stuff in the cloud?
I get that these moves make people nervous, and rightfully so. But as it stands every version of 1Password in active development (not including maintenance mode):
* Can be licensed standalone.
* Supports local & Dropbox vaults.
* Was released within the last year, actively supporting those features.
The only feature they’ve actually killed off (by not baking into future clients) is WLAN sync. This is a regression for some, but personally I always found it super impractical.
I agree that how they are going about this doesn’t inspire confidence that these features will remain in the product, but to some extent it does.
While they downplay the hell out of it, 1Password 6 for Windows was a ground up rewrite that ditched local vaults and standalone licensing. Those features were reintroduced in 1Password 7 for Windows, which is a pretty big backtrack for them and requires renewed development effort.
AgileBits doesn’t always make the right decision. They develop opinionated software, like most good developers. However, just like the MAS-only decision they made with 1Password 4 and stood by for some time, eventually they do right by their customers.
1Password 7 for Windows is a great example of that. As much as they would love to go cloud only, they heard the feedback and brought back those two key features. At this point, I can’t expect much more than that.
I moved to LastPass the moment Agile Bits decided to not support its (non subscription) 1Password paying customers in having a web access to the vault.
I had bought all 1Password versions + updates (Windows, Android, Mac, iOS) which put me well above $100. One day I simply couldn't use 1Password online, which I relied on for Chrome OS use. Dropbox decided, rightfully, that the public folder shouldn't be used as a static web server, which is what 1Password used as online vaults.
There was a long discussion in Agile Bits' forums about this issue. Agile Bits argued that it wasn't its responsibility to solve this since it was a Dropbox decision and its users could still store and sync the online vault manually on their own servers. I argued that losing automatic sync rendered the feature pretty much useless.
In any case, Agile Bits could have transitioned its users to the subscription model by either giving them subscription time or by offering an alternative to the Dropbox public folder, but it decided that its customers were not worth the effort.
I had a lot of respect for Agile Bits and 1Password, but this was a crappy way to treat its customers, specially considering 1Password was not a cheap product.
LastPass is not as elegant, but I'm happy with it.
How many customers read your blog? That post has 225 comments. From that base, 90 people expressing interest in a feature sounds HUGE.
I don't care about that feature... but this HN thread is the first I'd noticed that 1Password 7 for Windows actually exists and finally brings back local vault support. I care very much about that. I'd have liked to know about that the minute a public beta landed. But... I spend approximately 0 minutes a day thinking about ways I could better engage with AgileBits.
Maybe y'all could spare some minutes to figure out how to better engage with me, a customer who gave you some money 3+ years ago and has hardly heard a peep from you since.
That is a real challenge. On one hand we love talking about 1Passsword and what we’re working on. On the other hand...
1) We often don’t even have contact details for customers (e.x. App Store purchases)
2) When we do have such contact details they may have only been given for the purpose of completing a transaction, and did not agree to receive a newsletter or ongoing communications
3) Even when none of the above is a barrier it is very time intensive to send a newsletter. Not only does it require a fair bit of time to craft but the volume of inflows to our customer support team after sending a newsletter are huge.
I understand and agree with your position that putting the onus of keeping up on what is happening at AgileBits on the customer is no solution, but we do have to balance the above considerations. We’ll continue to look for ways we can do better.
Did you subscribe to our newsletter? We also sent an email about it.
Blog and newsletter are the only options we have to communicate with our customers. I agree that it is not enough and not everyone receives this information.
If you have an idea how we can make it better, please let me know!
While I could understand people being upset about this, I pay for a 1password family subscription. It really is a terrific investment. As far as subscription services go it's about the best bang for my buck that I get. A sustainable service model is important for something I rely on so much - especially something that needs to keep on security lockdown.
Also makes it easy for the family to share hulu, netflix, whatnot.
I wonder if it's so much better than for example Bitwarden for families, which is $1/month. (https://bitwarden.com )
Also, the switch to the "1password cloud", instead of the already freely available iCloud/Google Cloud/Dropbox etc, just seems like a move to make people believe their expensive subscription are justified.
There was absolutely no demand for a "1password cloud".
This entire push to subscription-hell makes me sick...
(i've had 1Password paid versions, OSX & iOS, for like 7 years btw.)
If you look at 1Password features, a lot of them are simply not feasible to implement without having a server-side component. Most of them revolve around sharing, permissions, automatic backups, account recovery, 2FA, etc.
Vault sharing is simply impossible with iCloud. Sharing with Dropbox requires manual set up of shared folders.
This is a very good point that most people fail to understand. We get frequent demands to add 2FA to standalone vaults... the best we can do is try to explain.
I just switched over as a long time standalone user, and I completely agree. The 1Password Families subscription provides a tremendous amount of value and the product just keeps getting better.
Probably nothing other than ease of use, but the old model isn't part of the equation for me. 5 bucks a month for my whole family to have good password security practices, and for 1password to sustain continuous updates, is a great deal.
Something as critical as "password infrastructure" should absolutely never be a subscription model. Pay software, sure. But by no means should anybody other than you have the ability to refuse access, especially some company where you are nothing but a $5/month number.
I would be more forgiving if the subscription was for value-added features, like dynamic syncing, or remote encrypted storage. But it ain't.
Dynamic syncing and remote encrypted storage is exactly what 1password subscription gives you - I add something and it's available on all my devices right away (or my family's devices if I'm sharing it). There are tons of open source options out there if you're not looking for a paid/hosted option.
If remote services were an add-on, and nonpayment left your clients still able to use the program, I see no issue. That's not what happens. You're locked out of all your stuff on nonpayment for the "subscription".
This trend of subscription-ifying is horrifying. It's turning users into digital sharecroppers, for a guaranteed line of money. And 'easy-to-import, hard-to-export' is the modus operandi for these companies.
Sure, I'll take the karma hit. I already have with the prior post here. Evidently, people seem on the most part OK with allowing their personal data be trapped behind subscription paywalls... Well, they're OK with it until they're not.
EDIT: Lets make this crystal-clear what my complaint is:
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
No Pay, Forget to Pay, can't afford == FUCKED.
Long story short, they hold your data hostage for the "New and Improved Business Plan".
Your data is yours. Even if you cancel your subscription and your account is frozen, you can still sign in to
1Password.com or in the apps to view and export your data.
At first, they're not a monopoly, people who worry about that could easily use other open-source and probably less convenient solution.
Secondly, after the subscription ends the apps simply go into read-only mode. You still have access and can export all of your passwords.
We may argue about it but the most expensive solutions are still the most consumer-friendly.
I really like 1Password, it has been my daily driver for years. The creators gifted me versions for macOS and iOS years ago, so I never had to pay for it - which I would have done happily and, in fact, just recently did.
But the push to the cloud versions gives me headache. I don’t want to sync using their cloud - I actually sync using a WiFi server. While it’s (still) possible to obtain the standalone versions, it’s difficult to find them. And I expect that in a few years, they’ll be gone completely.
I am looking into Bitwarden at the moment as a self-hosted alternative but I haven’t decided yet.
It's worth noting (and not super obvious because of their marketing) that "getting a subscription" and "using their cloud sync" are not a mutual requirement. You can pay via subscription and continue using local/Dropbox/etc vaults.
This part was super confusing to me until I dug deeper when a friend upgraded.
So the primary impact of switching from standalone license to subscription, if you're planning on using 1Password for a while, is that instead of paying a larger chunk of money every so often when they drop a new major version, you move to paying a flat couple bucks a month or larger chunk per year.
The developer's comments on the article contradict what you're saying:
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
> As it stands, though, how you purchase 1Password is intrinsically tied to where you store your vaults and how you sync them
If you download 1Password through our website instead of the Mac App Store you can indeed use a subscription with standalone vaults. It isn’t the recommended configuration, as you’re paying for features you can’t use, but it is possible. We intentionally don’t talk about this in marketing as in the past it has caused a lot of confusion, particularly with less technical users. HN is obviously a different audience, and we can talk about that here.
It's super frustrating how vague and contradictory they're being about this :\
I understand why they're subscription-only for the mac app store, as a way around its insane lack of pricing flexibility. Makes sense, fully support, etc. But they seem to be continually pushing the non-cloud options further and further away from visibility :|
Sorry for the confusion. This is simply incorrect and I need to hunt down who is saying otherwise and get this fixed on our end.
If you have a subscription you can create standalone vaults outside of your subscription and sync those using iCloud, Dropbox or WLAN sync if you wish.
This behaves the same in version 7 as it did in version 6.
The first reply on the top comment of the official blog post says "1Password 7 from the Mac App Store will only support our hosted service" so you should probably start by correcting that...
I get the impression that anything that is not on the agilebits cloud is legacy and they will eventually stop supporting the other options bit by bit, despite what they say on HN forums.
I understand the attraction, from a software development standpoint it's much easier to make everything work well when you control the server and client software together.
This. The writing is on the wall ever since the subscription model hit. I'm holding out until stuff breaks, and then I'll transition to something open source for my very modest needs.
Thanks for pointing that out, that was, indeed, not clear to me either. But I expect this will change at some point, for the sake of simplicity for end users. Giving up security for convenience.
I doubt that, personally, because of exactly the reasons you and others are noting in this thread.
Especially in a world where they successfully convince everybody to pay a monthly subscription, the effect of losing every user who wants local vaults would be an immediate visible blow to their revenue stream.
Their goal in moving to subscription services seems less driven by simplicity and more with making that revenue stream more predictable. But whoever runs the marketing side of the house decided the best way to pitch the change was by saying how great the cloud hosting was, and looking around at these comments I hope they realize their error.
Assuming that's correct (since the blog post still strikes me as vague), the answer is clear in their reply: memberships are exclusively cloud, standalone licenses are exclusively local backups / sync.
I’m currently using the 1Password 7 beta with a subscription and no standalone license. I have one vault that is stored in Dropbox and another that is just local.
I have no idea why they’ve decided to handle what they’ve called out elsewhere in this thread as an “advanced feature” that won’t be going away by lying about the feature not existing.
It seems so weird because their subscriptions work exactly how I’d want them to work, but all their public statements actively prevent people like me from knowing that.
Yeah, if it is (and stays) like "memberships get all apps + cloud sync + can still use dropbox sync" I'll happily switch. But I've asked them this question like 4 or 5 times now, and each time I've gotten a slightly different answer.
It's completely ridiculous. And it's burning trust, in a fairly inherently distrustful crowd like you get when you're in the security / crypto field.
I'll clarify for you then :) I'm a developer on our Apple team (Mac and iOS).
If you purchase a subscription you can create standalone vaults and sync them to Dropbox, iCloud, WLAN or Folder just as if you had purchased a license. You'll have both an account (which has vaults in it) and standalone local vaults that can be synced as above.
This is how it behaves in version 6 and nothing has changed with this in version 7.
So if you'd rather have a subscription AND just use standalone vaults you're welcome to do that.
Not however that this may not be true for Android or Windows. I'd have to double check with those teams as to how they do it but at least with regard to Apple platforms this is a viable option if you so choose.
I've brought this topic up internally and hope that we can all be on the same page. My suspicion is that someone from a non-Apple side of the company is answering these. It's tough because our Windows and Android apps are still trying to play catchup with Mac and iOS, so they may not do things that Mac and iOS do.
I do apologize for the confusion though. That said though you can take my answer and trust it. If you have questions though please reach out to our support and mention me specifically (Kyle) and they'll get you in touch with me.
Only one standalone vault is allowed for Android, it doesn't have multiple vault support.
However if you have an active subscription to 1Password.com it will unlock the Pro features for that single standalone vault. So it behaves similarly to how 1Password for iOS does in this regard. The difference is that 1Password for iOS supports multiple vaults.
I've used 1Pw local sync for years, and it's very finicky. When I've contacted support, they only offered suggestions like "restart the app", or "upgrade to the latest version" (even though there's nothing in the changelog which seems possibly relevant). Some days I'll add two new passwords, sync to my other Mac (multiple times, even), and only one of them is transferred.
The move to their own "cloud" as the primary sync system pretty much ensures other sync methods will never get properly fixed. I wouldn't have recommended 1Pw to people looking for non-cloud sync in the past, and now I definitely wouldn't.
As a counterexample: I've been using dropbox sync for years, 1000+ passwords, only ever had one problem due to a conflict ("lost" password I made on mobile, resolved by picking the right conflict-file in dropbox).
That said, I refuse to use cloud-stored browser-accessed password managers, and it's looking more and more like they're pushing for that to be the only option. Not there yet, but oh boy are they pushing it down into the deepest corners of the website.
Not even slightly. Encrypted at rest -> who cares where it is stored or how it's synced.
Desktop app: I can stop updating, firewall the app, use offline, airgap a computer, I have many options for reducing my attack surface.
Website: I have literally no way of locking down a version, possible-but-I-haven't-seen-it to be notified of changes (but likely not block them), and it would be rather trivial for the site to ship new JS that simply uploads your password once entered.
Not that I think you are. I assume you'll approach that with the same level of care as you've given your apps (which has been fantastic). But I do think that you're a gigantic payout if someone successfully breaks in. Why should I throw my eggs into such a large, internet-connected basket?
---
For comparison, injecting a malicious update into the apps to do the equivalent of a trivial, invisible JS change means: 1) getting a change into the binary (maybe they brought their own tho), 2) breaking into your app-signing system which is hopefully among your most-secure locations[1], 3) distributing the app to both customers and employees with a visible update notification, and 4) not getting caught before I download it. For each app. Websites are far, far easier to take control of.
[1]: I'm not aware of any server-side security-oriented frontend-web stack which would mitigate this in the slightest. I hope there is though! I'd love to read up on it if anyone knows of one.
It is finicky! There are multiple components outside of 1Password control when you are using Dropbox, iCloud, or WiFi sync.
We do our best to find, troubleshoot, workaround these issues. We have built an entire Troubleshooting and Diagnostics utility just for that:
https://support.1password.com/diagnostics/
For the majority of users sync with third-party services works well. However, there cases when it gets finicky.
I don't use any third-party services. I use what 1Pw calls "Folder" sync, as it's the only non-cloud method available. 1Pw on Mac #1 saves a binary file to disk, and 1Pw on Mac #2 loads that file from disk. There's no components here out of 1Pw's control. Sometimes, 1Pw simply doesn't write the file on Mac #1, as I can tell by the modification timestamp.
I ran 1PasswordTroubleshooting.app, and sent in the 400KB report it generated. The response I got from tech support mentioned nothing about what might have been found in that file (or what they expected to find, which could prevent data from getting from the application to the filesystem). They simply gave the usual spiel about restarting/upgrading.
> So the primary impact of switching from standalone license to subscription, if you're planning on using 1Password for a while, is that instead of paying a larger chunk of money every so often when they drop a new major version, you move to paying a flat couple bucks a month or larger chunk per year.
One thing that is not clear to me is what happens with the subscription license if you go a long time without internet access. With the standalone license, it checks the validity of the license when I enter it, and then I'm good as far as I've been able to tell forever more.
If I take a laptop with a 1Password subscription, fully validated and synced, and spend 6 months with no internet access, will 1Password continue working?
Remember, 1Password is often used for more than just internet passwords, so wanting to use it with no internet access is not unreasonable.
I'm surprised that no-one on this page has mentioned PasswordSafe (https://www.pwsafe.org). Open-source, supports cloud (Dropbox and iCloud sync) and local storage, available on Windows, Linux, Mac, iOS and Android, and has good pedigree (Bruce Schneier). Gets regularly updated.
I've been using this for years across multiple devices and O/S. A real lifesaver.
> If I take a laptop with a 1Password subscription, fully validated and synced, and spend 6 months with no internet access, will 1Password continue working?
Yes. Obviously it won’t sync with your other devices until you restore connectivity.
> While it’s (still) possible to obtain the standalone versions, it’s difficult to find them. And I expect that in a few years, they’ll be gone completely
They mentioned somewhere on their site (I don't remember exactly where...it might have been in an answer to a question on the forums) that one of the points of 1Password 7 is to bring the standalone versions up to parity with the subscription version.
Right now, standalone and subscription are essentially different products, with all new feature work going into the subscription product. With 1Password 7, they become essentially one product with different licensing options.
It sure didn't sound like they plan to get rid of standalone.
Every release of 1Password includes both subscription and standalone features. The download is available here:
https://1password.com/downloads/
We always try to implement the new features for both standalone and subscription customers, when it is possible. There are features that are based on the server doing the heavy lifting (permissions, travel mode, account recovery, backups, item history) and they are not available in the standalone mode.
But the push to the cloud versions gives me headache. I don’t want to sync using their cloud - I actually sync using a WiFi server.
But it has nice benefits as well, they have a Chrome/Firefox extension (1Password X) that goes with their cloud that works on Linux. Understandably, it would be harder for them to offer this on top of Dropbox or Wifi sync.
There's no requirement whatsoever that 1Password X be exclusive to a privately-run cloud. Easier to build, possibly (though since it includes the difficulty of building the cloud service in the first place... oh hell no, 100x harder), but it could work just as well with manual syncing (point to a url -> download the backup, or just give it the file).
Implementing things is not the hardest part. Supporting customers is the hardest part. Things will break and with manual syncing support is going to be a nightmare.
My point is that it doesn't need to sync. Ignore syncing. I'd even prefer to download and upload the backups by hand, rather than put it all in someone else's control in a browser environment.
Cloud password systems are like running all your security-sensitive code in an Electron app - an impossibly large attack surface with many significant flaws in some of your most-sensitive use. It doesn't make sense if you care about security at all. At least extensions are moderately well sandboxed compared to websites (since it'd be trivial to ship new javascript from their site).
Try building a password manager that doesn’t sync and let me know how sales go. :)
> Cloud password systems are like running all your security-sensitive code in an Electron app - an impossibly large attack surface with many significant flaws in some of your most-sensitive use. It doesn't make sense if you care about security at all. At least extensions are moderately well sandboxed compared to websites (since it'd be trivial to ship new javascript from their site).
You are correct in that the web browser is a very hostile environment. We're working to minimize what tasks need a web browser, and have already got it such that the entire sign-up flow can be completed in-app at least on iOS.
> Try building a password manager that doesn’t sync and let me know how sales go. :)
Well... 1Password arguably doesn't sync (until the cloud stuff). It stores files on disk, dropbox syncs it behind the scenes. Given my backup size vs how often I change it: I honestly wouldn't care if it were one blob that were uploaded / downloaded at once for every change, rather than all the small pieces it does now (I assume this is to speed up sync (by a ton)? It's also a major source of sync conflicts that lose data, since dropbox will store both copies on conflict (minus bugs), so it's a horse apiece).
So it works pretty well, apparently. See also KeePass* and many other local-only password managers which people sync via scripts / dropbox / etc. They're doing fine, though 1P is dramatically better than the competition and I'm plenty happy paying for it.
1Password X is an extension that is sandboxed. However, default sandbox is not enough. We also spent a huge amount of effort on its security model. Here is more information about it:
Can I use this space to ask how people actually use password managers on mobile? I got LastPass recently and put on it a good secure "correct horse battery staple"-type password. So now when I use accounts on my phone I have to type that password instead of my short, randomly generated, reused-all-the-time password. This means I'm more secure (no password reuse) but typing 30ish characters without error into my phone is tough! It usually takes me three tries and every time I curse my new password manager.
But the alternative seems to be staying logged in to LastPass which means it's just my four digit phone pin to get access to everything. I mean, I guess if someone takes my phone and bypasses my PIN then I've already lost basically everything. But at least I wouldn't also be signing them into my bank account. My phone doesn't have biometrics which I think would be my compromise if it had them.
I use 1pass on my phone. I have a long password (English phrase) that I only use with 1pass I guess I've entered it enough times on mobile that I don't mistype it often.
I use it to generate new passwords for whatever signups/apps I need on mobile, also for logging into websites on mobile. The workflow for password managers in mobile safari works very well.
I don't enable FaceID/TouchID/PIN for 1Password, but I do have it enabled for my device.
If you're on Android 8 or above (yes, I know most people aren't) there's support for password managers filling passwords in almost any app. Some apps aren't well built and don't support it. As far as I can tell, it's not something the developer has to explicitly enable support for though.
Anyways, I use the Bitwarden app on my S8 (and previously HTC 10) and it works great. I tap a password field, Android asks me if I want to fill the password, I unlock my "vault" with my fingerprint, and tap the right account for that app. It's pretty easy.
LastPass and Bitwarden also can hook into accessibility features on Android 7, to enable most of the same features, but since it's not part of Android and baked in it doesn't work quite as well.
Hey, thanks for telling. I've been using 1pass on android since a long time ago, and autofilling username and password is a real hassle. In the past the only way to do the autofill was to use the 1password keyboard, which is inconvenient for me to change keyboard every time filling a password. But I just try the new autofill feature on the Android 8, and it works like a charm. It supports autofill on native apps and webpage via Google Chrome as well.
Yeah, it’s painful without biometrics. For my threat model I’m happy enough to use TouchID on Mac and FaceID on my iPhone to unlock, and then to type in on the occasional time I need to unlock it manually.
I use 1Password with Face ID on my iPhone, Touch ID on my iPad, and Touch ID on my Macbook Pro. The only time I have to type in my master password is when I use my Windows desktop at home.
I used to use LastPass and frankly it's far behind 1Password in user experience, especially on Apple devices.
I use pass[1], which has an unofficial Android app[2]. When you select a password in the Android app, it lets you paste it to any text field using normal copy & paste. Clicking the password does the "copy" part of the operation automatically. After a brief timeout, the password is no longer available to be pasted.
Aside from using biometrics, which makes it much easier, you might consider using a long passphrase as the master password. A passphrase is easier to remember and to type than random characters. It’s what I do, and it’s pretty easy to type without mistakes on mobile too.
My password is a passphrase though. But you don't get autocorrect or swype functionality for typing passwords, understandably, so typing it is not easy (harder even because it grows in length for it's lower entropy per length).
I've been using KeepassXC (KeePass w/ macOS GUI elements) and enjoying it. It's a little simple (you just copy and paste the PW). It doesn't do fancy autofill but there's support for pretty much every OS.
> KeepassXC does have a browser extension for Firefox & Chrome.
Yeah, but IIRC it doesn't on iOS? I dunno, it hasn't been a big pain point.
My solution has to use the Firefox password manager for low value things (like Hacker News), and manually c/p for the higher value (bank, retirement account, etc).
(Maybe I'm overly paranoid but I don't like to put high value passwords into the cloud)
> Guys, why not Keychain, the default password manager of macOS?
Because keepass files are cross platform. macOS, iOS, android and all the flavors of Linux support it.
I also strongly prefer having a locally stored password DB on the device rather than letting it sit in the cloud. (Even though I have an admittedly strong passphrase)
It's Safari-only on macOS, as far as I know. It does work with iOS apps and it doesn't work on Windows. It can't replace a password manager unless you use Safari on macOS as your primary browser.
On macOS, Keychain Access.app (built in) can be used as a stand-alone app to generate and store passwords.
WFIW I’m using a plain text file in an encrypted disk image, because I started before I found out about Keychain Access.app, and I never actually trusted third party apps for security reasons and possibly paranoia, so I can’t compare UX quality, but it is available in a form on the desktop.
The purpose of a password manager is some kind of multi-device password sharing. Plain macOS keychain doesn't do that at all. There are certainly ways to manually emulate parts of the behaviour of a password manager, whether it's with Keychain Access or post its in your wallet (or various combinations thereof). Password managers are about automating all that.
It is multi device though. Sure it’s Apple only, but it’s all my Apple devices, macOS and iOS (I don’t have a watch or a TV), not just wherever the password was created.
It's not. Keychain is not synced across devices. iCloud keychain, a separate service, can sync parts of keychain.
iCloud keychain is a perfectly reasonable (and as a UI, probably better than anything else) password manager iff you use Safari as your main browser and all your other devices are Apple devices.
OK, that’s something I didn’t know, and I may be missing something from such a silly name overlap. However, I do have items in Keychain Access.app which are from iCloud. What gives?
Keychain Access lets you view your local keychain (i.e. your device's secure trust store). If you have iCloud keychain turned on then certain parts of your keychain will be synced across devices so you'll be able to find, say, a web password you generated on your phone on in your Mac's keychain (via Keychain Access and otherwise). The terminology is a bit confusing, that much is true.
If you can live within the constraints of iCloud keychain (the Safari/Apple devices thing, don't need stuff like 'team sharing, etc) it's arguably a better solution than 1Password.
Ah, I see why it’s useful for me: I use Chrome and Chrome stores passwords per profile. And I have several profiles that must not be shared (private, work-dev, work-sysadmin...), and an OS-wide password manager would be super-prone to mistakes. I also use Firefox for non-Google-approved work (ex: MRA and James Damore), and, same, profiles work super-well.
Why are people so vehemently opposed to the 1PW cloud sync service? For unenrypted data, I completely understand this. And in general, it's great to have the option to sync using whatever service you want. But the data that 1PW stores is encrypted up the wazoo and AB couldn't extract your passwords from it even if they wanted to. In their security document they even outline how useless it would be for a bad actor to even steal every bit of data they have. And if some day their data center suddenly explodes and all that data is lost, your data is cached on all your devices anyway, and it's trivial to just export to another password manager.
The key issue I have with the cloud service right now is it breaks the automated backup process I get with iCloud sync and their Mac client. My biggest concern isn't bad actor data theft or online service outages, it's silent corruption of data that takes weeks / months to surface.
With iCloud sync of a local vault, the client will automatically store backup copies of the database on the local filesystem. I can sync that file to local ZFS NAS storage and to offsite storage to maintain months/years of archives as desired.
Until there is an automated export/backup option with the Agilebits sync serivce, it's off the table for me.
I’d rather control the data myself. I view cloud hosted password providers as huge attack targets and they generally get hacked eventually (roboform, lastpass,etc). At least if you control where the data is stored your data can be kept off the radar so to speak.
Relying on a small, niche service to host something you rely upon daily is simply not a good long-term decision. I’d much rather rely on OneDrive or Dropbox for syncing, since the likelihood of their going away suddenly or being acquired by someone else who will tank the service is smaller. Not impossible, but more unlikely.
I don’t really get this perspective. You can continue using the version of 1Password that you bought without issue. The expectation that your purchase years ago should entitle you to updates forever is pretty ridiculous.
when utility or productivity tools are offered at a fairly steep price point as 1password was people usually have a reasonable expectation to receive long-term upgrades.
It's not ridiculous at all because it generally is the norm.
Someone who purchased 1Password 3 when it was first released on the Mac App Store in 2012 has already received six years of free updates to versions 4, 5, and 6.
As far as I'm concerned, AgileBits has gone well above and beyond what is reasonably expected in terms of providing long-term upgrades to existing users. For those people to now turn around and complain that they aren't also getting version 7 for free... frankly comes across as entitled and ridiculous.
I spent around 45-50 dollars in 2013 for the Windows+Mac Bundle and iOS apps. 1Password 7 is the first paid in my experience using the software, which is vital to me every day.
Roughly 10 dollars a year for a critical utility software isn't "fairly steep," and I also fail to understand how so many years of free updates imply any type of "reasonable" expectation of long term updates.
Better security and better user experience to start with.
Unlike most of competing products, 1Password encrypts pretty much all information, including vault names, item titles, URLs, tags. It is easier to list what's not encrypted. It is also probably the only product using SRP.
Now check out what information is sent in plaintext or base64-encoded in other products.
1Password service has completed SOC 2 type 1 and 2 certification as well. It is more about internal company processes and how they are followed than encryption.
"Hey your data is safe just because we have SOC 2 certification" -- that's not want you want to hear.
If you’re referring to 1Password here we’ve never advertised included upgrades forever. Licenses have always been sold per-person, per-platform, for a version of 1Password (e.x. 1Password 6).
Including perpetual upgrades for a one-time fee wouldn’t be a sustainable business model for us.
I have lurked your forums for a long time. You and your team are experts at delivering limitations through omission while hyping something. Signing your post doesn't make this less true, and isn't going to make my criticism of your closed-source, rent-seeking software less harsh.
Came here to say this. I lost a lot of customer loyalty for 1Password after they did this to me. Unless I missed it, no mention of the price of version 7 in the blog post.
They announced a price for the windows version. It will be $65, and you get a $25 discount if you've been using the beta version. I assume Mac licenses will cost the same.
They needed to rewrite their Windows version from scratch multiple times and their first major release from this rewrite marathon was 1 Password 6 which had no support for local vaults.
This looked like a clear deprecation of their local vault support but their Mac and Android versions never dropped support for those. I don't know if AgileBits ever planned to drop that from the other versions but after some vocal feedback from their users they stated that local vaults will remain.
The upcoming 1 Password 7 is the first release after the rewrite to support local vaults again on Windows. (BTW, their previous Version 4 for Windows with local vaults was still supported during the 1 Password 6 timeline. Afair, they stopped to sell stand alone licences for those after a while.)
They lost me over this issue too. It felt like they only decided to support local vaults again because there were so many complaints from loyal users about the deprecation, which makes me think at some point they may try to end-of-life it again. I wouldn't mind paying for a new license every few years, but I don't want anything on their cloud.
1Password 7 re-adds local vault support to Windows for standalone license users at the very least. Not sure about subscription users... as there seems to be conflicting information about this.
With all these subscription-only apps that are proliferating, I am curious how many enterprising app developers would be interested in making and marketing "cloudless" apps that rely on up-front high prices for revenue, but neverending free updates (mostly bug fixes, I would hope). With GDPR, this seems like it would be actually be easier to deliver.
Of course growth numbers may suck, given how hard it is to make it for any app these days. Long-term growth would probably actually not be sustainable because if it blows up, there is no additional revenue down the road from lack of subscription, and also no network effects to power exponential growth in terms of market share. As far as I can tell, if you're not going to do subscription, there's no way to force users to pay to upgrade to a new version (new features) in the Apple App Store, not sure about Google Play. Your only option is to maybe create a new separate app that's able to import data from the old app, but that seems tacky to me. So, this really wouldn't be a big long-term play at all. But I imagine that there must be short-term markets out there willing to pay for apps that don't keep their data and usage hostage.
I'm myself thinking of making an app like this for budget tracking, just because I haven't found any out there these days that don't require neverending subscriptions and also fit my unique needs. Cloudless is also fine for me, as my phone is storage enough, or if it isn't enough, maybe use my iCloud storage, Dropbox storage, Google Drive, OneDrive, etc for holding the data? Besides that, it'll finally give me the kick in the behind I need to finally learn Swift, which I've been meaning to do for a while. Alas, I imagine cost of customer acquisition may be too high to make even a short-term profit.
So... would this just be a small project for me to prove I can learn Swift and show future employers that I can make smartphone apps too? Or is there actually a real business here and in so many other niches because some people hate being locked into subscription fees? Curious if anyone else has some thoughts.
This article is not about subscription only apps. 1password is available both as a standalone app and a subscription based one. But on the Apple app store they decided to offer only the subscription variant because of apples restrictions.
Right, I believe that jives with my point about how this philosophy of app deployment doesn't make for a good long-term business. I guess their line of thinking is the same as mine, but they come to a different conclusion because they have long-term concerns to think about.
I think this illustrates that apple's app store only serves apple's interests in the long term. If I happen to buy and use any Apple product, I'll go out of my way to avoid apple's supported methods to pay for my software.
Ha, I've started a budget tracking (more like forcasting) app two weeks ago. Rails and mongodb and will be a subscription app.
Have a look at hledger and ledgerCLI, the former has a lot of its functions in an API and you could thinker about using that as a base for a nice UI in something that is not haskell.
" I am curious how many enterprising app developers would be interested in making and marketing "cloudless" apps that rely on up-front high prices for revenue, but neverending free updates (mostly bug fixes, I would hope). "
One of the biggest reasons that subscriptions are proliferating is because it's really hard to make money with the old model. People don't want to pay large up front prices.
"As far as I can tell, if you're not going to do subscription, there's no way to force users to pay to upgrade to a new version (new features) in the Apple App Store, not sure about Google Play."
You can put a V2 in the store, and stop updating the V1. It's a terrible solution, but it's as good as it's gonna get.
> I'm myself thinking of making an app like this for budget tracking, just because I haven't found any out there these days that don't require neverending subscriptions and also fit my unique needs.
Did you try GnuCash? It's not user friendly but a friend of mine swears by it.
Target user will also be my wife who would really love a super user friendly app. Figure it'd be a good test of my design skills also. I've really only made enterprise stuff in the past where good UI was not really paramount, as long as it was usable. Would love to get better at that too. So this is really just an exercise in my mind at the moment, nothing more.
I moved from GnuCash to hledger. And while I did use both for the 26 bills a year I write as a contractor, I also had all my personal finance in both. Expenses are more like 12 or 4 (the big ones) a month and control was really necessary.
What you'll like about hledger and legerCLI is a) the undo function of your favourite text editor and b) separate files that you can include into a master c) awesome reports on the terminal.
Thank you for this comment. JetBrains subscription also drops in price over time to reward you for continued patronage. It's the only subscription model i've ever been comfortable with.
I hate subscription models but with 1PW 7 I would have to pay +40 € for each the Mac and the Windows version and still have not access to new features like the travel mode or the CLI client.
AgileBits seems to be an honest company and they went the extra mile to backport some new features (TOTP) to their dated 1PW 4 codebase. I will give them the benefit of the doubt and try their subscription and should they ever turn 'evil', I know that alternatives like Bitwarden or Enpass are available and ready to import my 1PW vault.
It should be built into the initial price. And perpetual is unrealistic, but 10 years is not.
Microsoft provides 5 years of Mainstream Support and 5 years of Extended Support at no additional cost (cost is built into the initial license fee).
Heck, I would more trust software that says 10 years of garunteed support rather than lifetime support. Too many companies fudge the meaning of "lifetime", and 10 years blows Google's 2 + 1 years of Android support out of the water.
10 years is a long time. Over its lifetime, Apple has changed the Mac's CPU architecture every 10 years. (They've been on Intel for 11 years now, the longest of any, but there's been rumors of another migration for a couple years now.) Needing to support Mac software for 10 years, then, means supporting your users through an architecture change.
There's probably not much platform-specific code in a password manager, but what are the odds it'll work perfectly under their next emulator, or that you can take such an old codebase and just recompile? 10 years ago, the old "pbproj" format was still supported, but the last Xcode that could open them was Xcode 3 (requires OS X 10.5 or 10.6).
Less than 10 years passed between the last Apple IIe sold by Apple and the first PowerMac G5. Or the last Newton to the first iPhone. Or the original Apple I to the Macintosh II. That timescale has big generational changes, and I don't agree that it's realistic for third-party developers to support software that long at no extra cost.
I made the mistake, years ago, of selling perpetually licensed desktop software with free updates - the economics really don't work, and it's a mistake I haven't made since.
there's a huge difference between supporting the version that they sold you for a specific version of ios and writing a new version to work with future changes to ios (which they don't in any way control)
They also sell it with a perpetual license. I own licenses for Office 2003, 2007, 2013, and 2016.
(Office 2016 works well on Linux with Crossover. Just bought a Crossover lifetime license. Crossover has a decent subscription/license working - subscription is for updates, you can continue using indefinately if you stop paying. Although it is a little expensive.)
But Windows support is limited to security and bug fixes, not feature updates. Not quite the same thing as getting a free upgrade to every major version of an application.
I have a family subscription of 1PW. I can easily share some password with my wife and our daughter is getting used to using a password manager before she's 10.
I totally empathize with those who refuse to use cloud/subscription services as, let's face it, there are a lot of bad actors doing crappy things with our data.
But for me 1Password seems like a small, honest company providing great quality service and software. I'm a happy customer.
> But for me 1Password seems like a small, honest company providing great quality service and software.
Yes, I imagine because they have carefully crafted that image through blog posts and impression management. They have over 70 employees to write a password manager. 70!
We are actually more than 100 people now. A big part of our team is dedicated to customer support. After all there are over 15 mln 1Password users and we get several thousand emails per day. There are over 30,000 businesses using 1Password.
We have designer and development teams for Mac/iOS (Objective-C, Swift), Windows (C#, .NET), Android (Java, Kotlin), browser extensions (JavaScript), 1Password server (Go), 1Password web client (TypeScript, ReactJS), command-line client (Go), SCIM/LDAP integration (Go, Docker, Kubernetes), and a ton of other smaller projects.
There is a Security Team that does security reviews, works with BugCrowd researchers, and does SOC 2 compliance. DevOps team works with AWS and Google Cloud.
But that's a bit specious. There are not 70 software developers at AgileBits engaged in writing the code for the product. A business like AgileBits requires a lot more overhead than just software engineering.
I love 1Password and immediately bought a standalone 1P7 license when they started with the beta.
I agree with some others that they bury the hell out of the standalone one and want people to go for the subscription, but as long as I still have my standalone one, I am a happy customer. 7 looks and feels great, and for a software that I used for years and years since I first bought my license, this upgrade felt justified.
I in no way felt I had to upgrade though and could have just sticked with 6.
My only worry is that with 8, it might become subscription only for good... (Please don't!!)
1Password does not care about loyal users who have been there since the beginning. They care about getting new subscriptions. Fair enough, I'll just take my business elsewhere.
I’m sorry we’ve made you feel that way. What is it that causes these feelings for you? I certainly won’t deny that we feel strongly that for the vast majority of customers membership is going to provide the best experience, and so that is primarily what we talk about. But we’ve done a fair bit of work to keep standalone vaults and licensing.
Good timing that I moved all my passwords from 1Password to Emacs and GPG one year ago. It’s a pity; I’ve been a very happy customer for a long time, had licenses for multiple machines and was happy enough to pay for the updates.
But my data shall be my data, again. I’m not paying for an app that I regularly have to buy an upgrade for and which doesn’t give me the opportunity to hold my data locally after explicitly having this as a selling proposition for many years.
People keep bringing this up, and it feels like a major failure of Agilebits marketing approach.
The subscription service changes the frequency at which you pay Agilebits; it does not mandate how you store your data. 1Password 7 continues to allow all the kinds of local/Dropbox/etc vaults that prior versions allowed.
If somebody at Agilebits is reading this thread: look around at these comments. The lack of clear information about local storage in the subscription model is causing massive levels of customer concern.
I think it is likely that they want to hide this option, as they have hidden the standalone version. I think their long-term plan is to have everyone on their subscription with data stored in the 1Password cloud.
This reduces support and development load (no need to support local/Dropbox/Wifi sync with all its edge cases) and guarantees montly/yearly payments.
The support and development load is indeed much higher when it comes to standalone vaults. There is an infinite number of scenarios out of our control when it comes to Dropbox and WLAN sync. Several times in the past we had support inbox at over 10,000 emails waiting for response.
If AgileBits was VC-funded then we would have to drop standalone vaults, no doubt. It is a good thing that we are not. We do care about our long-time customers and will provide standalone vaults for as long as there is demand for them. Just please do not ask us to make it a default option.
I think they’ve actually been quite upfront about the option, even if it’s not front and center on the website right now.
Both the standalone subscription and the local vault support have regularly been mentioned in announcements and updates for 1Password 7 from the start. My impression is that agilebits understands how important these options are to their users and have invested in keeping them around for the long-term.
The local storage model is only really desirable for the more paranoid subset of software/IT folk, and those people have a lot more options than just 1password because they're technically savvy enough to work with open source solutions. Their actual target market is drastically larger than that subset of users.
I understand where you are coming from and we thought about advertising this feature.
However, it would not be the best option for most of the customers. They would have to understand how to take care of local vaults, including syncing, backups, etc. It is really an advanced feature for very technical audience.
My concern isn't that you aren't advertising the feature, it's that your marketing speaks in many cases directly contrary to your real feature-set. Taking an example already quoted elsewhere in this thread:
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
> As it stands, though, how you purchase 1Password is intrinsically tied to where you store your vaults and how you sync them
This was directly in response to a question about the ability to continue using local vaults in 1Password 7, and it doesn't say that local vaults are an advanced feature, it says they will not be supported by people who buy a subscription.
If y'all just didn't mention the local vaults in most of the marketing, and then there was an "Advanced users only" section that said "however you pay us, you'll be able to keep using local vaults just like always", you'd solve a whole broad spectrum of the concerns you're seeing on this page.
This quote was posted in response to a question about the Mac App Store and is taken out of context here. We’d strongly encourage anyone looking to subscribe but use standalone vaults to do so through our website, rather than the Mac App Store. I can’t guarantee that’ll be a viable setup through the Mac App Store. When done through our website though it definitely is. It isn’t the recommended path (as you are paying for features you won’t be able to use), but it is possible.
I’m sorry for any confusion caused by the comment. Hopefully this clarifies.
They're still selling standalone versions for MacOS & Windows that run off local storage. Doesn't seem like they're doing multi-OS license bundles anymore, though, so it's gonna run expensive if you use more than one OS.
This is accurate. In general / on average standalone vaults require more support, and the price of licensing compared to subscription pricing reflects that.
Could you comment on your emacs setup? I see a few threads on this from Google, but just curious what your setup is and maybe some tidbits about the pros and cons of this kind of setup. Thanks in advance.
I'm glad they're at least offering non-subscription licenses. I hate feeling like I'm having to buy the software over and over again, just to get security updates.
While 1Password works better than the rest of the pack, they're not exactly a fountain of new, needed features.
This just reminds me how excited I am for passwords to be replaced. We shouldn't need a third party application as an authentication shim for every service that we use. The high lock-in on password managers is also unnerving.
Sending any information to Agilebits besides payment requires a whole lot more trust - and stuffing over customers was not the way to earn it. So no - I don’t trust them anymore.
I’ve reccomended 1password to hundreds of people, so it’s sad to see the decline. I would and did accept a simple annual new paid version - but the upgrades seemed to to remove/hide the basics like Dropbox sync or one location for passwords.
So now there is a gap in the market for a paid easy to install and sync password manager that makes it trivial to store data locally. Surely they are a lot easier to create now?
At this point, I'm not upset about this as I previously subscribed, but I'm at the point now where I'm thinking of bolting because it has become a pain. At this point, I just need to find something that is secure, portable, can be backed up, and cross platform.
The syncing experience since at least 6 has been spotty between my Windows client, my iPhone, and my iPad. I can't tell you how many times I've had to reset a password because the device I was on didn't have the current gibberish password. Maybe I'm holding it wrong, but using the create login -> password generation bit does not sync at all. There's also the issue that every time I shutdown my Windows PC, I am greeted with an alert that AgileBits.1Password (there's another dot-separated part in the name as well, not sure what or specifically where) there was some issue in it that I have to close to shutdown.
With all that being said, I don't think Agile Bits is a bad company or that the subscription model is evil or anything of that nature. I think they're pretty decent people that are trying to keep the company profitable and alive. Paying for updates for password managers probably isn't the sexiest business model on either side of the equation. I would prefer that once I pay for it, it could function at that level (with maybe bug fixes) leveraging DropBox, iCloud, OneDrive, whatever, but I also understand they felt the need to cut it off and keep it relatively simple. It just isn't for me anymore.
Thanks for taking the time to share your thoughts. I understand your perspective, and I’m sorry to hear that ultimately 1Password did not work out for you.
One of the primary reasons we built 1Password memberships was because of difficulties faced by customers in syncing with 3rd party services, and difficulties faced by our customer service team in troubleshooting those services (often black boxes).
I would be okay with the subscription plan if they would allow for a permanent license after the subscription ends. Something like what JetBrains did. I was going to drop using JB software until they added that feature, and now I am a happy ”subscriber.”
I feel what galls people is that we buyers have nothing to show after ending a subscription, especially if we are not using anything “servicey” about said subscription.
I honestly can’t remember when I last paid for 1Password, yet I use it on my Mac and iOS devices (since 2011 it seems!). It never prompts me, it just works. I don’t follow the pricing policy changes, the only thing I know is I don’t want a subscription. I just want to pay for this great piece of software.
So I hope this just means I’ll shell out $50 or so and be done for a few years? If so, then great.
It doesn't mean that, they are aggressively making sure it will never mean that again, and it definitely won't be fifty bucks for a few years. (It's $36/yr.)
Office 365 gives you a full office suite (including outlook) + 1TB of online storage + 50GB ad-free mail for 70$/year. According to complexity rules, 1Password shall ask for 36$/century.
This isn’t even a reasonable way to compare product pricing. Xbox Live Gold costs nearly as much as Office 365 Personal annually, and it is barely useful unless you own games to go with it. Or we could compare Office 365, at $70, to Apple iWork, which is free. Sure, Office has more functionality, but does it have infinitely more?
Office 365 operates at scale. Of course they can offer prices that low for so many valuable services. They have millions upon millions of users. The more customers they acquire, the cheaper it is for them to offer those services per customer.
> Those of you with a standalone license for version 6 will be prompted to subscribe or purchase a license when the beta first opens. Licenses will be available for $64.99 when we launch later this year, but are available now for only $39.99.
A little of both. I did a check and I literally couldn't find it. If it's that well hidden (I have a few licenses from prior versions, so I'm not a stranger to the site) isn't that effectively not having the option?
My comment was a response to '1Password is making it so you can never buy a standalone version again'. This isn't true. It is true that they try to steer people into a subscription. But if they wanted to kill the standalone version, they would have. You can download the 1Password 7 beta right now and pay for it once.
There is no reason to believe that. I paid for 1Password as a standalone app THREE TIMES, only to discover later that my versions are all being orphaned, will not be updated, and will not receive key features.
What do you mean there is no reason to believe that? The very latest 1Password (the one that's in beta and not even in wide public release yet) you can purchase without a sub right this second. What's the part that you don't believe?
I'm interested in where it is. I have recommended 1Password to friends saying that I had heard standalone version was still available, but I am unable to find it on their site.
The blog entry even states, “While still tough, this decision was easier to make as people looking for licenses will be able to download 1Password 7 directly from our website. I know this isn’t ideal for those who love the Mac App Store and prefer to purchase standalone licenses and I apologize for that. But overall I believe this was the correct decision to make.”
I was skeptical about going for subscription. I started when I travelled abroad where I followed Basecamp’s travel tips (handbook). Things have changed when I started using 1Password 7 and 1Password X. The apps is very polished and pretty handy. I use Linux a lot these days and 1PX and CLI is very helpful. Never regretted the cloud update upgrade.
1Password for Mac and iOS worked flawlessly. But I recently migrated to Windows and installed 1Password 6 for Windows. It's just bad software. It's not responsive (I'm pressing "Save" and it works for a second or two, while I'm expecting it to respond instantly), it has some obvious UI bugs, but worse of all, it crashes very often, I don't remember a single program that crashes so much. It just feels very unpolished. I'm waiting for 7-th version to try it.
I thought about BitWarden but I don't really like its technologies. It uses .NET for server which is not very native for Linux. It uses JavaScript for client which I don't like at all. I wish it used something like Go or Java for server and .NET for client.
So far my primary candidate to switch is KeePass. I don't like it a lot, but at least it works and it's reliable.
I am sorry to hear about the bad experience with 1Password 6! I was using 1Password 7 beta for the past few months and it worked well, we hope to release it in a few days.
If you have a problem, please do not hesitate to send us an email or live a message in our discussion forum:
https://discussions.agilebits.com/
We do our best to reply to every message in 24 hours
1Password is a good product - I used it for a trial period a few years ago. I ended up going with SpiderOak's Encryptr: open source and free.
In any case, I try to get family and friends to use a password tool like 1Password, Encryptr, etc. It drives me crazy when people re-use the same low-entropy password for everything.
There is a non-subscription, licence-purchase model. They basically obfuscate it, (ok: kinder is "don't market it strongly") But there IS a licence model.
So mainly, the issue is how "hard" they make it to find. That, and the 'dont be evil, but hey, we changed our minds a bit' aspect to what was said in the past and now emerges.
The APP store doesn't help, but I think its ass-backwards to use that to "sell" the subscription model. Honestly? I could come into this now and not care, but as a licence holder, the way its being done irks me.
Just make it easier to find the licence option on the web page and in your apps, and I'll be good.
Making it easier to find is a double edged sword and the reason why it's harder to find now.
If we make it easy to find it will cause confusion for users about which to get. When we did this in the past we had a lot of users who thought they had to have both and as such would purchase both. This led to a lot of refunds on our part and explanation for which they should get.
Turns out most users are perfectly happy and will benefit greatly from the subscription side. This site and a couple of other places being the exception to this as many of you seem to prefer licenses which means this aggravates you all, but for the average person the benefit greatly from the subscription side and it's the one they often choose when we explain the benefits of each.
So making it easier to find puts that problem back on the table and quite frankly, it's something I'd really personally rather not deal with like before. It's easy to say differently until you have hundreds of users at any given time looking for help with what to buy or you accidentally find out they purchased both while helping them with some other unrelated thing.
The Mac App Store makes sense for subscriptions though. They will always have access to the latest version so long as the subscription is active, so we don't have to deal with upgrade pricing there.
For license users though it's not as clear cut. We can either issue a new app each time but we can't advertise the new version in the old version (rules) and this will end up with a lot of users not knowing there's a new version out. Subscription users will also have to upgrade manually each time and that's not convenient for them at all given they're entitled to that new version as part of their subscription.
We're trying to make it easy, though it's going to be difficult this time because we do have to get license users to switch entirely to our direct download version.
Once this is done though, subscription users can use either or, whichever they want.
License users will always use our direct download version.
When an upgrade comes out our subscription users will always be upgraded to the latest version without issues. Our license users will be prompted to upgrade or be informed of the upgrade in some way.
This is how it should work, unfortunately it was not possible to do this for the Mac App Store so we had to make changes there. Perhaps things change with the Mac App Store in the future and we can bring back both, but for now, this new method we're using provides the best user experience for both sides, once the switch is made.
I'll be the first to admit I hate removing choice from the equation here, and I hate that we have to get users to do work in the first place. But sometimes there are things outside of your ability to control and this is one of them for us.
Hope that gives some additional insight that wasn't present in the blog post though.
I've been staying on v4.x to keep the sync to dropbox. I don't want to used their hosted service.
I don't want my master password to transit over the internet and its hash to be stored in a db, no matter how secure they are.
Centralizing this makes it a target of attack.
There is no way a hacker will try to get my credential unless he targets me personally, and there is little to no reason for this to happen.
It does exactly what I need it to do. I don't need all the fancy other additional features. :(
I thought I'd check out the beta, but what I didn't like about it is that it didn't even let me know the standalone approach was an option, Before I'd known what happened it had imported my previous passwords from the standalone version I had before and uploaded them to my 1Password.com account.
Pretty unhappy about this, I make it sync to iCloud because it's basically the only cloud provider I somewhat trust.
I do not want a bloody 1Password.com account.
How do I now know they've really deleted my data slurped into 1Password.com?
I think for myself that I won't upgrade. The whole process is a mess when coming from the regular App Store app, and the need to convert, with new apps, sites, etc. The reason I've always loved 1Password was of the convince of signing into App Store, download the app, and just open 1Password, enter the masterpw, and be done with it.
I will miss the iCloud-sync and the convenience on Apple-platforms, but I seriously believe that a change is forced.
I'm not sure how the subscription model makes sense for a password manager. In general, I'm not a fan of the subscription model. I hate the trend towards subscription. I can imagine a day, when I pay $5 a month for a password manager, $5 a month for office, $5 for slack, $5 for a to do manager, $5 fr a mail product, $10 for an internet browser, and after all that having no money for anything else.
Speaking strictly in terms of money... How much would you pay for a license? $65? So what does that work out to if we release an upgrade every 2 - 2.5 years? About $30 / yr, right? That is about what a subscription costs as well, but the subscription includes access to the apps on all platforms, as well as other features not available with a license. For most people, especially 1Password Families customers, the subscription option is going to be less expensive. This is a reflection of the amount of support required on average by license customers vs subscription customers.
I bought their software. The software stopped working properly and nagged me to buy a subscription - despite having purchased the full product previously.
I lost my interest in being their customer. They did offer my a 1yr subscription for free, but by then I had wasted hours trying to get a new install to work and had lost my goodwill with the product.
After using (and loving and having paid for) 1P for years, I moved over to Enpass a year or so ago. Their clients are not as good as 1P's, but I simply neither want a subscription based service (what happens if they are bought / go under), nor do I want my passwords to reside on their servers (encrypted or not).
New version of the MacOS desktop app appears to require at least Sierra. Hope the current version still works with "1Password Families" for a while (as I'm stuck on El Cap due to older hardware).
Why not just use keepassx for Mac with parallel versions on for iOS Android with cloud sync can someone explain to me? I have everything I need auto complete control strength etc + it's open source.
1Password for iOS was just upgraded to v7 and was not a paid upgrade (anyone who had previously purchased received the upgrade free of charge). As for what the future will bring, having just recently launched v7, it is a bit early to say.
…but they will still be selling individual non-subscription licenses through their own website, so anyone who wants to avoid a subscription can still do so.
Still, this is a trend I will have nothing to do with if at all possible. And besides subscriptions, version 7 will only sync using their back-end, which is not acceptable for me.
On one hand, password managers in browsers are becoming nearly good enough to cover for 80% of my use cases, and most of the other 20% boil down to convenience (ease of pasting, updating, etc.)
I don't like the idea of being forced to move to a subscription on my Mac and on iOS for diminishing returns in feature improvements -- and I've been using 1Password for many years now, so the need to finance new features is something that I understand but have seen little return from.
By all means ensure you can sustain revenue, but beware of inflated subscription prices.
(I've been keeping tabs on alternatives for a while now, so I will likely not upgrade to 1Password 7)
>And besides subscriptions, version 7 will only sync using their back-end, which is not acceptable for me.
What. I'm using 1Password 7 with a standalone license. I installed the beta, paid the $40 it cost for a license, and it works fine with iCloud and Dropbox same as always, I moved right from 1Password 4 and the only change I did was to purposefully force a resync so that all shared keychains would be updated from the ancient format to the newer one (if you were on 1P6 that wouldn't be necessary).
I'm not a fan of their subscription efforts because I think it's actively subtracted from what they could have done for the standalone version, and I don't think they've been fully honest about it which absolutely rankles. They talk big about benefits but they don't actually acknowledge costs or the profit motive. Even so there is a really oddly high load of objectively, trivially disproved FUD swirling around these HN articles about them now and I don't fully understand why.
Anyone making software wants Abobe/Microsoft margins and enterprise like recurring revenue for their random product.
At least in the case of 1password the rate isn’t usurious, but the biggest problem they have is due to a business decision to make the product dependent on a SaaS-like service delivery model.
If it's cloud-based sync, then a subscription model makes sense, but I've yet to find a subscription price that is in line with what I think is reasonable (~$2 / month) for the service.
What alternatives do you have in mind? I was thinking the same, but haven't done much research yet. I definitely want to have more control over my passwords.
I'm not sure what your criteria are but I've been using LastPass (Enterprise) with 2FA (Yubikey) for a couple years now. Aside from the Yubikey, the key benefit is I can share a folder with someone using the free version.
It's not cheap but it works and afaik it's secure (esp with the Yubi).
1Password Family accounts have support for free guest accounts that can be used to share information with other people without requiring them to purchase.
I never liked 1pass.
I don't like the fact that you have to install a desktop app to use the browser extension.
Also the UI is a bit annoying and sometimes it feels like it just gets in my way. The UX for multiple vaults is not so obvious at times and you don't realize you are only searching one vault instead of everything.
Copying and sharing between vaults is also annoying.
I really don't see what 1pass does better than LastPass. LP has a bad security reputation but other than that it's much more enjoyable to use
I've used 1Password on both Mac and Windows with Dropbox. The UI handles much more seamlessly on a Mac than on Windows, but I'm not sure where the blame lies on the Windows side.
I also tried using multiple vaults for reasons I can't remember, but that was just annoying, so eventually I just simplified.
If you sold V1 for $5.00 and then you want to sell V2 to new customers for $5.00 but existing customers. You can bundle the two versions for $8.00 and in the description for V1 you tell them that version 2 is available and don't buy it. You tell customers that have bought V1 already to get the bundle for $3.
That's an interesting workaround. The question I meant to raise was whether a workaround is justified, or whether software developers should just maintain the apps they sell.
It depends. If your app can work within the sandbox and it's a one and done like a game, maybe. The Mac platform changes so slowly you don't have to worry as much about incompatibility with s new OS as you do iOS.
But if you ever want paid upgrades or you are already a well known app -no.
For instance it wouldn't make any sense for MS or Adobe to be in the Mac App Store.
I’m not entirely sure what you’re asking, but 1Password 7 is a separate purchase, unless you’re using a subscription (then it is included in your subscription). There is no transfer of licenses from v6 to v7. Does that help?
iCloud Keychain is pretty good, but it tragically fails in the followings cases:
* Any browser other than Safari.
* Apps that MacOS/iOS don't parse for password fields for some reasons so you can't generate a password right there — and it's a huge pain to add them manually, practically impossible on iOS.
* Cloud access (if you need your account and don't have any of your devices). Your Keychain is in the iCloud, but you can't access it from icloud.com
So Apple could easily make it much better but they haven't.
I've been using their software daily for over three years. During that time, they have consistently improved their product and have been open about issues (as far as I am concerned). I was a little irked when I saw the subscription model. I was like, "hey, I paid for this." So, I looked up how much I paid in licenses by looking them up.. in 1Password. Turns out I paid about $40 for the Mac, Windows, iOS, and Android clients. That's $40 over three years for something that I use daily.
Then, look at the $5/mo subscription for families. I get something that gives me access to all their software versions (Mac, Windows, iOS and Android) for five people, my entire family (if my cat ever decides to get a computer). I am a software professional. I pay for tools that keep me going and return me money because they offer me productivity. I pay for Things, Bear, iThoughts, and may other apps that have helped me greatly.
One important statement I make to people is: _the price for security is eternal vigilance_. There are always new ways things get attacked and new ways to be more secure. I realized that I was gladly willing to pay $60/year to keep me and my family going while keeping AgileBits running as well. If there was anything that deserves a subscription, it is your security software. If its any consolation, several of my developer friends feel the same way.
My two cents.
I'd rather use something like pass and deal with the downsides. (Though I admittedly haven't switched yet.)
We'll have another solution in the not too distant future that should cover things and be a documented format that anyone with the know how could use.
Also important to note, that if your account ever lapses due to lack of payment. The account is still read-only. You can export your data if you wish even when the account is read-only. We do not lock you out of your data, we just prevent normal use of the application (browser extension, editing items, adding new items, etc). But the data you've already entered is entirely accessible if you want to copy/paste or export.
Kyle
AgileBits
I don't think anyone who uses a password manager is exporting to CSV for security purposes.
I moved away from 1password at the time of the subscription palaver. I managed to move everything to Keepass but each entry has it's own folder.
I don't blame 1Password for the state of my Keepass db (although they pretty much forced my hand) but the closed nature of 1Password does bite you in the arse when you decide to leave.
[1] https://support.1password.com/getting-started-1password-x/
[2] https://support.1password.com/command-line-getting-started/
Users noticing it after the company is already "going out of business" does not qualify as such.
Of all the entities they could be acquired by, I think NPR is the least offensive of all. And they've stated the intent is not to change how PocketCasts works. The other partners are WNYC, WBEZ, and PRX (helmed by Ira Glass). These are all major publishers of podcasts who have a vested interest in keeping PocketCasts a good app, and growing it. I think this is a bad example.
> Neither has Q Branch, but they ran out of money and had to shut down.
They would still be around if they had subscription revenue. Guess who has subscription revenue?
> Is AgileBits going to be around in 10 years?
They started 12 years ago. If you asked 12 years ago if they would still be around in 10 years, the answer would be yes.
> After getting burned by this over and over again, I just think it's more sensible to stick to OSS options that will probably exist in some compilable state even in the distant future.
Well, don't go LastPass if you want OSS.
Not sure about other solutions, open or closed; I moved over to their subscription service a few months ago and haven't looked back.
We don't prevent people from writing 3rd party tools, but I would also be very wary of using them. Our stance is outlined here:
https://blog.agilebits.com/2013/03/06/you-have-secrets-we-do...
> We have to advise you to never enter your 1Password Master Password into anything that isn’t 1Password. We aren’t casting aspersions on the integrity or competence of any developers, but we simply can’t advise otherwise.
So as long as you're mindful of this advice from us, go forth and conquer.
Kyle
AgileBits
In practice, (a) falls apart if the user doesn't have the knowledge, experience, or time necessary to perform an audit, which is quite likely for security software. And I feel like (b) isn't great either, as there are plenty of examples of major flaws in open source projects that went undetected for long periods - heartbleed is just one example.
There are major unrevealed flaws in all software more complicated than “hello, world.”
I'm not expecting anyone to do the work for free, by the way. You could still charge money for cloud sync or even app extensions and still keep the main repo open. Maybe the code could be a few revisions behind to incentivize people to pay.
In any case, from looking around, it seems that KeePass and possibly Bitwarden fit this bill.
Bitwarden just works and checks the boxes for me. I haven't tried it yet, but there is also a fork [1] that allows us to use our own hosting.
[1] https://github.com/jakeswenson/BitBetter
I have made an exception for 1Password, as it is so good. I hate subscription for software, unless there is a clear benefit. In this case, I don't see the benefit.
Ben Woodruff AgileBits
opvault file access has open source tools. It would suck if they changed out from under me in the future (1password is the best password manager and it’s really not even close) but my passwords are at least accessible.
https://bitwarden.com
I use and love 1Password, but there's no way I'm switching to the subscription model. When my version stops working (either through incompatibility or serious security flaw), I'll begrudgingly find something else to use.
People are complaining about subscriptions, because for example you easily loose track of what exactly it is your paying for.
Paying for an upgrade clearly shows you that you're paying some amount for some list of new features. You can then choose whether or not it's worth paying for. (just to name 1 disadvantage.)
For customers there are 0 benefits to a subscription model. For companies of course there are many.
OP described in detail the benefit for customers--constantly updated software. Critical for something as security conscience as a password manager.
Paying for software meant they had to make more compelling updates.
That being said, security updates shouldbe part of the price you already paid, since a security flaw is a flaw in their original software.
I'm not so sure - it'd be much easier to write the email saying "Sorry, we screwed up and got a critical security but wrong, but here's an update that fixes it." if a significant portion of your users are paying a subscription - compared to writing that same email just as marketing are preparing to try and convince everybody to pay for a new upgrade...
> That being said, security updates should be part of the price you already paid, since a security flaw is a flaw in their original software.
If that was how everything worked - our industry would be _very_ different. If everybody who ever charge money fo a piece of software was on the hook forever for all flaws it might have, you'd only ever be able to buy software from Apple or Oracle or Microsoft - there would need to be almost as any lawyers as developers in any software company.
I understand your idea - but it's the same idea as people who call up my work saying "Hey, the app you made us doesn't work any more, you need to fix it!" and everybody here is like "Who the hell are _they???_ Never even heard of them." and it turns out its a 32 bit iOS app that they paid for in 2013 and we haven't heard from since (and there's only 3 people left in the whole company who were around in '13, and none of them are iOS devs). We do not fix that for them as "part of the price they paid".
Security vulnerabilities generally aren’t considers latent defects under warranty laws (at least not in NA). I’m not sure what the tech world would look like if it were - for one thing, software teams would probably need a P.Eng. on their teams to ship. For another, using open source software would be even harder to do without an intermediary like Red Hat who would be willing to accept tort liability.
At any rate, your software vendor has no legal responsibility to provide you with security updates. Maybe they should. But you’ll pay for that anyways. How do you want to amortize those security updates? By paying the dividend discount price of the updates up front and risk having the product abandoned in a few years (cheating you out of your ‘dividend’), or by paying directly through a subscription?
If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more, since they have the functionality of your app hostage if you decide to cancel and the automatic monthly billing has no ties to the quantity or wuality of updates they push out.
That makes no sense - you have it completely backwards. Their incentive to provide me with timely security updates is my continued subscription fees. On the other hand, if you pay the dividend discount price for those security updates up front, they have every incentive to stop releasing updates and cheat you out of your update ‘dividend’.
You pay one subscription fee for both "I can use my app at all" and "security updates" together. Once there is enough inertia for you to not want to switch off, you'll probably keep paying (to use the app at all) even if they don't provide security updates.
If there were two fees - #1 a one time lifetime usage fee and #2 a security updates subscription fee then maybe that would make sense, but I don't think so otherwise
Yes, those costs will ultimately be embedded in product pricing and borne by the customer, but that's good. It gives vendors a financial incentive to develop more secure software and reduce their security update costs (and earn more profit). (Nothing is perfectly secure, but a culture change and following certain practices can help. Think Microsoft pre-trustworthy computing memo and Microsoft today.)
- It's unreasonable to expect people to pay the full price for minor security fixes that still need to go out
- Because security upgrades are invisible to the user, it may be harder for the customer to see their value v. new features
- The timeline of when security updates need to go out is less predictable than that of feature upgrades, resulting in unpredictable revenue and expenditure for both the vendor and the customer and the customer may not have the budget to pay for an unexpected security fix
- Customers often want to take time to consider whether it is worth paying for upgrades, whereas security fixes should be applied as soon as possible
- The vendor must invest a lot of resources in testing the security of their software even when no security upgrades are warranted
The ideal model for locally-run software, in my opinion, is to sell perpetual licenses to each major version for a one-time cost and promise security and maintenance updates for a certain period. New features can go into new major versions that users have to pay for (sometimes with discounted upgrade pricing), or, on a discretionary basis, as free updates.
This used to be the typical business model for locally-run software. Microsoft, for example, sold Windows versions for a one-time cost, promised security and some other level of updates until a certain year (and new features could be added on a discretionary basis), and provided upgrade pricing for new major versions that added new features. This kept control in users' hands, as their paid-for software could be used forever (at least until and unless external factors, like hardware incompatibilities, prevented it from working), though of course it would be very dumb to use, say, XP today on an Internet-connected machine. I am generally against subscription models for local software where there is no legitimate reliance on an outside service, and also against the trend of trying to create such a reliance for no legitimate reason ("We've added cloud sync and that's what the subscription is for. Servers cost money every month, which is why we're charging you every month." - except I can handle my own file storage and don't want your sync service).
It's only become a big thing after iOS and it's lack-of-a-filesystem and lack of inter-app data flows locked users out of their own devices.
Quite often I don't want many of the "new features". For me, bug fixes and security fixes are the main thing, followed by compatibility updates. I'm quite happy to pay for the latter when it was me that caused the issue by updating my OS/hardware in the first place. I'd quite like some amount of the former to be included in the original cost.
Manually dealing with files is a sign of poor software design for simple use cases, in my opinion. I quite like the iOS model that abstracts the idea of a filesystem away from the user because the user never cared about the file system anyways. They just had to deal with it to do whatever they really wanted to do.
Huh. For my part, I'd have trouble trusting a password manager (or browser, or OS) that claimed it _didn't_ need regular updates in order to remain secure.
It's not just security, it needs to be updated to continue to run on your devices. New versions of iOS, Android, Windows and Mac OS change things that need to be taken into account. The browser extensions must be kept up to date. There is a lot of work to do just to keep things running without adding any new features.
As far as general updates go, I agree with you, but these shouldn't need to be that frequent. I still have software from the XP era running on my computer.
I recently upgraded to one, set up each of my parents with accounts, and moved all of their passwords out the physical and digital notes that their passwords were strung across and into 1password.
This means no more iCloud password resets every time they need an app or call me for IT support. It means I can help them securely manage their financial accounts and photos as they get older. I can share with them my Netflix login. And I sleep better at night knowing they’ll be aware when one of their previously common recycled passwords is compromised.
I was annoyed when it changed to being subscription based, the price wasn't an issue I think for the value it gives the price is fair, 1Password is the only thing now keeping me on a Mac.
The issue i had with it is you don't own the software and when my credit card expired and i forgot to update it losing access to passwords even if temporarily until updating the card details left a bad taste and showed the downside of being subscription only.
It's been on my list to move away ever since. 12 months on I've still not done it, there's lot's of alternatives but 1Password have the UX and functionality just right however i know i should move as i now don't own my passwords.
1Password X works on Firefox and Chrome on Linux.
I was in the same position. Switched to Keepass and have had no issues using it on Linux and iOS (the latter as KyPass)
Comment elsewhere in this thread points out they have a Linux CLI app now as well.
We do have a CLI that runs on Linux (as well as Mac and Windows).
Ben Woodruff
AgileBits
It's the thousand-cuts problem. And once you start on that path you can't go back, or else the tool stops working.
[0] which is a substantial chunk of a day's after-tax pay for many people in the UK, for example. 1/400th of their salary for a password database.
It doesn't even register -- they are tools I need for my work and I'm happy to pay yearly for them. It's worth nothing that with the exception of email (which, being on my own domain, I can always move elsewhere), I still keep usable licenses if I stop subscribing, I am not locked-in.
How would you feel about a subscription service that guaranteed updates? Essentially, upgrade pricing, but charged every month.
Perfect.
... But JetBrains attempted to explain why this doesn't work with the subscription model. And failed IMO, but regardless.
The only thing a subscription model is good for is it wrestes power from the consumer.
With the traditional model if they decide to stop updating the app, you wouldn’t buy the next version, and that would be your leverage. With a subscription model, they can decide to stop deivering updates, or deliver lower quality updates, and you’d be forced to pay perpetually just to keep the existing software operational.
If someone pays $40 for, say, 1Password 5, they have no incentive to upgrade. It works well enough, and there's no reason to pay again. So, 1Password is stuck supporting a legacy product (and servers / APIs for it), the user is frustrated by an old version of the software, and the company gets no money so they're at risk of folding (which would hurt both the customer and 1Password).
I agree that subscriptions can get annoying. However, if it ultimately is about the same price, it ends up working out much better for both sides. And hey, they can always stop their subscription and go somewhere else if things get bad. They don't lose their buying power completely.
That is to say that I personally (and again, this is just my opinion) don't care about any new features and would be unlikely to upgrade from version 6 on that basis. I may upgrade to ensure I will continue receiving security updates and OS and browser extension compatibility updates, but it would be nice to know how long such updates to version 7 are guaranteed for (presumably they will eventually release version 8 for a new fee and discontinue such updates to version 7).
> (and servers / APIs for it)
The users (like me) who are against subscriptions are only using local vaults (managing the storage sync ourselves) and do not care for or want the web/sync services.
I disagree. Security software (as opposed to boxed titles prior to the Internet era), subject to frequent review and that is updated regularly does offer continuing value in a steady stream of updates.
As another commenter said, the price of security is eternal vigilance.
They should be supporting security updates and this should be built into their costs. Security updates represent flaws in their product.
If the user is frustrated by an old oversion and looks to upgrade (whether to a competitor or a new version), then that makes upgrading justified, transparent, and intentional.
Their subscription model just serves to make upgrading less intentional, less transparent, and takes away power from the consumer. Also at their current pricing it’s a massive increase in cost without really deliverying much more value. You’re paying more than what it normally costs in a year, to only be able to use it for a year. It’s like forcing me to pay for their product on an installment plan, but I don’t rven get to keep using it in the end.
Whatever benefits they claim a subscription provides can also be achieved by having more frequent, smaller, incremental updates for features you can pay for.
But don't forget compatibility updates. Underlying platforms change all the time, it makes sense for users to have to pay for these updates outside a certain time period.
This is how software worked for multiple decades before subscriptions came about.
The customer could pay $5 and then cancel the subscription if they do not like the service.
With the license purchase they have to make a large commitment upfront.
I've no problem with the business model, but I'd rather keep the data to myself.
Edit: Answered my own question
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
I still don't understand how the revenue model (subscriptions) necessitates the technical solution (cloud storage).
With 1Password 6 for Windows that is the case, but not with 1Password 7.
> I still don't understand how the revenue model (subscriptions) necessitates the technical solution (cloud storage).
It doesn't. But that is the recommended solution. You _can_ subscribe and use a standalone vault. But you're missing out on functionality that you're paying for that way.
Ben Woodruff
AgileBits
Thank you again, I have now acquired a subscription and version 7 looks very nice indeed.
Yes, with 1Password 7 this is possible. It isn’t the recommended situation, and we don’t advertise it, but it is possible.
Ben Woodruff
AgileBits
Making it seem like you lost access to all your passwords seems just below security issues as far as high priority bugs, in my opinion..
https://discussions.agilebits.com/discussion/82915/why-cant-...
unlike say adobe.
In particular AgileBits is right about the missing upgrade pricing system really being a bummer. To this day Apple's decision to remove that remains one of the most perplexing decisions of anything they did with the MAS (or iOS App Store for that matter). The basic idea of paying just for marginal value added since original purchase whereas new purchasers are paying for the whole package from zero is an efficient, sensible and sustainable one that has supported the software industry well since the very beginning. Ongoing support of software costs money, particularly when Apple has made it another principle of theirs to be aggressive about pushing the platform forward vs backwards compatibility. No upgrades (or volume discounts or anything else) is still such a mind blowingly stupid decision in every respect. It's forced developers to make some tough choices unnecessarily, and IAP and subs are one way to go at it.
I agree. Many of the applications that have moved out of the app store (e.g. Dash) have also ditched sandboxing.
Going back to the situation where every application can read your whole home directory is a large regression.
(Of course, non-MAS apps can also be sandboxed, but many developers do not do it.)
Ben Wooodruff
AgileBits
I see Apple coughing up none of the costs that they create by regularly fiddling with their platforms and hardware in breaking ways, yet that is a big reason why software can’t be sensibly “bought once”. Now they’ve come up with a scheme where they not only don’t give developers discounts for maintaining software but actually take yet another cut.
Don’t judge developers too harshly.
I'm OK with the model that VMware is using, at least on the Mac.
You buy version X, you have version X. Version X gets updates for some amount of time. Eventually, a Mac OS upgrade makes version X no longer work, so you have to pay an upgrade price to upgrade to version Y. There is no subscription, but there is regular income to the company to make the updates you describe.
The only exceptions are situations where hardware and platforms change slowly or not at all. e.g. Single player video games (and even that is largely consoles), certain kinds of embedded, etc.
People are already becoming frustrated with all the subscriptions they have, though. People are “fine” with paying to maintain things like their home and car. The problem with software is that it doesn’t really “break” from use. Updating the platform and hardware around the software is what can break it. It would be like the pipes in your home are indestructible and never burst in winter, but they can explode when building codes update or the water treatment plant changes it’s equipment.
However, hiding the non-subscription feature is silly. I do not wish to add yet another subscription (especially something so crucial as my what manages my passwords; I need [edit] it to work, no questions asked), and I would be more than happy to purchase a new license for 1Password 7.
We originally started with offering both licenses and subscription as equal options. Here is how it looked: https://web.archive.org/web/20160420141241/https://1password...
There was a lot of confusion with this design because people simply had no idea what to choose. It is ridiculous but we had many hundreds of customers purchasing both.
The subscription is a better option for most of our users because it takes care of so many things:
- no need to purchase separately on every platform
- no need to learn the difference between iCloud and Dropbox sync, and why sharing is not possible with iCloud option
- no need to learn how to set up a shared Dropbox folder
- no need to worry about backups when your computer or phone dies
- and more
Many of our long-time customers still use licenses and are happy with the existing setup and we want to keep them happy. This is the main reason we keep the licenses going and releasing new version for Mac and Windows support for licenses and standalone vaults.
1Password accounts seem like a very attractive target for something like Stuxnet. I just can’t bring myself to put my trust in a corporation, given the history of pivots & acquisitions and subsequent licence changes & data repurposing.
On iOS, scroll down the list, you'll see an option on the welcome screen to create a standalone vault. You're not on a subscription doing this.
Already have a vault synced to Dropbox or iCloud? Tap the requisite option on the welcome screen and it'll suck the data in from your sync source of choice. Again, no subscription required.
Kyle
AgileBits
There are no plans to remove Dropbox support. Especially not after we spent an entirely non-trivial amount of time getting the SDK updated.
Kyle
AgileBits
Like you, I would have happily done a paid upgrade to 1Password 7, but a subscription to access my passwords is a non-starter. And after having been made to feel like a second-class citizen for so long, they've burned any good will I had for them and I'm done buying anything from them.
Enpass[0] is worth a look. Free on desktop, one-time fee on Mobile, sync via the cloud provider of your choice. Also available for Linux, which is what drew me to it.
[0] https://www.enpass.io/
Could you give me some details on what we've done to make you feel like a second-class citizen? I'm sorry if we've made you feel that way, it certainly isn't our intent but clearly we've done something that hasn't sat well with you.
Licenses aren't going away and we are definitely offering them for version 7. There are a variety of new features that both license and subscription users will see in version 7 as well.
The command line tool was made possible because our server component was written in Go and so we had a great deal of the work done as the command line tool is also written in Go. So there's a great deal of shared code there.
The original intent of the CLI was to allow administrators to automate the creation and deletion of users and vaults. They do this type of stuff all the time and having a tool accessible to them for this purpose was a goal of ours. It has the ability alter items and all that but I think for the most part it's used as an admin tool more than anything. Very little of this applies to the way the standalone vaults work.
Either way, I'd love to understand more about what we did to wrong you so I can pass that information along to the teams that need to see it.
Thanks,
Kyle
AgileBits
The feeling of being a second-class citizen comes from recently purchasing a new computer and the process of getting 1password configured.
- First, the webpage. The 'Try it free', 'pricing' and 'get started' links all go to a sign-up page that makes no mention of the non-subscription option. To download the software, I had to find the little 'download' link in the footer of the page. Given that it's still possible to signup for the subscription service after downloading, I'd like to see a more prominent 'download' to both support people like me who have an existing license and people who want to install first and sign-up second.
- Second, there's the experience when first starting the app. It actually took me about 30 seconds to figure out how to connect it to my existing vault that I keep in Dropbox. The sign-up flow is so prominent. It may have been different if I'd installed my license before connecting my vault, but I keep my license in my vault, so that's a bit of a chicken-and-egg problem.
- Third, on my new computer I discovered the Station app, which seems like a cool way to separate my persistent, always open tabs from my normal browser tabs. It has 1Password integration, but uses the CLI client to accomplish that, which means I'm out of luck and stuck having to copy-paste my password every time GMail wants to reverify. Adding support for non-subscription to the CLI would mean a lot since it's used to integrate with other apps.
Alternately, if you'd like to publish developer documentation on the native message protocol used by the Chrome extension, I'm happy to write code myself. I've wanted a modern version of http://sudolikeaboss.com for a while, but reverse engineering your protocol crosses my not-worth-the-effort boundary.
None of this is major, but it's all the little things that contribute to the feeling of being second-class in the eyes of AgileBits.
Regarding your first point. I've filed this feedback to our team in charge of the 1Password.com page. I don't have much more than that right now but I generally agree with you. There are probably reasons for why we focus this a bit differently... Notably, if I had to guess, that paying through IAP (which is how they'd likely end up paying if they sign up in app) costs us a significant amount more and offers far less flexibility. Just one potential reason I think.
For the second. We've rewritten this welcome screen multiple times... turns out getting it right is incredibly difficult. I think we've gone through something like 50 different variations of this single pane now. I honestly don't have anything on in mind that I can share here.. it's both frustrating for us because we know people are confused by it, but we also aren't sure how else we can present that information that's going to be more clear. It's always a teeter totter, trade one thing for something else, but we lose something as well. I do appreciate you commenting on this though, I'll pass it along to the rest of the team as well.
Station is one we don't generally recommend using in this way... First the blog post where we talk about this general concept: https://blog.agilebits.com/2013/03/06/you-have-secrets-we-do...
Then the quote from it that matters most:
> We have to advise you to never enter your 1Password Master Password into anything that isn’t 1Password. We aren’t casting aspersions on the integrity or competence of any developers, but we simply can’t advise otherwise.
So our general stance here is, you really shouldn't enter your Master Password/Secret Key into third party apps. We can't vouch for it and you're basically giving Station full access to your data doing this. Entering it into the CLI directly is great, but.. Station is gaining access to this information which is the issue we generally have with suggesting this type of thing.
Adding support for standalone vaults to our CLI is... difficult. The 1Password.com server is written in Go. As is the CLI. We were able to make the CLI in super fast form because we could piggy back on the code we have for the server, move a couple modules over to a new project, write some glue, wah-la. The CLI also started as a tool for management of accounts... think adding users, deleting users, adding vaults, granting access, etc. Admin type stuff. Literally none of this applies to standalone vaults.
At best we could write a CLI (separately) as part of the 1Password app that is in Objective-C/Swift, since we could piggy back on existing libraries we have in 1Password for Mac/iOS. But I really don't see very many people needing this... would it be cool? Absolutely... but... I don't think there's this great demand for it.
Regarding sudolikeaboss, I think we'd ultimately like to see something like that again. But the way sudolikeaboss worked was incredibly hacky and it was bound to break because of this. We'll have to take a look at this for future updates, but I don't see sudolikeaboss coming back as a thing, perhaps we can do something internally though. There was simply no time for this for 7.0 though. But maybe it's a neat idea for 7.1 or 7.2... both of which have some already huge features planned.
So to kind of re-iterate a little bit. The CLI exists because it was super easy to glue pieces together from existing code. It's not like we set out to write this to stick it to anyone, we wrote it because we seen a demand for it by administrators who were on unix type systems and they wanted ways to admin their accounts. It gained some editing/using features as well but those came after. Interestingly the CLI talks directly to the server for this, it doesn't have a copy of data locally... it doesn't really have any idea about data formats and such.
And sudolikeaboss, while cool, wasn't an officially endorsed product of ours... that isn't an excuse for breaking it, but it also shouldn't be a huge surprise that it did break due to the way it functioned. I personally would like to see something similar in the future though.
Hope that helps some... I understand these are all important to you though and I hope my response doesn't dismiss any of that importance. I'm only trying to explain from our side so you can see thought process a little bit. You also don't have to agree with our decisions, and I'm not trying to convince you that we did the right thing. I just find understanding why we do something makes it easier to at least accept how/why something happened.
Please do let me know if you have questions though. I'll keep an eye on this for a few more days. Otherwise, please email in and mention me and I'd be happy to help get you answers.
Kyle
AgileBits
Correct me if I'm wrong, but couldn't you re-use the plumbing that you have for the Chrome extension? The blog post was here: https://blog.agilebits.com/2017/07/19/introducing-native-mes...
That way, software could integrate with 1Password by triggering 1Password to prompt the user for the master password, choose a password entry and send that data back to the application that triggered 1Password. That way, the master password is never sent to anything that isn't 1Password. This was the workflow of sudolikeaboss. The implementation of that, however, was hacky since it used a reverse engineered websocket connection behind the scenes. It would seem that the native messaging stuff is a little cleaner and would allow third-party apps to trigger 1Password in a way that, at most, a single password would ever be exposed.
I guess the ask would be to make that native messaging protocol that the Chrome extension uses a documented and stable thing. And since the 1Password application is used by both subscribers and licensees, that can become the preferred way for 3rd parties to integrate with 1Password in a way that users know only exposes individual passwords at the single point in time when they're used rather than the entire vault, for exactly the security reasons you mentioned.
BTW...as much as I've felt frustrated by some of the decisions AgileBits has made, in the few interactions I've had with people at your company, everyone has always been the above-and-beyond type, as you've exhibited here, so thank you for the effort to engage in this discussion, likely long after others have stopped reading this thread.
There are two important things:
1. We check code signatures and compare them against what we know and expect. 2. The more we approve for this the more it feels like we're screening and supporting the ones we do approve.
We have opted to remove all browsers except those that are mainstream (Chrome, Firefox, Safari and Opera). I believe everything else has been removed. We also don't allow this to be disabled, for security reasons, as of recent versions.
sudolikeaboss would also require that we add their code signature to the app and it breaks the new rule we have on that.
If sudolikeaboss ever came back, it'd be a home grown solution internal from us. It's the only way we could make this work I think.
Security is really tough. We didn't want to start feeling like we had to screen all apps and vouch for them. It's a really slippery slope. Maybe we'll find other ways to accomplish this though. There are indeed some .. plans.. that might actually really impact this in the future! We'll have to see what comes from WWDC this year before we make next steps though.
And thanks for the kind words. I like hacker news, I hang out here and read stuff during my lunch and stuff, so it's a pleasure getting to converse with people here. :)
Kyle
AgileBits
As a free user I've contacted their support twice and they replied within minutes.
But shamefully, as it stands, "self hosted" for Bitwarden really means "host on your server, with our server's permission"
Reference (see "Installation Id/Key"): https://help.bitwarden.com/article/install-on-premise/
The Windows version of 1Password 7 still can’t be licensed, they haven’t built that part yet. The Mac version however can be purchased, and if you plan on sticking with it I would do so now, as the price will be much higher in the near future. Right now it’s being offered at 50% off.
"Licenses will be available for $64.99 when we launch later this year, but are available now for only $39.99."
I just went through this. Install v7, open it, unlock your vault, and it'll prompt you to try a subscription, with a tiny option below to just buy a license.
Here are the license links:
https://1password.onfastspring.com/in-app/1password-7-for-wi...
https://1password.onfastspring.com/in-app/1password-7-for-ma...
Unfortunately however, 1Password 7 for Windows does not offer the WiFi Sync. There's more on that here: https://discussions.agilebits.com/discussion/87524/on-wlan-s...
Here are the license links:
https://1password.onfastspring.com/in-app/1password-7-for-wi...
https://1password.onfastspring.com/in-app/1password-7-for-ma...
Like others here, I'll probably be reevaluating my choice when it feels like it's time to upgrade. For me, some of the open source solutions are perfect as far as the underlying storage format and sync technology, but lack good browser extensions that already understand all the quirks of various sites. That's the kind of thing that a commercial product can tend to do a better job at.
Personally i wouldn't want to store my passwords with the same company that creates the (encryption)software.
And i definitely wouldn't self-host (why burden yourself with the management of data-backups/updates/etc. when iCloud is available for free...)
Their base software has an artificial limit in terms of number of users and number of 'collections', which goes contrary to the ethics of Free software.
For people like me that already rent a VPS for their mail and website the marginal cost is $0 except for the time it would take for me to perform the installation and setup.
If the system is good and stable then the "cost" of the time that I would spend installing it on my server would be close to $0 when divided over the amount of time I use the software in the future.
No it doesn’t. Free software doesn’t have to be free: Even on the GPL page it’s written that it’s even ok to sell free software. It’s only unethical if you equate OSS to software communism, but that’s another topic.
So anything that encourages the user to either use the freemium, then either dive into the code or either pay, is ethically correct. After all, you can download their AGPL, knock the limit, and redistribute. At which point you’ll be a contributor and while you’re at it, you’ll probably make a few other improvements: it means effectively free for contributors, which is awesome. See, it articulates quite well gratis, contributors and funding.
It’s only designed to make enterprises pay, which is good because they can “donate” huge sums for good software, so it funds the open-source community quite well. And it retains the qualities of OSS: You know what you install, you’re not tied to the editor if he dies, and if they stop improving the software, a contributor can take over their code and become more famous. Win-win-win.
I've not looked again recently but lastpass is the only thing I've found that fits those bills.
Seems to fit the bill a bit better. And might mean $12/year less though thats not a huge problem.
Good times.
I get that these moves make people nervous, and rightfully so. But as it stands every version of 1Password in active development (not including maintenance mode):
* Can be licensed standalone.
* Supports local & Dropbox vaults.
* Was released within the last year, actively supporting those features.
The only feature they’ve actually killed off (by not baking into future clients) is WLAN sync. This is a regression for some, but personally I always found it super impractical.
I agree that how they are going about this doesn’t inspire confidence that these features will remain in the product, but to some extent it does.
While they downplay the hell out of it, 1Password 6 for Windows was a ground up rewrite that ditched local vaults and standalone licensing. Those features were reintroduced in 1Password 7 for Windows, which is a pretty big backtrack for them and requires renewed development effort.
AgileBits doesn’t always make the right decision. They develop opinionated software, like most good developers. However, just like the MAS-only decision they made with 1Password 4 and stood by for some time, eventually they do right by their customers.
1Password 7 for Windows is a great example of that. As much as they would love to go cloud only, they heard the feedback and brought back those two key features. At this point, I can’t expect much more than that.
Not in my experience.
I moved to LastPass the moment Agile Bits decided to not support its (non subscription) 1Password paying customers in having a web access to the vault.
I had bought all 1Password versions + updates (Windows, Android, Mac, iOS) which put me well above $100. One day I simply couldn't use 1Password online, which I relied on for Chrome OS use. Dropbox decided, rightfully, that the public folder shouldn't be used as a static web server, which is what 1Password used as online vaults.
There was a long discussion in Agile Bits' forums about this issue. Agile Bits argued that it wasn't its responsibility to solve this since it was a Dropbox decision and its users could still store and sync the online vault manually on their own servers. I argued that losing automatic sync rendered the feature pretty much useless.
In any case, Agile Bits could have transitioned its users to the subscription model by either giving them subscription time or by offering an alternative to the Dropbox public folder, but it decided that its customers were not worth the effort.
I had a lot of respect for Agile Bits and 1Password, but this was a crappy way to treat its customers, specially considering 1Password was not a cheap product.
LastPass is not as elegant, but I'm happy with it.
This is incorrect. The command line client is subscription-only.
Ben Woodruff
AgileBits
Ben Woodruff
AgileBits
It’s still available for the Mac client, but they’ve essentially said they won’t be supporting it in the future.
1Password for Windows is a full rewrite and the new codebase never had WLAN sync. We wanted to see if people really need it when we announced 1Password 7 for Windows: https://blog.agilebits.com/2018/03/20/introducing-1password-...
I think so far we had about 90 people expressing interest in it. For a product with over 15 mln customers, that is a very low number.
I don't care about that feature... but this HN thread is the first I'd noticed that 1Password 7 for Windows actually exists and finally brings back local vault support. I care very much about that. I'd have liked to know about that the minute a public beta landed. But... I spend approximately 0 minutes a day thinking about ways I could better engage with AgileBits.
Maybe y'all could spare some minutes to figure out how to better engage with me, a customer who gave you some money 3+ years ago and has hardly heard a peep from you since.
1) We often don’t even have contact details for customers (e.x. App Store purchases) 2) When we do have such contact details they may have only been given for the purpose of completing a transaction, and did not agree to receive a newsletter or ongoing communications 3) Even when none of the above is a barrier it is very time intensive to send a newsletter. Not only does it require a fair bit of time to craft but the volume of inflows to our customer support team after sending a newsletter are huge.
I understand and agree with your position that putting the onus of keeping up on what is happening at AgileBits on the customer is no solution, but we do have to balance the above considerations. We’ll continue to look for ways we can do better.
Ben Woodruff
AgileBits
Blog and newsletter are the only options we have to communicate with our customers. I agree that it is not enough and not everyone receives this information.
If you have an idea how we can make it better, please let me know!
Also makes it easy for the family to share hulu, netflix, whatnot.
Also, the switch to the "1password cloud", instead of the already freely available iCloud/Google Cloud/Dropbox etc, just seems like a move to make people believe their expensive subscription are justified. There was absolutely no demand for a "1password cloud".
This entire push to subscription-hell makes me sick...
(i've had 1Password paid versions, OSX & iOS, for like 7 years btw.)
Vault sharing is simply impossible with iCloud. Sharing with Dropbox requires manual set up of shared folders.
Ben Woodruff
AgileBits
I like that I don't need a Dropbox, Google Drive, iCloud, OneDrive, etc. subscription for 1Password to work. It's convenient.
If you only want to use iCloud then you might be served better with a license.
* Must simpler setup for sharing
* Permissions (read-only vaults, etc)
* Secret Key that is used in addition to the master password to better protect data stored in the cloud
* Account recovery (can be done by the family organizer for other family members if they forget their password or lose the secret key)
* Travel mode
* Automatic backups
* Individual item history
* Multifactor Authentication (TOTP)
* Mac, Windows, Android, and iOS apps included
* Support for Linix and Chromebooks with the new 1Password X extension.
In addition to that, sync is faster and more reliable. There is no worries about Dropbox/iCloud throttling when you set up a new device, etc.
1Password Teams and Business have additional features that build on top of that.
I would be more forgiving if the subscription was for value-added features, like dynamic syncing, or remote encrypted storage. But it ain't.
That’s a key component of a 1Password subscription, they host your vaults and handle annoying details like access control, etc.
This trend of subscription-ifying is horrifying. It's turning users into digital sharecroppers, for a guaranteed line of money. And 'easy-to-import, hard-to-export' is the modus operandi for these companies.
Sure, I'll take the karma hit. I already have with the prior post here. Evidently, people seem on the most part OK with allowing their personal data be trapped behind subscription paywalls... Well, they're OK with it until they're not.
EDIT: Lets make this crystal-clear what my complaint is:
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
No Pay, Forget to Pay, can't afford == FUCKED.
Long story short, they hold your data hostage for the "New and Improved Business Plan".
From 1Password:
We may argue about it but the most expensive solutions are still the most consumer-friendly.
But the push to the cloud versions gives me headache. I don’t want to sync using their cloud - I actually sync using a WiFi server. While it’s (still) possible to obtain the standalone versions, it’s difficult to find them. And I expect that in a few years, they’ll be gone completely.
I am looking into Bitwarden at the moment as a self-hosted alternative but I haven’t decided yet.
This part was super confusing to me until I dug deeper when a friend upgraded.
So the primary impact of switching from standalone license to subscription, if you're planning on using 1Password for a while, is that instead of paying a larger chunk of money every so often when they drop a new major version, you move to paying a flat couple bucks a month or larger chunk per year.
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
> As it stands, though, how you purchase 1Password is intrinsically tied to where you store your vaults and how you sync them
Ben Woodruff
AgileBits
I understand why they're subscription-only for the mac app store, as a way around its insane lack of pricing flexibility. Makes sense, fully support, etc. But they seem to be continually pushing the non-cloud options further and further away from visibility :|
Subscriptions will only support cloud sync, not local.
If you have a subscription you can create standalone vaults outside of your subscription and sync those using iCloud, Dropbox or WLAN sync if you wish.
This behaves the same in version 7 as it did in version 6.
Kyle
AgileBits
Kyle
AgileBits
I understand the attraction, from a software development standpoint it's much easier to make everything work well when you control the server and client software together.
Especially in a world where they successfully convince everybody to pay a monthly subscription, the effect of losing every user who wants local vaults would be an immediate visible blow to their revenue stream.
Their goal in moving to subscription services seems less driven by simplicity and more with making that revenue stream more predictable. But whoever runs the marketing side of the house decided the best way to pitch the change was by saying how great the cloud hosting was, and looking around at these comments I hope they realize their error.
Assuming that's correct (since the blog post still strikes me as vague), the answer is clear in their reply: memberships are exclusively cloud, standalone licenses are exclusively local backups / sync.
I have no idea why they’ve decided to handle what they’ve called out elsewhere in this thread as an “advanced feature” that won’t be going away by lying about the feature not existing.
It seems so weird because their subscriptions work exactly how I’d want them to work, but all their public statements actively prevent people like me from knowing that.
It's completely ridiculous. And it's burning trust, in a fairly inherently distrustful crowd like you get when you're in the security / crypto field.
If you purchase a subscription you can create standalone vaults and sync them to Dropbox, iCloud, WLAN or Folder just as if you had purchased a license. You'll have both an account (which has vaults in it) and standalone local vaults that can be synced as above.
This is how it behaves in version 6 and nothing has changed with this in version 7.
So if you'd rather have a subscription AND just use standalone vaults you're welcome to do that.
Not however that this may not be true for Android or Windows. I'd have to double check with those teams as to how they do it but at least with regard to Apple platforms this is a viable option if you so choose.
I've brought this topic up internally and hope that we can all be on the same page. My suspicion is that someone from a non-Apple side of the company is answering these. It's tough because our Windows and Android apps are still trying to play catchup with Mac and iOS, so they may not do things that Mac and iOS do.
I do apologize for the confusion though. That said though you can take my answer and trust it. If you have questions though please reach out to our support and mention me specifically (Kyle) and they'll get you in touch with me.
Kyle
AgileBits
At least on Android it's fairly easy to make a new IME and just use my background dropbox syncer, so I have a backup plan if needed.
However if you have an active subscription to 1Password.com it will unlock the Pro features for that single standalone vault. So it behaves similarly to how 1Password for iOS does in this regard. The difference is that 1Password for iOS supports multiple vaults.
Hope that helps!
Kyle
AgileBits
The move to their own "cloud" as the primary sync system pretty much ensures other sync methods will never get properly fixed. I wouldn't have recommended 1Pw to people looking for non-cloud sync in the past, and now I definitely wouldn't.
That said, I refuse to use cloud-stored browser-accessed password managers, and it's looking more and more like they're pushing for that to be the only option. Not there yet, but oh boy are they pushing it down into the deepest corners of the website.
> That said, I refuse to use cloud-stored browser-accessed password managers
There seems to be a disconnect here?
Ben Woodruff
AgileBits
Desktop app: I can stop updating, firewall the app, use offline, airgap a computer, I have many options for reducing my attack surface.
Website: I have literally no way of locking down a version, possible-but-I-haven't-seen-it to be notified of changes (but likely not block them), and it would be rather trivial for the site to ship new JS that simply uploads your password once entered.
Not that I think you are. I assume you'll approach that with the same level of care as you've given your apps (which has been fantastic). But I do think that you're a gigantic payout if someone successfully breaks in. Why should I throw my eggs into such a large, internet-connected basket?
---
For comparison, injecting a malicious update into the apps to do the equivalent of a trivial, invisible JS change means: 1) getting a change into the binary (maybe they brought their own tho), 2) breaking into your app-signing system which is hopefully among your most-secure locations[1], 3) distributing the app to both customers and employees with a visible update notification, and 4) not getting caught before I download it. For each app. Websites are far, far easier to take control of.
[1]: I'm not aware of any server-side security-oriented frontend-web stack which would mitigate this in the slightest. I hope there is though! I'd love to read up on it if anyone knows of one.
It is finicky! There are multiple components outside of 1Password control when you are using Dropbox, iCloud, or WiFi sync.
We do our best to find, troubleshoot, workaround these issues. We have built an entire Troubleshooting and Diagnostics utility just for that: https://support.1password.com/diagnostics/
For the majority of users sync with third-party services works well. However, there cases when it gets finicky.
I don't use any third-party services. I use what 1Pw calls "Folder" sync, as it's the only non-cloud method available. 1Pw on Mac #1 saves a binary file to disk, and 1Pw on Mac #2 loads that file from disk. There's no components here out of 1Pw's control. Sometimes, 1Pw simply doesn't write the file on Mac #1, as I can tell by the modification timestamp.
I ran 1PasswordTroubleshooting.app, and sent in the 400KB report it generated. The response I got from tech support mentioned nothing about what might have been found in that file (or what they expected to find, which could prevent data from getting from the application to the filesystem). They simply gave the usual spiel about restarting/upgrading.
One thing that is not clear to me is what happens with the subscription license if you go a long time without internet access. With the standalone license, it checks the validity of the license when I enter it, and then I'm good as far as I've been able to tell forever more.
If I take a laptop with a 1Password subscription, fully validated and synced, and spend 6 months with no internet access, will 1Password continue working?
Remember, 1Password is often used for more than just internet passwords, so wanting to use it with no internet access is not unreasonable.
I've been using this for years across multiple devices and O/S. A real lifesaver.
Yes. Obviously it won’t sync with your other devices until you restore connectivity.
Ben Woodruff
AgileBits
They mentioned somewhere on their site (I don't remember exactly where...it might have been in an answer to a question on the forums) that one of the points of 1Password 7 is to bring the standalone versions up to parity with the subscription version.
Right now, standalone and subscription are essentially different products, with all new feature work going into the subscription product. With 1Password 7, they become essentially one product with different licensing options.
It sure didn't sound like they plan to get rid of standalone.
We always try to implement the new features for both standalone and subscription customers, when it is possible. There are features that are based on the server doing the heavy lifting (permissions, travel mode, account recovery, backups, item history) and they are not available in the standalone mode.
But it has nice benefits as well, they have a Chrome/Firefox extension (1Password X) that goes with their cloud that works on Linux. Understandably, it would be harder for them to offer this on top of Dropbox or Wifi sync.
Also, syncing is never easy.
Cloud password systems are like running all your security-sensitive code in an Electron app - an impossibly large attack surface with many significant flaws in some of your most-sensitive use. It doesn't make sense if you care about security at all. At least extensions are moderately well sandboxed compared to websites (since it'd be trivial to ship new javascript from their site).
Try building a password manager that doesn’t sync and let me know how sales go. :)
> Cloud password systems are like running all your security-sensitive code in an Electron app - an impossibly large attack surface with many significant flaws in some of your most-sensitive use. It doesn't make sense if you care about security at all. At least extensions are moderately well sandboxed compared to websites (since it'd be trivial to ship new javascript from their site).
You are correct in that the web browser is a very hostile environment. We're working to minimize what tasks need a web browser, and have already got it such that the entire sign-up flow can be completed in-app at least on iOS.
Ben Woodruff
AgileBits
Well... 1Password arguably doesn't sync (until the cloud stuff). It stores files on disk, dropbox syncs it behind the scenes. Given my backup size vs how often I change it: I honestly wouldn't care if it were one blob that were uploaded / downloaded at once for every change, rather than all the small pieces it does now (I assume this is to speed up sync (by a ton)? It's also a major source of sync conflicts that lose data, since dropbox will store both copies on conflict (minus bugs), so it's a horse apiece).
So it works pretty well, apparently. See also KeePass* and many other local-only password managers which people sync via scripts / dropbox / etc. They're doing fine, though 1P is dramatically better than the competition and I'm plenty happy paying for it.
https://support.1password.com/1password-x-security/
We do not make two different versions of the app.
But the alternative seems to be staying logged in to LastPass which means it's just my four digit phone pin to get access to everything. I mean, I guess if someone takes my phone and bypasses my PIN then I've already lost basically everything. But at least I wouldn't also be signing them into my bank account. My phone doesn't have biometrics which I think would be my compromise if it had them.
I use it to generate new passwords for whatever signups/apps I need on mobile, also for logging into websites on mobile. The workflow for password managers in mobile safari works very well.
I don't enable FaceID/TouchID/PIN for 1Password, but I do have it enabled for my device.
Anyways, I use the Bitwarden app on my S8 (and previously HTC 10) and it works great. I tap a password field, Android asks me if I want to fill the password, I unlock my "vault" with my fingerprint, and tap the right account for that app. It's pretty easy.
LastPass and Bitwarden also can hook into accessibility features on Android 7, to enable most of the same features, but since it's not part of Android and baked in it doesn't work quite as well.
I used to use LastPass and frankly it's far behind 1Password in user experience, especially on Apple devices.
[1] - https://www.passwordstore.org/
[2] - https://github.com/zeapo/Android-Password-Store
(I use Spideroak to sync the DB across devices)
I use Syncthing to sync it among devices, it's open source and fairly simple to use(compared to other DIY cloud apps)
Yeah, but IIRC it doesn't on iOS? I dunno, it hasn't been a big pain point.
My solution has to use the Firefox password manager for low value things (like Hacker News), and manually c/p for the higher value (bank, retirement account, etc).
(Maybe I'm overly paranoid but I don't like to put high value passwords into the cloud)
Because keepass files are cross platform. macOS, iOS, android and all the flavors of Linux support it.
I also strongly prefer having a locally stored password DB on the device rather than letting it sit in the cloud. (Even though I have an admittedly strong passphrase)
WFIW I’m using a plain text file in an encrypted disk image, because I started before I found out about Keychain Access.app, and I never actually trusted third party apps for security reasons and possibly paranoia, so I can’t compare UX quality, but it is available in a form on the desktop.
iCloud keychain is a perfectly reasonable (and as a UI, probably better than anything else) password manager iff you use Safari as your main browser and all your other devices are Apple devices.
If you can live within the constraints of iCloud keychain (the Safari/Apple devices thing, don't need stuff like 'team sharing, etc) it's arguably a better solution than 1Password.
My setup uses iCloud, Box and Google Drive to sync the kdb.
Am I mistaken?
With iCloud sync of a local vault, the client will automatically store backup copies of the database on the local filesystem. I can sync that file to local ZFS NAS storage and to offsite storage to maintain months/years of archives as desired.
Until there is an automated export/backup option with the Agilebits sync serivce, it's off the table for me.
It's not ridiculous at all because it generally is the norm.
As far as I'm concerned, AgileBits has gone well above and beyond what is reasonably expected in terms of providing long-term upgrades to existing users. For those people to now turn around and complain that they aren't also getting version 7 for free... frankly comes across as entitled and ridiculous.
Roughly 10 dollars a year for a critical utility software isn't "fairly steep," and I also fail to understand how so many years of free updates imply any type of "reasonable" expectation of long term updates.
Unlike most of competing products, 1Password encrypts pretty much all information, including vault names, item titles, URLs, tags. It is easier to list what's not encrypted. It is also probably the only product using SRP.
Now check out what information is sent in plaintext or base64-encoded in other products.
Also I'm pretty confident the entire lastpass vault is encrypted locally as well.
"Hey your data is safe just because we have SOC 2 certification" -- that's not want you want to hear.
About vault being encrypted locally: https://hackernoon.com/psa-lastpass-does-not-encrypt-everyth...
Including perpetual upgrades for a one-time fee wouldn’t be a sustainable business model for us.
Ben Woodruff
AgileBits
Source: https://blog.agilebits.com/2018/03/20/introducing-1password-...
This looked like a clear deprecation of their local vault support but their Mac and Android versions never dropped support for those. I don't know if AgileBits ever planned to drop that from the other versions but after some vocal feedback from their users they stated that local vaults will remain.
The upcoming 1 Password 7 is the first release after the rewrite to support local vaults again on Windows. (BTW, their previous Version 4 for Windows with local vaults was still supported during the 1 Password 6 timeline. Afair, they stopped to sell stand alone licences for those after a while.)
Of course growth numbers may suck, given how hard it is to make it for any app these days. Long-term growth would probably actually not be sustainable because if it blows up, there is no additional revenue down the road from lack of subscription, and also no network effects to power exponential growth in terms of market share. As far as I can tell, if you're not going to do subscription, there's no way to force users to pay to upgrade to a new version (new features) in the Apple App Store, not sure about Google Play. Your only option is to maybe create a new separate app that's able to import data from the old app, but that seems tacky to me. So, this really wouldn't be a big long-term play at all. But I imagine that there must be short-term markets out there willing to pay for apps that don't keep their data and usage hostage.
I'm myself thinking of making an app like this for budget tracking, just because I haven't found any out there these days that don't require neverending subscriptions and also fit my unique needs. Cloudless is also fine for me, as my phone is storage enough, or if it isn't enough, maybe use my iCloud storage, Dropbox storage, Google Drive, OneDrive, etc for holding the data? Besides that, it'll finally give me the kick in the behind I need to finally learn Swift, which I've been meaning to do for a while. Alas, I imagine cost of customer acquisition may be too high to make even a short-term profit.
So... would this just be a small project for me to prove I can learn Swift and show future employers that I can make smartphone apps too? Or is there actually a real business here and in so many other niches because some people hate being locked into subscription fees? Curious if anyone else has some thoughts.
Have a look at hledger and ledgerCLI, the former has a lot of its functions in an API and you could thinker about using that as a base for a nice UI in something that is not haskell.
One of the biggest reasons that subscriptions are proliferating is because it's really hard to make money with the old model. People don't want to pay large up front prices.
"As far as I can tell, if you're not going to do subscription, there's no way to force users to pay to upgrade to a new version (new features) in the Apple App Store, not sure about Google Play."
You can put a V2 in the store, and stop updating the V1. It's a terrible solution, but it's as good as it's gonna get.
Did you try GnuCash? It's not user friendly but a friend of mine swears by it.
https://www.gnucash.org/
What you'll like about hledger and legerCLI is a) the undo function of your favourite text editor and b) separate files that you can include into a master c) awesome reports on the terminal.
You might want to check this out too: https://github.com/firefly-iii/firefly-iii#introduction
With IntelliJ (JetBrains) I get perpetual fallback and that makes me super comfortable with a subscription model.
Will AgileBits offer perpetual fallback? I doubt it. Their product works well but their marketing team are a let down.
AgileBits seems to be an honest company and they went the extra mile to backport some new features (TOTP) to their dated 1PW 4 codebase. I will give them the benefit of the doubt and try their subscription and should they ever turn 'evil', I know that alternatives like Bitwarden or Enpass are available and ready to import my 1PW vault.
I also don't want to pay for a upgrade just because apple upgraded the OS.
I now only buy mac software on Mac App Store.
Apps which I have not renewed include 1password, screenflow, textmate, vmware Fusion,
Paid Products I wish were on Mac App Store with free updates. Sublime, Paragon NTFS , printopia
Microsoft provides 5 years of Mainstream Support and 5 years of Extended Support at no additional cost (cost is built into the initial license fee).
Heck, I would more trust software that says 10 years of garunteed support rather than lifetime support. Too many companies fudge the meaning of "lifetime", and 10 years blows Google's 2 + 1 years of Android support out of the water.
There's probably not much platform-specific code in a password manager, but what are the odds it'll work perfectly under their next emulator, or that you can take such an old codebase and just recompile? 10 years ago, the old "pbproj" format was still supported, but the last Xcode that could open them was Xcode 3 (requires OS X 10.5 or 10.6).
Less than 10 years passed between the last Apple IIe sold by Apple and the first PowerMac G5. Or the last Newton to the first iPhone. Or the original Apple I to the Macintosh II. That timescale has big generational changes, and I don't agree that it's realistic for third-party developers to support software that long at no extra cost.
Then it's going to be very expensive.
I made the mistake, years ago, of selling perpetually licensed desktop software with free updates - the economics really don't work, and it's a mistake I haven't made since.
That mechanism is not built into the apple app store, which is why they cannot offer it.
That Apple makes previous versions of my installed software incompatible when I do upgrade should not be my problem.
(That said, I agree there is a problem here, and I think Apple should ultimately be the one who fixes it)
For Windows perhaps, but they sell Office as a yearly subscription.
(Office 2016 works well on Linux with Crossover. Just bought a Crossover lifetime license. Crossover has a decent subscription/license working - subscription is for updates, you can continue using indefinately if you stop paying. Although it is a little expensive.)
Why should you get free updates, though?
I totally empathize with those who refuse to use cloud/subscription services as, let's face it, there are a lot of bad actors doing crappy things with our data.
But for me 1Password seems like a small, honest company providing great quality service and software. I'm a happy customer.
Yes, I imagine because they have carefully crafted that image through blog posts and impression management. They have over 70 employees to write a password manager. 70!
We have designer and development teams for Mac/iOS (Objective-C, Swift), Windows (C#, .NET), Android (Java, Kotlin), browser extensions (JavaScript), 1Password server (Go), 1Password web client (TypeScript, ReactJS), command-line client (Go), SCIM/LDAP integration (Go, Docker, Kubernetes), and a ton of other smaller projects.
There is a Security Team that does security reviews, works with BugCrowd researchers, and does SOC 2 compliance. DevOps team works with AWS and Google Cloud.
We want to do more. We are hiring :)
I agree with some others that they bury the hell out of the standalone one and want people to go for the subscription, but as long as I still have my standalone one, I am a happy customer. 7 looks and feels great, and for a software that I used for years and years since I first bought my license, this upgrade felt justified.
I in no way felt I had to upgrade though and could have just sticked with 6.
My only worry is that with 8, it might become subscription only for good... (Please don't!!)
Ben Woodruff
AgileBits
But my data shall be my data, again. I’m not paying for an app that I regularly have to buy an upgrade for and which doesn’t give me the opportunity to hold my data locally after explicitly having this as a selling proposition for many years.
The subscription service changes the frequency at which you pay Agilebits; it does not mandate how you store your data. 1Password 7 continues to allow all the kinds of local/Dropbox/etc vaults that prior versions allowed.
If somebody at Agilebits is reading this thread: look around at these comments. The lack of clear information about local storage in the subscription model is causing massive levels of customer concern.
This reduces support and development load (no need to support local/Dropbox/Wifi sync with all its edge cases) and guarantees montly/yearly payments.
If AgileBits was VC-funded then we would have to drop standalone vaults, no doubt. It is a good thing that we are not. We do care about our long-time customers and will provide standalone vaults for as long as there is demand for them. Just please do not ask us to make it a default option.
Both the standalone subscription and the local vault support have regularly been mentioned in announcements and updates for 1Password 7 from the start. My impression is that agilebits understands how important these options are to their users and have invested in keeping them around for the long-term.
However, it would not be the best option for most of the customers. They would have to understand how to take care of local vaults, including syncing, backups, etc. It is really an advanced feature for very technical audience.
> 1Password 7 from the Mac App Store will only support our hosted service, as that’s what you’re purchasing with a 1Password membership. If you install from our website, you’ll have to option to use a standalone vault synced via iCloud if you purchase a standalone license, or use our hosted service if you purchase a 1Password membership.
> As it stands, though, how you purchase 1Password is intrinsically tied to where you store your vaults and how you sync them
This was directly in response to a question about the ability to continue using local vaults in 1Password 7, and it doesn't say that local vaults are an advanced feature, it says they will not be supported by people who buy a subscription.
If y'all just didn't mention the local vaults in most of the marketing, and then there was an "Advanced users only" section that said "however you pay us, you'll be able to keep using local vaults just like always", you'd solve a whole broad spectrum of the concerns you're seeing on this page.
I’m sorry for any confusion caused by the comment. Hopefully this clarifies.
Ben Woodruff
AgileBits
Ben Woodruff
AgileBits
While 1Password works better than the rest of the pack, they're not exactly a fountain of new, needed features.
It seems to need upgrading for each new version of OSX - but I still only use the features now that I used in 2010.
I’ve reccomended 1password to hundreds of people, so it’s sad to see the decline. I would and did accept a simple annual new paid version - but the upgrades seemed to to remove/hide the basics like Dropbox sync or one location for passwords.
So now there is a gap in the market for a paid easy to install and sync password manager that makes it trivial to store data locally. Surely they are a lot easier to create now?
The syncing experience since at least 6 has been spotty between my Windows client, my iPhone, and my iPad. I can't tell you how many times I've had to reset a password because the device I was on didn't have the current gibberish password. Maybe I'm holding it wrong, but using the create login -> password generation bit does not sync at all. There's also the issue that every time I shutdown my Windows PC, I am greeted with an alert that AgileBits.1Password (there's another dot-separated part in the name as well, not sure what or specifically where) there was some issue in it that I have to close to shutdown.
With all that being said, I don't think Agile Bits is a bad company or that the subscription model is evil or anything of that nature. I think they're pretty decent people that are trying to keep the company profitable and alive. Paying for updates for password managers probably isn't the sexiest business model on either side of the equation. I would prefer that once I pay for it, it could function at that level (with maybe bug fixes) leveraging DropBox, iCloud, OneDrive, whatever, but I also understand they felt the need to cut it off and keep it relatively simple. It just isn't for me anymore.
One of the primary reasons we built 1Password memberships was because of difficulties faced by customers in syncing with 3rd party services, and difficulties faced by our customer service team in troubleshooting those services (often black boxes).
Ben Woodruff
AgileBits
I feel what galls people is that we buyers have nothing to show after ending a subscription, especially if we are not using anything “servicey” about said subscription.
So I hope this just means I’ll shell out $50 or so and be done for a few years? If so, then great.
> Those of you with a standalone license for version 6 will be prompted to subscribe or purchase a license when the beta first opens. Licenses will be available for $64.99 when we launch later this year, but are available now for only $39.99.
People were confused. A lot of them purchased both. Most of the population is different from technically savvy HN users.
There's also a Windows version now.
Then why use it? That seems like an important detail for a password manager.
I thought about BitWarden but I don't really like its technologies. It uses .NET for server which is not very native for Linux. It uses JavaScript for client which I don't like at all. I wish it used something like Go or Java for server and .NET for client.
So far my primary candidate to switch is KeePass. I don't like it a lot, but at least it works and it's reliable.
If you have a problem, please do not hesitate to send us an email or live a message in our discussion forum: https://discussions.agilebits.com/
We do our best to reply to every message in 24 hours
In any case, I try to get family and friends to use a password tool like 1Password, Encryptr, etc. It drives me crazy when people re-use the same low-entropy password for everything.
So mainly, the issue is how "hard" they make it to find. That, and the 'dont be evil, but hey, we changed our minds a bit' aspect to what was said in the past and now emerges.
The APP store doesn't help, but I think its ass-backwards to use that to "sell" the subscription model. Honestly? I could come into this now and not care, but as a licence holder, the way its being done irks me.
Just make it easier to find the licence option on the web page and in your apps, and I'll be good.
If we make it easy to find it will cause confusion for users about which to get. When we did this in the past we had a lot of users who thought they had to have both and as such would purchase both. This led to a lot of refunds on our part and explanation for which they should get.
Turns out most users are perfectly happy and will benefit greatly from the subscription side. This site and a couple of other places being the exception to this as many of you seem to prefer licenses which means this aggravates you all, but for the average person the benefit greatly from the subscription side and it's the one they often choose when we explain the benefits of each.
So making it easier to find puts that problem back on the table and quite frankly, it's something I'd really personally rather not deal with like before. It's easy to say differently until you have hundreds of users at any given time looking for help with what to buy or you accidentally find out they purchased both while helping them with some other unrelated thing.
The Mac App Store makes sense for subscriptions though. They will always have access to the latest version so long as the subscription is active, so we don't have to deal with upgrade pricing there.
For license users though it's not as clear cut. We can either issue a new app each time but we can't advertise the new version in the old version (rules) and this will end up with a lot of users not knowing there's a new version out. Subscription users will also have to upgrade manually each time and that's not convenient for them at all given they're entitled to that new version as part of their subscription.
We're trying to make it easy, though it's going to be difficult this time because we do have to get license users to switch entirely to our direct download version.
Once this is done though, subscription users can use either or, whichever they want.
License users will always use our direct download version.
When an upgrade comes out our subscription users will always be upgraded to the latest version without issues. Our license users will be prompted to upgrade or be informed of the upgrade in some way.
This is how it should work, unfortunately it was not possible to do this for the Mac App Store so we had to make changes there. Perhaps things change with the Mac App Store in the future and we can bring back both, but for now, this new method we're using provides the best user experience for both sides, once the switch is made.
I'll be the first to admit I hate removing choice from the equation here, and I hate that we have to get users to do work in the first place. But sometimes there are things outside of your ability to control and this is one of them for us.
Hope that gives some additional insight that wasn't present in the blog post though.
Kyle
AgileBits
Ben Woodruff
AgileBits
Pretty unhappy about this, I make it sync to iCloud because it's basically the only cloud provider I somewhat trust.
I do not want a bloody 1Password.com account.
How do I now know they've really deleted my data slurped into 1Password.com?
I will miss the iCloud-sync and the convenience on Apple-platforms, but I seriously believe that a change is forced.
Ben Woodruff
AgileBits
I lost my interest in being their customer. They did offer my a 1yr subscription for free, but by then I had wasted hours trying to get a new install to work and had lost my goodwill with the product.
On Android if you uninstall an app before 2 hours after buying it, you get an automatic refund.
But what is the upgrade path for futures versions of the iOS client if you choose not to subscribe?
Ben Woodruff
AgileBits
$10 once for mobile devices, free everywhere else, can use Dropbox/iCloud/Google Drive for password storage, no need for any subscription whatsoever.
And it can seamlessly import 1Password databases.
On one hand, password managers in browsers are becoming nearly good enough to cover for 80% of my use cases, and most of the other 20% boil down to convenience (ease of pasting, updating, etc.)
I don't like the idea of being forced to move to a subscription on my Mac and on iOS for diminishing returns in feature improvements -- and I've been using 1Password for many years now, so the need to finance new features is something that I understand but have seen little return from.
By all means ensure you can sustain revenue, but beware of inflated subscription prices.
(I've been keeping tabs on alternatives for a while now, so I will likely not upgrade to 1Password 7)
What. I'm using 1Password 7 with a standalone license. I installed the beta, paid the $40 it cost for a license, and it works fine with iCloud and Dropbox same as always, I moved right from 1Password 4 and the only change I did was to purposefully force a resync so that all shared keychains would be updated from the ancient format to the newer one (if you were on 1P6 that wouldn't be necessary).
I'm not a fan of their subscription efforts because I think it's actively subtracted from what they could have done for the standalone version, and I don't think they've been fully honest about it which absolutely rankles. They talk big about benefits but they don't actually acknowledge costs or the profit motive. Even so there is a really oddly high load of objectively, trivially disproved FUD swirling around these HN articles about them now and I don't fully understand why.
At least in the case of 1password the rate isn’t usurious, but the biggest problem they have is due to a business decision to make the product dependent on a SaaS-like service delivery model.
Are you sure about this? My understanding is that they will support other places to sync, like iCloud, as in previous versions.
It's not cheap but it works and afaik it's secure (esp with the Yubi).
What do you mean by "only sync using their back-end"?
I really don't see what 1pass does better than LastPass. LP has a bad security reputation but other than that it's much more enjoyable to use
https://blog.agilebits.com/2017/11/13/1password-x-a-look-at-...
I also tried using multiple vaults for reasons I can't remember, but that was just annoying, so eventually I just simplified.
> I really don't see what 1pass does better than LastPass
> LP has a bad security reputation
You can emulate upgrade pricing via bundles.
If you sold V1 for $5.00 and then you want to sell V2 to new customers for $5.00 but existing customers. You can bundle the two versions for $8.00 and in the description for V1 you tell them that version 2 is available and don't buy it. You tell customers that have bought V1 already to get the bundle for $3.
But if you ever want paid upgrades or you are already a well known app -no.
For instance it wouldn't make any sense for MS or Adobe to be in the Mac App Store.
Ben Woodruff
AgileBits
Ben Woodruff
AgileBits
So Apple could easily make it much better but they haven't.