Why can we not have an explicit statement about 1Password being a subscription-only service?
Comments
-
BTW no worries soon it'll he the end of passwords. Microsoft started it and Apple is thinking about it.
0 -
I suspect nobody at agile bits cares what I think, but...while I would have paid money (sub, yearly, whatever) in a reoccurring fashion for 1Password, I wont submit to being forced to use a web based 1password account for storage, if I cant control my vault, I'm out, that's all there is to it.
I hope that you guys will reconsider this, because I'm pretty annoyed just now having found out that I'm going to need to get a new way to store passwords.
0 -
Why would one want to store all credit cards, passwords, secure notes etc on unknown servers out there somewhere. I happily pay a subscription but only use local vaults that I sync over my own WiFi. Do I after all these years have to research other password solutions?
0 -
It's time to say goodbye to 1Password. I have been a loyal 1Password customer since Version 3. I have pushed lot of paying clients to you and I always recommended 1Password. I am really disappointed how this wonderful Canadian company turned out. :|
With the recent announcement to remove standalone licence, local vaults, local syncing and pushing users to Cloud only solution AgileBits lost a loyal customer! For AgileBits this seems like logical step to get ride off those annoying European customers who rather store their password locally on their network. AgileBits longer cares about pro users. I am moving away.
0 -
@dteare I came here to also express my view that 1PW7 will likely be the last that I pay for. I was open to moving to the sub if you continued to support local vaults. I like to be in control of my personal data. People want a choice in life, especially evident in today's climate with coerced vaccines/passports for example. Congratulations, you've just made the (non)choice easy for your most die hard, loyal customers who made you what you are today.
I've paid for licenses since v4 1PW for Mac, 1PW for Windows and I also paid for the pro upgrade to the iOS app. Clearly, I've been happy to open my wallet for a product that I deemed was essential in today's digital world. I have evangelised your product to friends and family - but no more.
As mentioned in this thread by numerous users, I feel you have been disingenuous about the true uptake of subs vs licenses. You and your team proceeded to obfuscate and hide information related to standalone license purchases, tucked it away in some corner of your website. I'm a 20+ year veteran of IT and even I had trouble finding this info when it came time to evaluate paying for the v6 to v7 upgrade. I get it that you and your company exist to make money - no one is faulting you for that. I just wished you were honest with us and not hide behind some bogus statistic. It's clear as day with all the comments here showing the same vein. I expect there will be more feedback to come.
If there perhaps comes a day were you review your product roadmap and decide to reinstate local vault/syncing thereby giving your customers a choice of WHERE they want to store THEIR data, then I'm sure most of us will probably return to the fold. Until then, adios amigo.
0 -
I would gladly pay a yearly subscription, but PLEASE let me keep and WLAN-sync my local fault. I will NEVER ever upload my most private secrets or passwords to the cloud - no matter how secure you claim it is. It doesn't matter, its just a bad idea and there is no need to put it in the cloud. Let me pay your subscription price but please let me keep my data local. Thanks!
0 -
This is insanity. I will never trust a single entity with my password data. The reason so many people went with the subscription is because you guys made it impossible to find a the page where you could buy a license. It had become an annual tradition of me and my dad to hunt down the page where you buried the license purchase
Don’t fool yourselves… security minded people will never be using your service. So incredibly disappointing.
0 -
Hi,
Similar to 1Password 7, will 1Password 8 support a one off license payment?
Kind Regards,
Jawad1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided0 -
Hi @jawad
On of our founders, Dave, has an in-depth answer to this and related questions, here: https://1password.community/discussion/comment/601917/#Comment_601917
I hope that helps!
Ben
0 -
When over 95% of our users voted with their money for subscriptions we knew we had our marching orders
As I remember it, the option to choose a license over subscription for V7 was well hidden. That might have skewed this statistic just a bit.
I wouldn't mind the subscription all too much, but I want to have a local vault and sync without using an online service.
It's been a great 11 years using 1Password. Maybe again some day.
David
0 -
Ok, so the TLDR:
- Standalone Licenses will go away with 1P 8
- Local Vaults will go away with 1P 8
While I understand that those decisions are what they are and won't change, I really, really, really dislike agilebits' PR stunts with like the mentioned 97% statistics and the extended warbling from "one of our founders". Telling me a gazillion random people do not have the requirements I do and therefore I must be wrong is not a discussion, even less a discussion worth having.
This BS marketing / borderline lying makes me lose all faith with agilebits, and since this modus operandi has been becoming more and more prevalent in the last couple of years (remember the promise local vaults won't go away? hiding the stand alone 1P7 so it took about an hour to find?), I'm afraid it is already too late at this point in time: the trust built over the last 10 or so years is gone. I personally will use 1P7 as long as possible (because, honestly, that software is really awesome! it really is!), but then we'll part ways.
0 -
If somebody manages to put a backdoor into the client, it doesn’t matter anymore where your data is stored, it is game over.
This is not true. The end user will always have the most control by storing their data locally and implementing security measures on their own local machine and network, which could include using firewalls on the machine and/or network. In this case, a user could set up their firewall to block uploads and only allow downloads from 1Password/AgileBits, in which case their data would still be protected, even if they downloaded and installed a compromised update with a backdoor built in.
For something like a password manager, you trust the company that it isn’t a fraudulent enterprise in the first place, that it doesn’t lie about the security architecture of its product, that it doesn’t have any security relevant bugs and that it has sufficient measures against insider attacks.
It has been established that the United States government has secret courts that have the power to force technology companies to not only comply with their demands but to also gag the company from disclosing that they have been forced into such a situation. Therefore, the safest solution for the end user is to assume that the company and software that they are using is compromised, to not trust the company, and instead do everything within one's own power to protect oneself. This power and ability is now being stripped from the user by 1Password's new policies. Many people like myself picked 1Password years ago because AgileBits was not asking for trust in this manner. Now, it is game over with 1Password for those of us who have such requirements, and time to move on to a software provider that empowers the end user to store and sync their data how and where they wish.
0 -
6 years ago I write a little article for an AU tech mag titled “SaaS Password Managers are a self-contradictory absurdity” (https://www.itnews.com.au/blogentry/saas-password-managers-are-a-self-contradictory-absurdity-405302).
At the time it seemed like a fair analysis of most of the web-centric password managers out there, although even at that point I knew Agile Bits were pushing beyond this simple web-centric model by leveraging the magic of cryptomath and client-side decryption of credentials stored in the cloud. However my fear, at the time, remained: it’s the cracks at the edge of the system, the 3rd-party software that comprises so many of the ‘moving pieces’ of a SaaS service, that still left me with a clear “Nope Nope Nope” mandate when it came to where I stored my 1P vault, preferring the simplicity of “trusting the math” of locally encrypted credential files/folder (the agilebits vault), and thus confidence in then syncing that via an independent cloud sync service.
Then came 1Pv7 and the compelling of users to sign up for subscriptions. 96+% of users may well have done so, but I was amongst those who spent a ridiculous number of minutes trying to work out how to get an upgrade license to v7; you all went out of your way to make it as unlikely an outcome as possible.
As it turned out (a) my husband had setup a family account for he and his, so it was there for me too, and (b) self-hosted faults were still supported, so I begrudgingly entered his family account but continued with our self-hosted vaults.
Today’s the first time I’ve had to sign up for 1P forums; never have I had an issue nor felt any need to do so, after 12+ years as a happily paying 1P user.
Honestly the additional features you list for 1P.com aren’t compelling to me personally. I’m amongst the ‘techies’ who willingly take responsibility for my own data. I also understand that at some point, we techies and our concerns no longer represent a proportion of users who make a compelling business case to still be supported in the ‘oldskool’ ways we’re used to, and further acknowledge that that’s been in no small part thanks to 1Password’s existence and growth and leadership.
I know a lot’s probably changed since I wrote that 2015 article, in terms of crypto & system-level techniques for minimising attack surface. But I count myself amongst those currently teetering on the edge of walking away for an alternative that doesn’t compel me to store my credentials in a cloud service I don’t control.
So my question to you is, can you please point me to any blog post or other 1P publication which might elucidate on how 1P.com handles encrypted credentials and alleviate my concern that storing the keys to my kingdom in your kingdom is no longer as riskier as it was just 6 years ago?
0 -
Then came 1Pv7 and the compelling of users to sign up for subscriptions. 96+% of users may well have done so, but I was amongst those who spent a ridiculous number of minutes trying to work out how to get an upgrade license to v7; you all went out of your way to make it as unlikely an outcome as possible.
It's easy to make 96+% sign up for a subscription when you hide the licence option 5 pages down and make it not accessible from the app, only available directly from the AgileBits website and not from the App Store that you've been purchasing for the last x releases. I am pretty sure that does not count as informed consent.
I bought 1Password all those years ago precisely because it was not a cloud based system, didn't suck my passwords into a vortex that I knew nothing about, smiled smuggly upon learning of LastPass's security breaches knowing that it was less likely to happen to my locally controlled passwords.
Likewise whatever new functionality added since v3 when I bought in, if it was beyond creating a password or a OTP code then I was not using it. I had bought a product that did the bits I needed it to. Agile Bits now seems to think it is a service provider. We are therefore in dispute as to what we think we are negotiating for.
It was handy while it lasted but I suspect that Apple's recent updates to password management are just the start.
0 -
This is just sad, I've been a loyal customer for years.
The standalone app is essential for me and my work.
As of this writing you may say I am part of the 3% of users who want standalone (97% want web-based), but it is VERY clear I am part of majority, the over 80% of vocal users, who actually want the standalone option.
No standalone = Goodbye.
0 -
Dave Teare, in an email to me in 2017;
"So first things first, I know not everyone wants to use subscriptions and that's why we are NOT forcing it upon you."
Dave Teare, 2021:
"Screw you, loyal customer! I'm not interested in meeting your needs because you are not important to me!"
I don't want a subscription. Everyone is sick to death of subscriptions. I need a new subscription like a I need a hole in the head.
I don't want to trust you with hosting my passwords. That has been disastrous for numerous companies in the past and while I generally hold your engineering in high regard, it is obvious stupidity to trust a company to host all of your passwords.
I've been happy with your service, but since you're giving me the finger in pursuit of higher profits at the expense of customers, it's time for me and my family to look at other options.
I bought 1Password 4, 1Password 5, 1Password 6, and 1Password 7 on multiple platforms. But now I'm spending the evening evaluating BitWarden, Passbolt, VaultWarden, and others in this space.
0 -
I’m going to give my thoughts, I also have been using and buying a license for 1password since version 5. I’m not going to go for a subscription. For the same reasons I didn’t with Adobe and Fantastical. I use other non subscription software now for those. To be honest as I mainly use Apple products their password manager is very good. I will continue to use my 1password 7 until it no longer works, I would be interested in buying a license for the next version . But im not going down the subscription route.Regards Ttony
0 -
I'm sorry to hear this, Tony. I hope we can win you back some day. 🙏🏻
Take care and stay safe out there. ✌🏻
++dave;
1Password Founder0 -
"The overwhelming majority of people (97% in fact) choose to subscribe to our new service and many of those who initially purchased a license later changed their mind and traded it in for a membership."
It's farcical if you truly believe this. The website never showed an option to purchase a lifetime license. I, myself, had to contact support just to check whether you were still offering this. If you hide something that well, of course the alternative option appears to be more 'popular'. Disgraceful to use such manipulative tactics to prove a 'statistic' about which was more popular.
0 -
Lost another loyal customer here. I've been with 1Password since the very first public release. When my previous employer switched to Last Pass, I held the line and kept using 1Password, and was vindicated after several Last Pass breaches and the employer's eventual return to 1Password with a requirement to use local vaults. I now work with DoD parters, who strictly prohibit cloud-stored passwords. I have no problem paying a yearly subscription for this excellent software, but local vaults are a hard requirement for me. I'll get what I can out of 1P7, but once local vaults are gone, so am I. Maybe it's time to introduce a new, better password manager to the market myself.
0 -
I was fond of 1password, it became my favorite app since 2010 (v2.4).
But I refuse all subscription app.
I'm sad to say that I will quit also. Farewell0 -
Robinhood data security incident exposes personal info of customers. Unfortunately, this is not an uncommon event with companies. Why are we suppose to believe that 1PW vault is more protected??
0 -
@MikeV99 The difference is 1Passwords security by design approach. In short: 1Password does not has access to our data. Even if there is a breach, the way our data is encrypted protects it from brute-force attacks and decryption.
This is, because 1Password also doesn't store the password or Security Key on their servers. Instead the authentification is happening via Secure Remote Password where the Primary Password and Secret Key are never send over the network. Instead a set of complex math is used on your PC and on their server to register, authenticate and verify each other by independent and different calculations. This Medium article helped me to understand the SRP protocol better.
Of course this relies upon trust to Agile Bits and the external audits. Your security model might not be compatible to 1Password, and that is absolutely fine.
But is important to understand that the breach of Robinhood and a potential breach of 1Password are very different.
And besides everything, I too support that local vaults stays and that there are OnPrem solutions that are available for private users.
0 -
@Damnatus Thank you explanation. My post was intended to point out that what is designed by man can be broken by man. Unfortunately, data breaches occur on a regular basis. Further a 1PW breach could occur and we might never know about it. Will 1PW give me a $1M insurance policy that guarantees their security system will never allow my data to be compromised? I am confused why 1PW is so insistent to have control of my data.
0 -
1password can quote whatever 95% prefers subscription statistics that we can't verify. The bottom line is choice. Agilebits is taking away our choice. So I choose goodbye instead.
0
![[Deleted User]](https://wf.vanillicon.com/v2/fcae63a854a66cfed731ddc95dd5bf68.svg)
