What is the future of local/standalone vaults?
Comments
-
@brank, While most people probably do not have a dozen logins for the same website, a lot of people do have multiple logins for some websites. My parents are elderly, so I manage a lot of their stuff. That results in multiple logins for many sites.
There is also the never-addressed issue of subdomains. Synchrony, which issues a lot of retailer credit cards, has different subdomains under syncrhony.com. Just using the autofill, I am unable to differentiate the login for one Synchrony card from another, so the Share Sheet extension allowed me to show the individual entries.
Had AB given us notice, we could have saved the .ipa for 7.7.8 and used that for as long as it remained functional. (Even then, there’s still the annoyance of specifically not updating that app either manually or automatically. That’s why a separate legacy release would be better.)
0 -
I would also pay a yearly subscription, but PLEASE let me keep and WLAN-sync my local fault. I will NEVER ever upload my most private secrets or passwords to the cloud - no matter how secure you claim it is. It doesn't matter, its just a bad idea and there is no need to put it in the cloud. Let me pay your subscription price but please let me keep my data local. Thanks!
0 -
I agree 100% re: clouds. If you just want to keep your data locally, why even buy a subscription? Just use the standalone version.
0 -
I am a CISSP. Cloud-stored vaults is insanely risky. Also agree that if you're keeping the data locally, then subscription model makes less sense.
Which is exactly why they eliminated the self-hosted local vault since they don't want to sell stand-alone licenses anymore. Which is odd how the retort is "but look, it's so much cheaper to have a subscription because 50% off the first 3 years is less than you'd pay for a standalone license!"
Well if you're making less money this way, why did you switch to subscription model?
And when I reached out to 1password customer service to complain about this a few months ago, I was made to feel like an idiot for not understanding how secure their military-grade encryption is. I should turn in my CISSP.
0 -
This content has been removed.
-
This content has been removed.
-
@secuity_guru - not sure if you've read through this thread, but if not, dteare outlines in this earlier post that local vaults (and WLAN sync) are gone and will not be returning. We're glad to have you as a customer and user of 1Password, and we're happy to hear you'd be willing to purchase a 1password.com membership, but I want to make sure you're not operating under a mistaken impression that this is or will be a feature retained or restored in upcoming versions. As Dave mentions in that post, we are currently still taking people's perspectives on self-hosting a 1password.com instance, if they're interested in that. But local vaults and WLAN sync as you knew them up to this point won't be a part of 1Password, moving forward. Hope that's clarifying at least. :)
0 -
People will just use older pirated versions of the software as a viable option for the local storage vault
I very much hope not; for the record, no one should use "older pirated versions" of any mission-critical security software, including OS, browsers and yes, one's password manager. If 1Password no longer fits your or any other user's needs, we would much rather they find an alternative, maintained solution and spend their money on that, than we would see anyone trying to find pirated or "cracked" older versions of our own software.
0 -
This content has been removed.
-
Even if they're not pirated copies, who's to say that 1password is mission-critical software or that it is needed.
@ttesty we can't make the judgment about whether 1Password is needed for a given person - that's of course up to them and their specific security and usability requirements. Everyone is different: some folks just need local password storage on one device, others need multi-device sync, or to be able to share with family or collaborators at work. Some people - journalists, activists, aid workers, marginalized folks of all kinds - need to be able to cross borders and access their encrypted data at their destination without worrying about that data being intercepted at a border. We built for that too.
In other words, users decide if 1Password is "mission-critical" or not. My own take is that in any case where you store the kind of information 1Password holds (or heck, that any password manager holds), that is a top security consideration, whatever your solution might be. Just my two cents. We do our best to meet this need at a high standard, and to do so in a way that is flexible enough to work for people where they are.
I hope that makes sense!
0 -
This content has been removed.
-
This content has been removed.
-
Like I said, takes one month to write a secure password store for production, and have it be secure for life
If this would be a good business what is stopping you from doing it? It sounds like you want pass. It makes no money, but it is a simple encrypted database for storing and retrieving passwords. It has no cloud login and no user forum! Perfect. Clearly that is not the business AgileBits wants to be in.
It's not rocket science.
How many successful password managers have you built? Were any of them profitable?
0 -
This content has been removed.
-
@ttesty - you're correct, there are plenty of other options available out there, and a number of them are even free of monetary cost to the user. We're quite aware of that when we make development decisions, as well as the fact that it's incumbent upon us to demonstrate to potential users what 1Password brings to the table that justifies its cost. We think 1Password has a lot to offer, but we're aware opinions - and requirements - will vary. If someone's main (or sole) criteria for evaluating password managers is cost, then it only makes sense that we're never going to be that person's choice since it's pretty tough to beat "free" on price alone. ;)
Similarly, if someone's main criteria is local vaults, or WLAN/Dropbox/iCloud sync, we're aware 1Password 7 is probably going to be that person's last stop with us as well, since none of those will be part of 1Password 8. We're never glad to see people go, but we encourage people to use whatever password manager makes sense for their particular situation, needs, and wishes. We hope that will be 1Password, but we understand no one solution will work for everyone. Stay safe, don't use old, pirated versions of anything that touches sensitive data, and enjoy your weekend. :)
0 -
This content has been removed.
-
This content has been removed.
-
old, pirated (or non-pirated) standalone versions are secure
This is hilarious if kidding and deeply troubling if serious.
the local password store option will remain sufficient for the masses
Which masses exactly? Most people want their data accessible on all of their devices whenever they pick one up without worrying about firing up synchronization before leaving the house. Subscriptions and cloud services are how that happens.
Again you seem to forget that AB exists to make a profit.
I'm very, very, VERY wary of software that demands a subscription
You are in the wrong place then. 1Password is a subscription, as Dave pointed out in a rather wordy reply to my inquiry.
0 -
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
Troll detected
I'm not the one proposing the use of pirated security software, regardless of the circumstances.
you could simply rsync through a secure reverse tunnel
Yes, clearly this is the best solution. You have got it all figured out, and surely AB will be defunct within the week once you put out your product that does this. Just one question: you're going to personally set that up for the masses, who have no idea what you said, right? That's rhetorical. No need to respond.
0 -
I apologize. I should have simply removed myself from this discussion rather than replying further. I let the nature of the forums with the ability to quickly retort get the better of me. I'm going to stop following this to avoid it from happening again. I sincerely hope you find whatever it is you are looking for, ttesty.
All the best.
0 -
This content has been removed.
-
🥱
0 -
This content has been removed.
-
Hi @ttesty
I hear what you are saying, I too don't like
- subscriptions
- forced to move to their cloud
- client using ElectronI think you might like the look of "enpass".
It's local vaults, does all the sync over wifi, multiple clouds and also local network mounts.
As a bonus, the iOS app also can sync to a network mount too!
They also have the option to pay for the software as a one off and not do subscriptions.0 -
This content has been removed.
-
This content has been removed.