I use the standalone license on mac and iOS. While talking to support on a separate issue I had two rounds of strongly-motivated upselling on the cloud membership, offers of discount etc.
As far as I can tell this is a downgrade in terms of security. In order to log into the web interface I have to put all of the key material into a web form. This just seems like a really bad idea. I trust that AB are a reasonably sensible company and I think that trusting them is probably reasonable, but if I don't /have/ to trust them.. why do it?
If the website is compromised then all of the encrypted vaults are exposed - it would then be relatively simple for a motivated threat actor to steal the key material. This is not the case for the desktop or mobile apps, the application itself would have to be compromised which seems like a much harder thing to achieve.
Also OTP is a nice feature but it doesn't get included in the key material. With a standalone vault I can use a yubikey in static password mode to provide a huge blob of additional entropy to the master password.
I just don't see the point, it's more money for less security, but am open to being persuaded otherwise.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided