Local Vault

Ben

@mikebore

We can't control what other apps can import — that would be on the developers of those apps. That is the intention with 1PUX though, yes. We have created documentation that should make it relatively easy for any 3rd party solutions looking to support importing 1PUX into their products:

About the 1Password Unencrypted Export format

Ben

mikebore

Thanks Ben. How does the 1PUX file relate to the 1pex format you mentioned in this thread:[https://1password.community/discussion/comment/624218/#Comment_624218]

Ben

1PUX is unencrypted. 1PEX will be encrypted. 1PUX is the correct solution for moving from 1Password to another password manager.

Ben

mikebore

Thanks.

Ben

You're welcome. 🙂

Ben

blaukraut

Now that 1Password 8 finally pulled the trigger on local vaults I actually decided to move on and got Enpass. I am sad that 1 Password changed their view on local vaults. I really appreciated the app and say thank you for the past 12 years. But I figured now it's the right time to say good bye.

PeterG_1P

We appreciate the note, @blaukraut, and thank you for your support over the long term. We hope we can win you back some day! Stay safe and best wishes from all of us.

odupuy

@Ben @PeterG_1P @Jack.P_1P

• I use 1P on multiple PCs, iphone, ipad, all the family has it. I have used it for years.
• I have used recommended 1P around me for years to friends and colleagues. I give demo to people around including co-workers, new hires, strongly advocating it, specially because my company does not want credentials stored or synchronized in the cloud.
• 1P team is also not an option for these reasons. Local (non synched) vaults have been an option to comply with this company policy.
• While helping a coworker today, I have realized that she used 8 vs my 7. We then realized that local vaults were not an option. I could not give her a copy of my sharable local company passwords as a local vault. She will never be able create a local vault. We had to switch to v7. **This is a HUGE DISAPPOINTMENT. **
• I have given my feedback on the page for the potential 1P team hosted version. One is needed for sure. More than ever.
• I have read all of the above corporate arguments from 1P to abandon local vaults, and I simply don't buy them. Many of us professional users have a perfectly valid use case for local vaults. And I accept the manual backup need, because you local vault is not synched.
• If there was an hosted 1P team version, you could imagine to drop this local vault feature after a couple of years maybe, the time to convince the CTO/CSO to buy it. But now, without alternative solution, NO !!! And if there was 1P team hosted, I would be the first one to push it to the security teams.
• I have really the feeling that 1P let many of us professional users fall down by shunting local vaults. And this has nothing to do with subscriptions. With v7 I have local vaults and a subscription.

If this is not remediated, I will simply need to use, and recommend the product from a competitor. Listen to your customers. If you want to introduce changes, bounce them to us for feedback.

Realize that you created a problem. Please, put this back !!!

foolioCA

Add me to the +1 of those that are extremely disappointed to learn that local vaults and particularly those that are sync'd via WLAN is being removed. I was okay with licenses due to family plan and continued development and improvements in the product. Now you want to charge us for functionality being removed.

We have all been victims of people touting their security in the cloud and some of us have been victims of identity theft from breaches of credit unions and other places. Those that have been using this product for so many years are clearly security aware and conscious. The work use case applies to me but more so my personal things. I have simple shared accounts stored in the cloud but all of really sensitive info (drivers license, SSNs, and mostly financial logins) are sync'd via WLAN between my phone and personal laptop (not my work laptop). There is no way in hell that will be migrated to the cloud. I would say if 1password guaranteed to reimburse from losses due to a breach but it would be impossible to prove as well as bankrupt the company with the magnitude of users. Yes I have read and understand your private key logic and I understand the technology. But it doesn't convince me to take an unnecessary risk due to another companies selfish or poor business decision - it's just not worth it.

A standalone local vault is less work to maintain - it's absurd. WLAN sync has worked flawlessly for me - can't imagine it's that much support but even if that alone were removed I might begrudgingly deal with it. Add me to the list of people that will limp along on the old versions while looking for a more reasonable security conscious app and then migrate.

Disappointed.

PeterG_1P

Hi @foolioCA, thank you for this post. I'm afraid that if standalone vaults are a must-have for you, then we're at a bit of an impasse.

We made the decision to move to the 1Password.com model for a number of reasons - including an increased ability to add more security-related features and better support folks who have encountered issues.

While we'd welcome your input on the self-hosting survey, the days of standalone vaults (or syncing to third-party services like Dropbox) aren't coming back. We had the chance to create a dedicated security architecture, greatly improve the functionality of the apps, and provide better support, and we took it.

To address a specific point:

Yes I have read and understand your private key logic and I understand the technology. But it doesn't convince me to take an unnecessary risk due to another companies selfish or poor business decision - it's just not worth it.

I think it's worth saying for anyone who's following along that the elements needed to decrypt your data are still stored exclusively with you. We never, ever have access to your account password or Secret Key. While I respect your decision not to put some or all of your data in the cloud (it's your data, and your decision), I'd be interested in what the specific concerns are around this - how should an attacker break strongly-encrypted data without access to the keys that only you, the local user, have?

I am sorry to learn that you're disappointed with the direction we're going, but these decisions were taken with an eye towards usability, convenience, and (very importantly) security. I hope you'll stick with us, but if not, we wish you all the best, and safe travels.

Lefeot

Wow. This sounds arrogant. Thank you very much for not listening to your users.

PeterG_1P

I'm sorry if it sounded that way, @Lefeot. It's not my intention.

We take a lot of feedback from folks here, much of it passionate, and I do my best to both advocate for 1Password users and assist directly with issues folks encounter.

Out of respect for the community (including folks who may disagree with us) I want to be clear about what we will do, what we'll consider, and what we're not going to do. Standalone vaults aren't coming back. That's an intentional decision we've made for reasons I've detailed and linked above, and which others, including our leadership and security specialists, have discussed in these forums at length.

I mean only to convey this in terms of genuine respect, but the decision is set.

cuttstjrc

That's very disappointing. I've just joined a new employer (one of the largest in the world), and their policy also forbids me from using 1password without a local vault. I've been a loyal 1password customer for many years, but this is the end for me. There's no point in my having a password vault which I can only use on my personal devices. I'm with the others, I think this is a very unfortunate decision, and is going to lose you a lot of customers.

I note enpass.io seems to work the way 1password way of doing things; no sync by default, and sync using whatever cloud storage you like if you want to. Looks like a good alternative, I'll ask my employer if they'd be happy with that. Oh, and it's cheaper than a 1password.com subscription, too.

Vulcano

Too bad.
That's the reason why I'm still using 1Password version 7. No upgrade to version 8 possible as I still use several local vaults.

TheChippy

Local vaults are an important must have for me. If those became unsupported in the iOS app I would have to switch to a different solution, which I would regret. Up to this point I really liked 1p.

odupuy

I already gave my rant upper and will sadly jump of the ship when 1P v7 will stop being supported. Is there an official end of support date for v7?

mickey9801

Sad to know that 1Password not to support local vault. I have a tutorial series about set up 1password local vault on NAS, in the oldest PC magazine website for Traditional Chinese user in Hong Kong and Taiwan for years, and recall the tutorial every World Password Day. I will remove the tutorial since you are not going to support that important feature. 1Password v7 is the best final version for me.