The future of local/standalone vaults
Comments
-
The obvious truth here is that moving to an online service has nothing to do with wanting to make life easier for your customers, because the easiest thing for them is standalone vaults that are synchronised over a service of their choice - such as Dropbox, which has always worked flawlessly.
This is simply wanting to charge your customers over and over instead of just once. You've seen some other companies turn their standalone software into "software as a service" and you want some of that pie.
What you've neglected is the fact that many customers are not at all interested in "software as a service". I see it all over the forums here and I feel it myself. I don't want to be locked in to a service and I don't want to pay for my software over and over forever.
So count me as another user who will be migrating to an alternative.
0 -
When I migrated to 1Password 8 the migration stated it was not going to migrate local vaults. Now all the data I had in my local vault is in your storage server. This to me is unacceptable.
You must understand that some of your customers have policies that prevent us to store data outside our own servers. Did you consider this scenario?
Please bring back local vaults and use a manual backup and restore process for migration so user is fully aware that the local data is being moved to your storage servers. Geez!!
1 -
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
Hello Dave,
I love being able to keep shared vaults synced with my family.
These contain common accounts, family software license and other non critical information.While me, my wife and both my father and her father all use local vaults for such critical information such as bank logins, IDs and so on.
Without local vaults I'll have to move to another software and ask for a refund to all my unused credit.
A final note, just because something is popular doesn't mean it should be the only option.
If instead you are trying to say that you want to maximise profits to follow what your investors are asking, and local vaults are not a money making feature, just say so and we can all be on our way.
This info from Wikipedia seems to show that you have quite a few investors, are they calling the shots?
"In January 2022, 1Password raised a $620 million Series C round, the biggest funding round in Canadian history, led by Iconiq Growth, increasing the company's valuation to $6.8 billion. Notable individual investors that took part in this round were Ryan Reynolds, Robert Downey Jr., and Justin Timberlake."Thank you for over 15 years of quality software.
0 -
Hello, there has been an awfully long debate about local repositories, of which I myself am a proponent. There is an online form/survey, but nowhere have I seen a final conclusion/decision. So will there be a self-hosting option or not? Could I ask someone on the team for an official answer?
I think it would be fair to decide this topic once and for all and make it clear to everyone which way 1password will go. If online, a lot of users will definitely opt for the alternative and start actively pursuing it, if there's a local storage option (and feel free with a monthly subscription, it doesn't really matter) then hooray we're staying.
Please, make it somehow definitive - now.
Thank you, your so far satisfied long-time 1password user
0 -
To the previous comment, please see this 1Password reply where they said that 5K+ users requested standalone vaults (and they suspect the real number is 10x that) and how that still wasn't enough $$$ for them to care.
In my opinion, and take this with a grain of salt as I obviously can't speak for 1Password, I suspect they were riding high on the covid profits like most tech companies and could afford to ignore paying customers like us. Now that the covid remote-work boom is over, thousands of employees are losing jobs across the tech industry and, who knows, maybe 1Password will eventually want our money after all.
I'm not waiting around. I've done a lot of homework comparing and settled on migrating to Apple's native Password manager (keychain). It has a CSV import option, can still do things like one-time passwords, and I'm not at the mercy of a third-party app. Just don't enable iCloud sync and then you have a standalone password manager with no online syncing. It's more clunky for sure but not as bad as other apps I've tested and I'm avoiding any companies with known security breaches, like the big LastPass news or KeePass master password leak. Ultimately, I'm ok with Apple's keychain having less bells and whistles in favor of keeping data offline.
If anyone at 1Password still reads this thread, I want to be clear that the subscription pricing was never the deterrent. I would've paid 3x the amount you're asking but I'm never going to store passwords online, period.
1 -
After so many years of discussions and so many replies, I believe very few things have been left unsaid. When all things are said and done, it's just about whether AgileBits will think it's worth their while to invest time and resources in reintroducing support for local vaults.
Although since the introduction of the mandatory subscription model, I have moved on to a competitor offering which I self-host, I have never forgotten 1Password and routinely return to the forums to check on its status and development. I have completed the self hosting form, I have enquired about the current status several times in the past and although I don't kid myself about what the chances are, I choose to remain optimistic.
I never willingly left 1Password; AgileBits just took 1Password in a direction that did not meet my needs and requirements. I keep hoping that one day I will visit the forums and see an announcement for a self hosted application with a traditional licence model (or even a lifetime option). Oh well...
2 -
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
This content has been removed.
-
If anyone at 1Password still reads this thread, I want to be clear that the subscription pricing was never the deterrent. I would've paid 3x the amount you're asking but I'm never going to store passwords online, period.
I want to +1 this comment. I'm still using 1Password 7. My resistance to 1Password 8 is entirely about the requirement to use your backing service. I'm fine with a subscription (though it's exhausting how many subscriptions I'm managing these days).
But, after all of the venture capital you've taken, I feel the need to defend myself against short-sighted investors who only care about the next quarter, or about the stock price this week. There are too many examples of companies that become hollowed out husks in service to investors, etc. I don't want you to have my passwords, even if (you say) you can't read them.
1 -
I just submitted my own reply to the survey. How is self-hosting still not even on the roadmap? How is 5K users that actually replied to the survey (as of January 2023, a whole year ago) not enough to show there's more than enough interest in this feature that it needs to be prioritized yesterday and implemented as soon as possible? (Especially when you consider that getting people to fill out a survey at ALL is an achievement?!)
I'm not asking AgileBits for magic. I'm asking that they take the feedback of literally thousands of users and act on it so as to keep their customers safe.
@dteare if the security of your customers is the company's top priority (which you claim is the case, and I BELIEVE you when you say it), then please put action behind those words. Get self-hosting on the roadmap no later than the end of first quarter of the fiscal year, and get the feature built and launched before the end of the fourth quarter. That's an entire year to get this feature built and tested. If that's not enough time, please give a thorough explanation as to why that is the case after you get the feature added to the roadmap, and then include a timeframe re: when people can expect the feature to be rolled out to customers.
I wish I'd known this survey existed a year ago (or even two years ago, when the question about self-hosting was initially posted to the 1Password sub-reddit, which I wasn't aware of at the time either). That said, if 5,000+ users isn't enough interest to make the company act on building the feature (let alone the 50k+ that you are apparently assuming is closer to the number of interested individuals based on your 10x rule), I suspect that even if I had known, my own survey response wasn't going to move the needle in the slightest. I cannot believe 5k+ users is not enough to spur action for this company, and I really have to wonder if AB's first priority is really the safety and security of my family and I and not - ya know - profit.
BitWarden, VaultWarden, and GoPass are looking better and better by the day. I truly hope AgileBits can win back some of the lost trust here by getting Self-Hosting onto the roadmap sooner rather than later. If not, it'll be the third 10+ year business relationship I will have severed in the past year because of a lack of respect for the safety and security of my family.
1 -
Hi Dave. I'm sorry that it took two years to find this thread. So, I've been using 1Password since version 2. I'm a cybersecurity and IT senior spec and understand the motivation to move on from local/standalone storage.
I've been following Agilebits since the beginning. I've been using 1Password for a long time, as well as Knox and other stuff you guys did. I always trusted you and the information you published in the blog to decide to keep using 1Password during all these years. I know that I avoid headaches by relying on you guys and not using other solutions like LastPass.
Right now, more than ten people from my family use 1Password, and for more than a decade, I have recommended hundreds of customers to you.
I'm not repeating all the yada-yada from all these comments are already done. I'm just sad about this decision. I've been using third-party storage because my data will be safer if not stored by the company that develops the software that encrypts everything. That's the reason that I use 1Password for anything. By removing it, we must trust Agilebits more than we are trained to.
I'm also sad that, somehow, you are turning your back on the first and long users that supported you to become a large company. Unfortunately, that's common these days. I thought (maybe hoped) that it could be different with 1Password.
I want to end that with a question. I'm still using version 7 and would like to know if security issues will be fixed over time or if you recommend migrating out of it. Thanks for everything, and I wish you the best.1 -
According to the Jan 2023 post, the self-hosted survey had gotten 5000 responses as of the time of that writing and they assume a 10x factor which would be 50,000. If that is not enough for 1Password to consider self hosted vaults, then what is the survey response number that will move this capability higher on the priority list?
0 -
Also curious to know what the survey response count is now.
0 -
No response from 1Password team nor traction on standalone vaults.
0 -
This content has been removed.
-
Hello @dteare and everyone.
Admittedly, I'm new here and new to having a homelab server. I came across 1Password when I was looking for alternatives to self-hosting bitwarden or Vaultwarden. I came across this thread today. Too bad there hasn't been an update in over a year.
So, just to weigh in on this (and, maybe Dave will see this), with the hacks that have happened to LastPassword and bitwarden, using a cloud service for managing passwords for our family in the cloud isn't very appealing. Plus, the cybersecurity professional in me just doesn't trust it (sorry). But I'll also add, there are a lot of subscription servers now. At least for myself, I'm suffering from subscription fatigue (my term but I read it somewhere as well). I just don't wanna pay another subscription as it adds up over time. LOL!
Anyway, while I know the interest in self-hosting 1Password probably isn't in the millions (frankly, it never will be), hopefully, I can add one more vote to get a 1Password CE (Community Edition) off the ground. Even if there is a one-time license fee to unlock all the features and included support, I'd be happy.
Hopefully, a 1Password CE edition is still on the minds of the 1Password Powers that be.
Thank you for your time!
0 -
Still no update?
0 -
@Tenchu81 don't hold your breath.
No answer is still "No".0 -
Sorry to bother you again @Lars ,
are there any updates? It has already been a while since there has been any news about the self-stored desire.
Another thing that somewhat got a bit more relevant in the past is.. let's call it attack surface,
the more valuable data sits behind a given endpoint, the more desirable it is to find a way to get something out of. It's of course a bit of a "security by obscurity" measure, like not so many will expect a 1Password endpoint behind some random fqdn, but it's still an valid point to lower an attack surface.
Additionally when self hosted I can place a firewall in front and lets say block all countries I will definitely not connect from, or even a more intelligent one to detect actual attacks.Thank you for still listening to our needs!
Looking forward to any updates.
Cheers lumarel0