Why is membership / subscription model exclusive to 1Password .com?
Obligatory "I've been using 1Password for XX years."
I've read many posts and discussion here and on other forums regarding the transition to membership / subscription and 1password .com, and the planned retirement of license, standalone version, and vaults.
1password .com and the subscription model are always discussed together as if they can't be separated.
But I couldn't help but wonder, WHY?
For 1Password to continue to strive as a company, I can certainly understand the reason you have to go for a subscription model. Probably to your surprise, I'm actually not against subscription at all. Heck, I'm even subscribed to a clipboard management software (Paste app). I don't mind continued payment at all because continued development and maintenance do require continued resources. It's reasonable.
But WHY are we forced to use 1Password .com? Can't we just subscribe (with monthly or annual payment no less!) and keep the local / standalone / vault interface? Why is 1password .com required when I decide to subscribe?
Now, before any of you 1password Team Member show up and direct me to the founder Dave's post, I've read it, which is why I'm making this post.
I've read the post and another one Dave wrote. But it's just not adding up.
Dave mentioned the following innovations and new services that is not (easily) feasible on a standalone app / vault:
🔐 More secure encryption data format and authentication process
📱 Two-factor authentication (2FA)
👨👨👧👦 Teams and families and businesses
🤗 Securely share items
🕓 Item history
🧯 Automated data backups
💫 Account recovery
But WHY is any of these important to us? I don't care for any one of these.
Before you attempt to innovate, have you stopped and asked yourself if it's really necessary? Do you really need to re-invent the wheel?
Here are my responses to the 7 points listed above, one by one.
- How is 1password .com more secure than icloud .com or dropbox .com. Or, better yet, "no cloud"?
- Why would I need 2FA for a standalone app / vault!? You got this backward. You created a cloud service, so 2FA or MFA is a must for sure. You said 2FA is not possible on a standalone version, yeah, that's because it's by design not needed. Let me put it this way, you can easily have 2FA for a standalone vault, just make it 2Password instead of 1Password! How simple is that?
- I can't speak for Teams and Businesses but if 1password .com really help making those possible, well then just make those options exclusive to 1password .com. Why force individual users to do the same? Saying 1password .com is required for families is obviously nonsense. I've been using standalone 1password with my family members like a breeze. No need for no 1password dot com.
- Securely sharing items? I don't even care. This use case is so rare for me (and most individual users I bet) that it's simply not something worth mentioning at all. This should be one of the lowest priority thing.
- Item history is the only thing in the list that I think is somewhat useful. However, I have been happily managing item history for a small portion of my items manually for years and I don't mind continuing to do so. (Note: passwords history is already supported on the standalone version, so I don't see why 1password .com is needed to make this happen again.)
- Automated data backup is already happening and has been for years. What are you talking about? iCloud and/or dropbox syncs automatically.
- Again, if there's no "account", why is a recovery needed?? You got this backwards again. You added account recovery because you created the need to create an account (on 1password .com) in the first place. On standalone apps, I don't need an account. It's just a vault with a password and we're good to go. Syncing with cloud services is the only thing that's needed in terms of data recovery, which again, is already there and has always been.
Please tell me again? WHY is 1password .com needed? Because as an individual user, none of the reasons listed are relevant.
Don't re-invent the wheel.
In case it's not clear, once again, I don't mind paying for membership. I just don't see why we are being forced to use 1password .com when the standalone version works perfectly well.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Comments
-
Hi @vicjang:
Thanks for starting this discussion off. Something that gets tossed around often in information security is what's known as the CIA triad: confidentiality, integrity, and availability. Any security software or service has to weigh and consider those three aspects and how they interact with the users of that service or software. Your questions touch on each part of the triad, so I'd like to elaborate a bit.
Confidentiality
This one is is the surface level one for a password manager. If someone stores passwords in a password manager, they expect that their information is going to remain secure. 1Password.com (as well as .ca / .eu) are explicitly designed to store only 1Password account data, and we take that very seriously. Other syncing services aren't designed with this in mind, and additionally because they're not designed with this in mind, you may treat them differently. For example, while I'd never be willing to sign into my 1Password account on a device that isn't mine, I might be more willing to sign into my Dropbox or iCloud account on a device that I maybe shouldn't trust with access to my 1Password standalone vault. As for why we offer two-factor authentication for 1Password accounts, that was something people requested. It's important to note though that because 1Password uses an encryption-based model, rather than an authentication-based model, adding two-factor authentication doesn't add as much value as it might for an authentication based service. Two-factor authentication for your 1Password account only comes into play when adding your 1Password account to a new device. For the 1Password servers to authorize this sign in and send your encrypted vault data to the device, two-factor authentication is required. Once the device has been authorized, two-factor authentication is no longer needed.
Integrity
You're absolutely right that it's possible to share a standalone vault with your family, and so that it may not be necessary to use a 1Password account to share items with your family. However, when sharing a standalone vault with other people, 1Password has no way of determining who made a change. For example, if a family member were to delete all of the items in your shared vault, it would be significantly harder to determine who had made those changes. A vault on 1Password.com has the ability to distinguish who is making those changes, making it much easier to find out who deleted all the items from your vault. Because we control both the client and the server, we have a greater degree of stability, predictability, and reliability. Because standalone vaults are synced using an arbitrary file storage solution, we're not able to optimize the syncing. With a 1Password account, we have a single "hot path" that the 1Password apps can use to check for updates and grab changes as quickly as possible.
Availability
This is where 1Password accounts really come into their own. Secrets kept safe on a single device is great, but if you can't access it when you need it, it isn't helpful. We've helped far too many customers with situations where they had lost their 1Password standalone data. We want 1Password to be for everyone, and part of that is making it hard for people to lose their data. They're trusting 1Password with their data, and we want to make sure they can continue to trust us. If someone has their Emergency Kit and their account password stored safely, then even if they lost every single one of their electronic devices, they can still regain access to their 1Password account and start to rebuild. This is one of the reasons why we've moved away from standalone vaults in 1Password. There were simply too many ways to lose all of your most important information, and it became a non-starter for us.
Secure sharing is something we've heard lots of requests for. Prior to now, people were often sharing items from 1Password in insecure ways like texting or emailing directly to the recipient, and we wanted to offer a secure way of being able to share your secrets with people not in your 1Password account. As for account recovery, you're exactly right that it isn't relevant for a standalone vault. However, for a family or a business, there should be solutions to allow someone to regain access to their data in the event they forget their password. It simply isn't possible to offer that with a single standalone vault.
I hope this helps explain in a bit more why we like 1Password accounts so much.
Jack
0 -
Thanks for the reply, Jack.
Some of the points you made do make sense. I'll still need some time to think about all this.
I have two follow up questions which I'm sure many have asked before, so feel free to point me to a certain post if that's the case.
With 1password .com, do users still use a master password to access their data (vault)? If so, is this master password separate from the account password they use to log in on 1password .com?
What's the likelihood of 1password .com (and .ca / .eu) being compromised compared to icloud being compromised?
Thanks.
0 -
I hope that you don't mind me stepping in to answer your questions while my colleague Jack is away. 🙂
With 1password .com, do users still use a master password to access their data (vault)? If so, is this master password separate from the account password they use to log in on 1password .com?
Yes, your account password is needed to unlock the 1Password app and to sign in to 1Password.com. The password that you use to unlock the app and sign in to 1Password.com is the same. It's important to note that, even when using 1Password.com, your account password is never sent over the internet to us and it always stays on your device: How Secure Remote Password protects your 1Password account
What's the likelihood of 1password .com (and .ca / .eu) being compromised compared to icloud being compromised?
I can't speak to iCloud but I can say that even if 1Password.com was compromised your data would still be protected since it's end-to-end encrypted. An attacker could break into our servers and they would be left with only encrypted gibberish that is useless to them without both your account password and Secret Key.
Unlike older standalone vaults synced via iCloud or Dropbox that are only protected using your password, your 1Password account data is protected and encrypted using a secret that is derived from both your account password and your Secret Key. A regular user's password is usually about 40 bits of entropy (a measure of how strong a password is) because passwords need to be memorized, this puts a ceiling on the security of your standalone vault. On the other hand, the Secret Key (which does not have to be memorized) has 128 bits of entropy which makes it impossible to guess or crack using today's technology.
This makes using a 1Password account vault much more secure than using an older standalone vault synced using iCloud/Dropbox. And that's without going into the additional security that our team has implemented to prevent our servers from being compromised in the first place. You can find more details about our security model here: About the 1Password security model
-Dave
0 -
I have the same questions. Also I have been using 1Password standalone accounts for years and I have FREQUENT internet outages or situations when I'm not online. What are we supposed to do then? Furthermore, ever since 1Password made the (incredibly poorly communicated and disorganized IMHO - it was all about getting the "new" customers) switch to SaaS I have two vaults and have gotten no help merging or synchronizing them. I'm scared of losing data. Lastly my iphone version of 1Password, which used to sync perfectly, doesn't sync now and it's unclear if I have to pay for a new app or what? To me this just seems like a money grab - everyone knows the SaaS business model is more lucrative. But it was done in such a clumsy way, with no consideration for long term customers or help for them to make the transition.
0 -
This content has been removed.
-
@noraar You've summarized my feelings. It's clear AgileBits has moved to SaaS and anything standalone is being left behind. Notice no one touched my question: https://1password.community/discussion/133479/firefox-vs-safari-1password-functionality#latest
0 -
As @noraar mentioned, if you have the 1Password app installed on your device then you'll still have access to your items even in the event of an internet outage. All of the 1Password apps save your items locally on your device in addition to backing them up to your account on 1Password.com.
I'm sorry to hear that you've having trouble merging your two vaults. I recommend sending an email to support+forum@1Password.com so that our support team can help. After emailing in, you'll receive a reply from BitBot, our friendly robot assistant with a Support ID that looks something like [#ABC-12345-678]. Post that here, and I'll be able to locate your message and make sure it's gotten to the right place. 🙂
I'm sorry for missing your post. I've now responded to you over here: https://1password.community/discussion/comment/659582/#Comment_659582
-Dave
0