2 questions before switching from Lastpass to 1Password8
I'm currently testing 1Password and have two questions before I switch.
When, if ever, does 1Password plan to offer the ability to export ALL data to a standard unencrypted csv format used by most other vendors? I want the ability to easily export (without having to use third party tools) to csv for both offline backup and future portability.
When will the Face ID malfunction be fixed? This is a critical feature of any iOS PW manager, so why has it taken 5 months and is still not remediated?
Hoping to hear from someone with answers that will assuage my current hesitancy. Thank you.
Comments
-
Hi @hardybird
Thanks for taking the time to write in, and for considering 1Password.
When, if ever, does 1Password plan to offer the ability to export ALL data to a standard unencrypted csv format used by most other vendors? I want the ability to easily export (without having to use third party tools) to csv for both offline backup and future portability.
This is not on our roadmap. We do feel data portability is important. We even wrote a blog post about it:
You have secrets; we don’t, why our data format is public
That said, CSV is not a great format for the kind of data stored in 1Password. We do offer a CSV export, but it is not lossless (nor is it lossless when exported from most other vendors). Our lossless format, 1PUX, is an entirely open and human readable standard that is more flexible than CSV. I'd point you to a couple of guides on this subject:
Additionally I'm going to tag @MrC here as I think he may have a few related things to add. 😊
When will the Face ID malfunction be fixed? This is a critical feature of any iOS PW manager, so why has it taken 5 months and is still not remediated?
Engineering has written code attempting to resolve this problem, and we are anxious to get those updates released in a stable build of the app as soon as possible. I couldn't say exactly when that'll happen, but we understand the frustration this issue has caused and we're on the home stretch.
Ben
0 -
Thank you for answering my questions, @Ben. I have already downloaded @MrC files and read the guide for converting on the Windows platform. I think it's great that @MrC has created this, but it is still a lot of hoops to jump through compared to other vendors. But, thank you for letting me know the situation. I haven't yet experienced the Face ID issues, but what really concerns me is the amount of time it's taken to remediate such a key feature. Anyway, I see a lot of things I really like about 1Password and am not too pleased with Lastpass. Still mulling it over...
0 -
Happy to help. In the interest of full disclosure: there were multiple issues with biometrics on iOS, many of which were conflated, which made tracking each one down more difficult. We then ran into some logistical issues in shipping the fixes we've built, compounded by the December holidays. There is light at the end of the tunnel though, and I don't anticipate it being too much longer before we reach it. 🤞
If we can be of further assistance, please don't hesitate to contact us.
Ben
0 -
I think it's great that @MrC has created this, but it is still a lot of hoops to jump through compared to other vendors
Thank you for the nice words. Yes, there are additional steps involved, esp. for Windows users where scripting languages have always been ... challenging.
That said, there are very few password manager products that I'm aware of that export comprehensive CSV along with attachments, in a lossless format. While certainly 1Password could do undertake this, I don't think its cost-effective, nor would it be a generally advisable strategy to promote to customers.
So the converter suite was created to fill in the gaps, and provide additional solutions for those customers requiring something outside the box. It seems oxymoronic to state that I wrote software for which I hope users don't use very often (hopefully just once), since there are security concerns about placing or leaving unencrypted data on the system. Most users are simply unaware of the security considerations regarding this practice.
My two cent advice - if you feel compelled to have a complete backup, export to 1PUX (as securely as possible), and if required, then convert it to a comprehensive CSV(s).
0 -
@MrC
I don't need attachments, but I do need more than just username/pw. The Notes field has always been critical for me using Lastpass. My SOP with Lastpass has always been to periodically export a CSV for storage offline in a physical firesafe as a periodic backup. Even with massive redundancy on the vendor's part, data corruption is always a possibility and there is no getting around that. I will be using your (much appreciated) converter suite to continue my standard backup procedure with 1Password. I will also continue to store a printout of all login information (in case I die or am incapacitated and those who need to take over are not technically adept). I will do that once I get it all into a csv spreadsheet thanks to your converter. Anyway, I do hope 1Password is paying you for your services. If not, please let my thanks be some recompense.0 -
Hello again @hardybird ,
data corruption is always a possibility and there is no getting around that
I'm sure all the transactions made between the apps and the backend store are checksummed.
If "data corruption" could and did occur, you'll likely never know when that happened so you'd need a history of periodic exports in perpetuity, and you'd have to attempt to find this corruption by doing comparisons of the files. But this will be very difficult once any new field is added to the CSV, since the columns would change. Furthermore, there is no guaranteed record or column ordering.
However, that's all moot, since the data is encrypted, and any corruption would lead to a failure to decrypt the record data (or possibly vault). Your remedy then would be to contact 1Password to have them recover the database from a backup. And if they were for some reason unable to do that, I'd suspect that such a theoretical issue would impact millions of users, and would imply a major meltdown. Personally, this is just not something I worry about, but we each have our risk assessments and tolerances.
I'm happy to hear that you have a tool at your disposal that helps you sleep better! That's all the payment I need. :-)
Cheers,
MrC0 -
Just my 2¢ but I'd much rather spend half an hour showing someone how to use 1Password than leave them with hundreds of pages of printed passwords that they'll have to re-type. Not to mention the effort of keeping a printed record updated every time I add or edit a record.
Food for thought.
Ben
0