Worst 1Password Upgrade Ever?

geraintp
geraintp
Community Member

Having bought two family packs, and half a dozen gift licenses over the years, and recommended 1Password to countless friends and relatives, I thought I'd make things easier on myself and cross-upgrade to the MAS version (+$5 over a family pack upgrade) for 1P4. Oh. My. God. This has been the worst 1Password experience ever. I couldn't possibly recommend it to anyone else in its current state.

I couldn't even get 1Password 4 to recognise my agilekeychain initially (because it had the _folder extension). Searching through the forums (not Help, obviously), the recommendation is to remove the extension. Ok, but... it's not like I added it in the first place guys. 1P did. How many upgraders are going to give up at this step?

Uh oh, none of the browser plugins work. Let's follow the instructions to remove them all. Brilliant. Now let's add them. Doh! We was just foolin' with yah. Try restarting Chrome. Now try restarting your Mac. Hmm.

Then I wondered where the Generated Passwords folder had gone. Ah, searching through the forums I learn it's under "Passwords". Except it's not really, which is why I didn't assume it was, because it's not recording all generated passwords -- I manually added a login and used a 1P4 generated password, and it wasn't recorded. Last password Created or Modified is Oct 5, whereas I've got 3 new logins (Oct 12 and Oct 14) all with generated passwords. So now, this much-used feature is pretty much useless.

Oh, and what's this? Dropbox syncing isn't working. Not at all. Searching through the forums (not Help, obviously), it appears the best way to get things working is to put the agilekeychain into ~/Dropbox/1Password. Are you kidding me? Four versions into 1Password and I'm having to stick files into hardcoded folders. But hey, this gets it working, at least I think so. Because apparently the best way to check whether this basic functionality is working is to go into Dropbox (on the Dropbox website mind, did you even know it had a website?), go into the folder that is a file in Finder, open up the html file, and see if you can tell whether it's up to date (you can't sort by Date of course). Woah. This is just awesome user friendliness! I'm going to call my mother now. My favourite bit is when the browser plugin asks you if you'd like to remember your top secret 1Password password. And locks within about 10 seconds of inactivity, thus making saving that password start seeming like a really good idea.

Meanwhile, 1Password for iPhone stops syncing. So I've got new passwords on my Mac I can't get onto my iPhone, and new passwords on my iPhone I can't get onto my Mac. I resync'd, I re-registered with Dropbox, and then gave up. I copied the new passwords that were only on the iPhone into a note and nuked the app. Yes, 1P is so broken I'm using unprotected Notes to store my passwords. But, after reinstalling, sync is working. Hallelujah.

Sorry guys, I normally love your work (four versions of 1Password, plus Knox) and I'm grateful for all the free upgrades and amount of time 1P has saved me over the years, but this is just... terrible. Absolutely terrible. And I'm only recounting the problems I've noticed in the last two days.

Comments

  • ildm
    ildm
    Community Member

    I have pretty much the same experience as geraintp. Never had any problems with 1Password until this "upgrade" to v4. What happened? Why would you release a product in such unfinished condition? Who knows what security bugs there may be?

  • ildm
    ildm
    Community Member
    edited October 2013

    PS: I'm going back to the latest version of 3 and will try version 4 again in a couple of months. For now thank you but no thank you.

  • thightower
    thightower
    Community Member

    Oh. My. God. This has been the worst 1Password experience ever.

    Sorry you feel that way, I have been in the beta since the beginning and I had a couple issues along but nothing like so many users like yourself have been seeing. Mine were actual beta issue with new coding etc.

    because it had the _folder extension

    I would have hoped this issue would have been cleared out by now. I see another one slipped by. I still see one or two of the old configs left over from the iDisk syncing from time to time. You are defiantly a long time user like myself.

    The name change had to have been done by you during iDisk sync. I had to change mine manually when I was trying out iDisk syncing. When I moved over to Dropbox I changed the extension back removing the _folder portion. Sadly this wasn't made clear enough IMHO when a plethora of us moved to Dropbox. That move was due to Apples recommendation not to use iDisk for rapidly/often changing files.

    The name change or more correctly the _folder extension was something that made iDisk pick up on sync changes more quickly.

    I would like to make sure you got the 1Password 4 browser extension installed, sounds as if you may have got the older 1Password 3 browser extension installed. Hence the reason for no history etc. of your generated passwords

    I thought I'd make things easier on myself and cross-upgrade to the MAS version.

    Sadly with this you and the rest of us must live by the current Apple guidelines and they require explicit requests to use folders outside of the sandboxing environment. The Mac App Store version has to use ~/Dropbox/1Password/

    This is one Reason I chose to move from the Mac App Store. I keep my data where I want it and I don't like being limited.

    Are you kidding me? Four versions into 1Password and I'm having to stick files into hardcoded folders.

    Again an Apple sandboxing limitation.

    My favourite bit is when the browser plugin asks you if you'd like to remember your top secret 1Password password.

    This is true behavior the extension has no way of knowing you are typing your master password into a web dialogue box. 1Password doesn't record the Master password inside the data file unless you tell it to. You can always click the gear in the lower left hand corner and select never for this site should you wish not to be bothered again for this prompt.

    But , Why not store it ? I have mine stored in my keychain should the wife ever have need of it. Well more precisely I have it saved and then shared that file to my wife's vault, and my parents, vault for safe keeping should something happen to me. Someone will be able to access my data and close accounts etc as there is no way someone will know what my mother maiden name is. its a random generated password, stored within 1Password.

  • geraintp
    geraintp
    Community Member

    Thank you for your patient response. I realise there are some technical reasons (some enforced by Apple) for some of the issues, but the Agile crew could have done a lot better in explaining the pros and cons of going MAS vs website (I mistakenly thought it would be an improvement), and proactively addressing what has transpired to be fairly consistent issues up front rather than letting so many of us struggle through the forums trying to find an answer.

    The team has a strong reputation for customer experience but the wheels seem to have really come off this one, which is why I think it's the worst upgrade ever. After two days of fiddling, I think I've mostly managed to get 1P4 up and running properly (assuming the Generated Passwords issue is by design rather than an installation error), and I'm assuming I'll get used to the UI changes which currently feel strange and clumsy (for example, looking up the password history for a particular login looks distinctly like unnecessary UI changes over functional utility). But I'd dread to upgrade anyone else and I would certainly recommend they stick with upgrading from the same source (MAS or web site).

    I'll take a look at the browser extensions again but, as I said, I removed them, reinstalled, rebooted, etc. (They originally didn't work because of the Dropbox issue.) It also seems a bit unlikely given the new logins appear in the 1Password app (together with the generated passwords), but the generated passwords themselves don't appear in the Passwords list. I could be wrong but I thought I created a new login in the app manually without any browser involvement but observed the same behaviour (I'll check). Btw on the 1Password web version, it would be a lot better if gave you the "never" option in addition to "Save" / "Not Now". Interesting idea about making your passwords available should something happen to you though.

  • Grunt_at_the_Point
    Grunt_at_the_Point
    Community Member

    Gee, I guess I must be missing something because I'm not having a problem.

  • Hi @geraintp,

    I'm sorry about the horrible upgrade process you went through. We're working on improving on many of these issues. I'd like to address some of your issues:

    I couldn't even get 1Password 4 to recognise my agilekeychain initially (because it had the _folder extension). Searching through the forums (not Help, obviously), the recommendation is to remove the extension. Ok, but... it's not like I added it in the first place guys. 1P did. How many upgraders are going to give up at this step?

    Like Tommy said, this isn't done by 1Password at all. The _folder was added by iDisk syncing in the past because iDisk doesn't understand bundle files, so it converts them to folders by renaming it to _folder.

    The problem is that due to explicit sandboxing, 1Password couldn't read it. We're working on adding _folder to our entitlements list to see if Apple will let us do this. We'll figure something out if not.

    Uh oh, none of the browser plugins work. Let's follow the instructions to remove them all. Brilliant. Now let's add them. Doh! We was just foolin' with yah. Try restarting Chrome. Now try restarting your Mac. Hmm.

    Like the Mac App Store's sandboxing, the browsers also have their own sandboxing. We can't automate the installation, removal and so on with the browsers, this is a manual process that users have to do. We've added a lot of automated help tips but sometime, that doens't work too well.

    If you already did install 1Password 4 extensions, have you tried any of the followings in this article to see if you can narrow it down? Majority of the folks reported issues like yours have found one of the listed to be cause.

    We wish we can go back in the past to keep things simple like we had in 1Password 2 but over time, everything's getting more complicated with more restrictions for security reasons. The old days of doing everything in the background is no longer possible and sadly, customers have to do a lot of things manually and it is definitely up to help them go through this. We're learning our lessons here and are trying to improve as fast as we can.

    Then I wondered where the Generated Passwords folder had gone. Ah, searching through the forums I learn it's under "Passwords".

    Correct, we've promoted Generated Passwords to its own category, so you can now create password items if you want in there to store anything related to a password but doesn't have a website or a username; stuff like PIN codes, combination numbers and so on.

    I manually added a login and used a 1P4 generated password, and it wasn't recorded.

    That's intentionally. Please read my post here for more information.

    Oh, and what's this? Dropbox syncing isn't working. Not at all. Searching through the forums (not Help, obviously), it appears the best way to get things working is to put the agilekeychain into ~/Dropbox/1Password.

    Correct. We ran into unexpected sandboxing issues with the Mac App Store version. Here's the gist of it: Apple doesn't allow for beta testing at the Mac App Store, so our beta team can only test the website version that is not sandboxed. The only way we can figure out the sandboxing is after the app is released at the store. We're going to try to ask Apple to reconsider their policy on this.

    We've released 1Password 4.0.3 to resolve some of the sandboxing issues but the rest should be resolved in the 4.0.4 update that we're working around the clock to get it submitted soon.

    Four versions into 1Password and I'm having to stick files into hardcoded folders. But hey, this gets it working, at least I think so.

    Sadly, as explained above, things are getting more complicated with more security restrictions, not simple. For now, we have an entitlement rule for the ~/Dropbox/1Password, which is why it doesn't affect anybody with the sandboxing rules, only for those who didn't put it there. As soon as 1Password 4.0.4 is release, it should then let you use any folders in Dropbox.

    My favourite bit is when the browser plugin asks you if you'd like to remember your top secret 1Password password. And locks within about 10 seconds of inactivity, thus making saving that password start seeming like a really good idea.

    I'm not sure what you saw here, there's nothing in 1Password that asks to remember your master password, it'd be a major security risk if it did happen. We never ask this at all, so if you see this, please let us know where and what you were doing before it shows up.

    but the Agile crew could have done a lot better in explaining the pros and cons of going MAS vs website (I mistakenly thought it would be an improvement), and proactively addressing what has transpired to be fairly consistent issues up front rather than letting so many of us struggle through the forums trying to find an answer.

    I agree, we're trying our best to improve everything including doing better docs up front to let folks know of the issues in the Mac App Store version. We're also working on a tool to convert your Mac App STore purchase into a website license as many folks want to switch back to the website to avoid issues like this again.

    (for example, looking up the password history for a particular login looks distinctly like unnecessary UI changes over functional utility)

    Password History allows you to find all password items specific to that item. A lot of folks didn't like scrolling through one giant list of password items where they can't find a specific password. So, we've made the Password History specific to the item and lets you to find them quickly.

    Btw on the 1Password web version, it would be a lot better if gave you the "never" option in addition to "Save" / "Not Now"

    It is there, but in the gear button on bottom left:

This discussion has been closed.