Safari not supported? [1Password for Teams depends on WebCrypto]
I started playing with the Teams. I created a team name, and out of curiosity, I went to the corresponding page in Safari.
I got a warning telling me my browser wasn't supported and suggested I use Chrome, Firefox or Opera.
Really?? No Safari support??
Corentin
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi, @cortig.
From our brand new FAQ page:
The 1Password for Teams web app works in the latest versions of Chrome, Firefox, and Opera.
We’d love to add Safari to that list, but we rely on several advanced cryptography features that aren’t yet natively available within Safari. We’re hoping to be able to support Safari in the future.
For now, we recommend you copy your invitation link into Chrome, Firefox, or Opera.
To find out more about the cryptography features we're using check out our Security page for 1Password for Teams, or if you're really interested in the technical details, you can even read our white paper.
I hope that helps!
0 -
Thanks a lot for the details!!
Corentin
0 -
I probably will (after the team has been approved and I've played with it a bit ;-) ).
Corentin
0 -
I bet you're quite busy on the many requests you got! :-)
I can survive without it for a while. I'm using shared Vaults for these sorts of things right now.Corentin
0 -
@ShawnR: The 1Password for Teams White Paper covers the security design end to end (heh, crypto jokes), so it applies to 1Password for Teams regardless of platform. And since I didn't write it myself, I don't mind saying that it's a fantastic read. Be sure to check it out!
I will say though that currently Teams functionality is only in 1Password for Mac beta, but we'll be releasing a stable version on OS X as well When It's Done™ so Mac App Store customers can use it as well (without having to switch to the AgileBits Store beta version). :)
0 -
Hi Guys,
Listen ... I love 1Password, and I love all the support you guys provide; I love the fact that you guys are super security conscious ... I'm a "true believer" in the potential of 1Password and 1Password for Teams.
However if you don't have support for Safari [and shudder Internet Explorer, or whatever they are calling their new browser], you don't have a product yet. I can't even do much Beta testing for you, since my colleagues are Mac users, and many of them use the default browser, which is Safari. To quote my manager ... "No support for Safari? F**k it."
You're going to need to figure out how to create a secure plugin or kernel extension to support the technology you need on the commercially popular browsers, or this is going to go over like a lead balloon. It is not realistic to say to potential customers "We have a product that is going to make you more secure in your work, by helping you pick strong passwords and using them (which means, 96.3% of the time, in your web browser). All you have to do is use the right web browser and keep it updated to the latest version." Not if you want people to pay money for it.
Some shops have security standards that ban the use of downloaded software on work computers. Government agencies, for example. Other shops have very strict restrictions on which version of the web browser can be used, until it has both been vetted by the security people, and tested with the supported critical application base. Those people can't use the "most recent versions" of the popular open source browsers, because they don't work with the applications. Not everyone can do Agile CI/CD methodology with their software. My employer (large Ivy League University, 10,000+ employees) has a lot of critical business applications that rely on third party products like Oracle and Java, with massive amounts of in-house customizations. The most recent versions of the free browsers will not work at all, in part because the developers decided that instead of warning about web site insecurities, they simply refuse to connect. It might be a couple of years before we can go back and recompile / upgrade all our applications to the latest and greatest version of Oracle. Actually, it's taken a long time to get them to grudgingly support Macintosh anything. The standard supported configuration used to be Windows 7, Internet Explorer 9 or 10, Java 7 update something and if things don't work on your Mac they will offer you a box of Kleenex but please don't call for tech. support if you are not running the supported config.
My suggestion ... leave in a Free Beta status until it's really ready for commercial consumption. You're going to hurt your reputation as a company if you try to sell something that isn't fully baked.
0 -
You are making a good point, @ferthalangur!
When we started working on this project, I felt that it will take us longer to implement it than it will take the Safari team to support the WebCrypto standard. Well, I was wrong.
I still have hope that WebCrypto will make it into Safari soon. If not then we have a few ideas about how to work around it. Safari does have a semi-finished implementation in
crypto.webkitSubtleand we could polyfill the rest. Certainly it is not optimal but it should work.0 -
@ferthalangur, thanks for your post. To add to what @roustem said, remember that Safari is only unsupported (currently) for the actual web client. Once a team member sets up their account in a supported browser and connects their native client apps, the apps will handle communication with the server, and the team member will still be able to use Safari to browse and sign into web sites using 1Password's Safari extension. Administration of the team or your own account, then, is the only thing that would have to be done in a different browser.
However, as Roustem said, we are planning to add Safari support one way or another eventually. If we can't use WebCrypto, it'll probably be a lot slower, so we're hoping Safari just fills out their WebCrypto support soon.
0 -
My suggestion ... leave in a Free Beta status until it's really ready for commercial consumption.
@ferthalangur: That's a great idea! Wait, what's what we're doing. ;)
You're going to need to figure out how to create a secure plugin or kernel extension to support the technology you need on the commercially popular browsers, or this is going to go over like a lead balloon. It is not realistic to say to potential customers "We have a product that is going to make you more secure in your work, by helping you pick strong passwords and using them (which means, 96.3% of the time, in your web browser). All you have to do is use the right web browser and keep it updated to the latest version." Not if you want people to pay money for it.
I think in your haste you're forgetting what 1Password has been from the beginning: an awesome Mac app. Hopefully we'll be able to find a way to bend Safari to our will, but if you're on a Mac, you really want to be using the native app anyway, right?
If we told you, "Hey, forget about native apps! 1Password for Teams is better as a web app!" then you'd have good reason to fret. But 1Password for Teams is already built into 1Password for Mac for you to use today, with more platforms to come. So while lack of Safari support is definitely an inconvenience for the signup process, that's probably not where you're going to be using 1Password 99% of the time on a Mac. At least I hope not! :pirate:
0 -
You are both right, I was too hasty. I'm glad to hear this!
Others will jump to part of the Island of Conclusions. You may want to include this information in the Unsupported Browser message that Safari users see. The current message seems to imply "Sorry Safari Users ... You are SOL right now" instead of "you need to use a supported browser to create a team." Big difference.
Might I suggest augmenting the Unsupported Browser message to say "Your Mac/Safari Users Will Be Able to Use 1P4T with the native application and the Safari plugins." Include a highly visible link to the 1P4T FAQ, and add a chunk of information there, and in the 1P4T Introductory Page.
_rob_
0 -
You are both right, I was too hasty. I'm glad to hear this!
@ferthalangur: Not at all. Believe me when I tell you that it took me a bit to wrap my head around the way 1Password for Teams works. :lol:
Others will jump to part of the Island of Conclusions.
You're absolutely right! For me the 'Eureka!' moment was when I realized that for end users this really doesn't change a thing: 1Password is still 1Password. It's when you get into administration and storage that you see the benefits. But most of us using it on a day-to-day basis won't even notice — at least for now. ;)
I couldn't agree more with your assessment. I've passed your comments onto the team so we can make the limitations of this limitation much clearer. Thanks for your persistence and insight! :chuffed:
0 -
Possibility for the lack of Crypto Support in Safari...??
Is it possible to have 1PW open a different browser prior to filling user/pass?
0 -
@roustem , hi, sorry no what I meant was when using 'open and fill' within 1PW that there could be a 'open with X Browser' preference, so if triggered from within Safari, say, would open X browser and then open and fill....
not sure if this is possible or practical...
best
Bruce0 -
@roustem yes understood... But I think I've confused you lol - apologies
This would be an additional function to 1PW...
It would open a specific browser (in this case a different browser from currently opened browser) first then the specific site (that isn't supported in the current browser - perhaps a Bank, that doesn't support Safari for example - not just Teams in this case) and then load the appropriate page and subsequently fill in the credentials...
Clearer ? Let me know :)
best
Bruce0 -
Oh, I understand now.
I currently use the Browser Fairy app that does something similar but throughout the entire system:
http://www.browserfairy.com0 -
Thrilled to be testing this! We’ll be using it as a family password repository and Safari support is important for us. I hope the Safari team supports it soon, or you guys get a decent polyfill.
In any case, this is getting very close to the ideal solution—which I’ve always held would be 1Password that is also accessible via the web (not via Dropbox; too hard to explain to non-tech family members).
0 -
@natevancouver: Thanks so much for helping us test it, and your kind words! We're really excited to finally be able to share 1Password for Teams with you. You ain't seen nothin' yet. Looking forward to your feedback! :chuffed:
0 -
Hi, @johnclay.
We're still ironing out issues with the account migration for Safari support. We'd love it if you were able to use the account migration, but I'm not sure when it's going to be publicly available. If you'd prefer to just create a new account, that will work. New accounts allow users to sign in with Safari.
0
