[Feature Request] It's time to add Google Drive support for Syncing
Dropbox had been hacked...since 2012! If Dropbox didn't know they were hacked since 2012 that's bad, if they knew they were hacked, but never told anyone THAT'S WORSE!
http://www.zdnet.com/article/why-dropboxs-data-breach-response-is-still-wrong/
I no longer can trust DropBox with sensitive data, since it seems they are either incompetent or they don't care about their customers so much that they won't let people know their accounts have been compromised. Yes, there is 2 factor auth, but still...Dropbox didn't tell anyone that they were hacked.
It's time to either add Google Drive support or I am heading to LastPass exclusively.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Thanks for taking the time to write in.
We do not have any definite plans, that I'm aware of, to add Google Drive support. That said, if LastPass's model is attractive to you we now offer a similar (but better of course ;) ) solution:
Thanks.
Ben
P.S. It is worth noting that as far as 1Password data is concerned Dropbox itself being compromised isn't as big of a concern as you might think. As long as you are using our OPVault database format all of your 1Password data is encrypted before being sent to Dropbox. With Agile Keychain titles, URLs, and some other meta data is not encrypted, but all credentials are.
0 -
Wow your response shows me how right Steve Gibson was about this company, its not a big deal if a hacker gets the encrypted blob!? LOL yeah it is! brute force.
I'm out.
0 -
I, for one, am closing my Dropbox accounts as they were legacy accounts, used back when there weren't much of an alternative. Now that there are better alternatives, why not use those?
I am not sure if Dropbox is any safer than OneDrive or Google Drive.
As Agilebits likes to point out, the user is in control of their own data.
I have not seen any progress towards 'Own Cloud' scenarios other than merely acknowledging user requests.
0 -
Its cause they really don't care about security just $$$, I have seen many concerns about security expressed on this forum and other places, they just like to dismiss these claims, even though they come from professionals.
0 -
I'm sorry that you don't feel comfortable with Ben's answer. To expand a bit on what he said, there is a huge difference between data in plain text being exposed as opposed to properly encrypted data. First of all, that's one of the main motivations to encrypt your data to begin with: if I kept my computer on a safe that didn't have a way to communicate with the world (as in, not built in, not only disconnected for now), then what would be the benefit of encrypting anything? Just in case someone stole my key, I think. It's adding one more layer of protection to the mix, and that's exactly the point. Can brute force attacks be performed? Yes, but if you have a strong, random Master Password, it would take thousands if not millions of years for anyone to get access to your data with current technology. If you have any questions or would like to dig in a bit more in how 1Password protects your data please just let us know and I'll love to get into more detail about it :chuffed:
0 -
If @x2ky3KRw0mgny is paranoid, Wifi Sync (now renamed WLAN sync?) bypasses Dropbox entirely and the syncing is only between MAC/Windows and the phones/tablets. That is another option to consider.
0 -
We actually already have that, at least on Mac. In the security audit section you'll find filters for passwords that haven't been changed in 3+ years, 1-3 years, and 6-12 months.
Ben
0 -
I would lump the Dropbox incident with Yahoo. Someone has already pointed out Yahoo's 2FA's weakness. The solution is to use double 2FA.
https://chriscarey.com/2015/09/07/bypassing-yahoo-2-factor-authentication/
"The attacker logs into the backup email on file. Then the attacker initiates a password reset to the backup email on file. An email arrives in the backup email account. The attacker clicks that link, changes the user’s Yahoo password, and gets full access into the Yahoo account without 2-factor ever being contacted!"
"How to prevent this?
The solution here is to make sure the backup email you have on file also has it’s own 2-factor authentication to prevent it from being compromised."
0 -
Hi @wkleem
We're always adding new things to 1Password, specially to the Beta, so keep tuned to see what it brings :chuffed:
You bring up an interesting point Yahoo, we never know what can happen or what people can find the sites we use. Making sure each password is unique is one of the single most important things that will help protect your online life :chuffed:
0 -
I wonder if there are any email experts or power users in Agilebits to comment on email aliases usage and plus features? E.g the + feature can be noticed in the Agilebits support forum.
"Email + "
"support+kb@agilebits.com"Aliases usually point elsewhere but I am not very familiar with them.
Dropbox has been compromised, but surely there another a safer way to post particulars.
Even if an email is compromised, we should be able to regenerate it, leaving the parent email intact.
0 -
"Plus addresses" are delivered to the "non-plus" mailbox. This is a standard, and should work with just about any mail provider (but the only one I have personal experience with it for is Gmail / Google Apps).
So all mail sent to support+kb@agilebits.com is actually delivered to the support@agilebits.com mailbox. There isn't a support+kb mailbox. What happens with it after that is up to your mail client. We have filters set up to look for these plus addresses and tag messages accordingly based on them.
Is that what you were looking for?
Ben
0 -
Thanks @Ben.
Those features appear to be underused, if users actually know about them, and some sites won't accept them as well, in my experience.
I tried it out but stopped my usage of the plus features as there was the possibility of rejection.
0 -
I've had a similar experience. I ended up using aliases (actually groups with my mailbox as the only member) through Google Apps for that reason, for myself personally.
Ben
0 -
I'd like to see a Google Drive option as well, it's the only thing holding me from deleting Dropbox.
0 -
Thank you for getting in touch with us and letting us know what you'd like to see in 1Password! Right now we don't have any concrete plans to add support for more syncing methods, but everything's still possible. Stay around to see all the new things that we add regularly to 1Password :chuffed:
0 -
I would differ in adding Google Drive. OneDrive support is already in Win Mobile and 1Password 6 Win. Wouldn't it make more sense to standardise it across platforms? Which of the 1Password apps currently have the Google Drive Sync option?
0 -
@wkleem: Google Drive isn't something we support currently. On Windows we effectively get OneDrive support "for free" though. So if all goes well there and if their APIs are suitable for 1Password on other platforms, it may make sense to add OneDrive support in the other apps as well — but the desktop apps can sync with an arbitrary folder, so it's less of a concern there. Some folks use this feature to sync via Google Drive. We really have to look at this on a case-by-case basis, so we continue to consider Google Drive (and others) as well. You're right that it would be best to have native support across all platforms.
0 -
+1 on the Google Drive option..
My main problem with Dropbox is it gives Dropbox root access.0 -
Thanks for letting us know your preference! :)
0 -
How to remove Dropbox from Accessibility prefs:
http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/#comment-27348Better than nothing.... I'm stuck with dropbox because I'm a Android user on the phone and os x on my laptop! 8-)
0 -
Dropbox hack blocked by Apple in Sierra:
http://applehelpwriter.com/2016/09/20/dropbox-hack-blocked-by-apple-in-sierra/0 -
I will upgrade as soon as I can (Still waiting for the update to show up on my MBA) :)
Update:
Downloading the Sierra now from the App Store. 8-)0 -
:sunglasses: :+1:
0 -
I red this topic and it'd be great if you could support Google Drive! I think that this one is not a "detail" in the cloud applications!
Thanks for your help and your essential application.
0 -
Thanks for letting us know you'd also like to use Google Drive to sync your 1Password data! Perhaps we'll be able to add that feature in a future version. :)
0 -
Unfortunately for me, my MacBook Pro is too old, being in the Mid 2009 category. You will need to have earliest Late 2009 model to be eligible for Sierra.
Requirements:
For details about your Mac model, click the Apple icon at the top left of your screen, choose About This Mac, then choose More Info. These Mac models are compatible with macOS Sierra:MacBook (Late 2009 or newer)
MacBook Pro (Mid 2010 or newer)
MacBook Air (Late 2010 or newer)
Mac mini (Mid 2010 or newer)
iMac (Late 2009 or newer)
Mac Pro (Mid 2010 or newer)0
