Sharing vault without using 1Password to open shared vault.
I finally just upgraded from 1Password 4 and I'm missing a feature I had before the upgrade. I'm thus far disappointed.
I want to share my 1Password vault (Dropbox style but not via dropbox) and access the shared vault from other computers where 1Password is not installed. Previously this was possible as there was a 1Password.html file in the .agilekeychain folder that let me open and browse my vault.
I just created a new vault and setup folder syncing and I'm not seeing this 1Password.html. Is there a way to enable that? The "How to share a vault using Dropbox" document leaves me to believe you're now forcing us to either access the shared vault from the 1Password app or use your new subscription. Neither of those options works for me.
https://support.1password.com/dropbox-share-vault/
If there isn't an option that allows me to access my vault from a browser using the old Dropbox style sharing then I'll be asking for a refund to my upgrade and I'll revert back to 1Password 4 for the time being.
1Password Version: 6.3.5
Extension Version: Not Provided
OS Version: OS X 10.11.6
Sync Type: Folder > Website File Share
Comments
-
Still looking for an answer to this problem.
0 -
Hi @lbonner,
Sorry we weren't able to reply sooner! We generally reply to the oldest threads in the list first and work toward the newest. Unfortunately, each time a new comment is added to a discussion, the timestamp on the thread is updated and it gets bumped up to the top of the list (i.e. "the newest"). So your second post here had the unfortunate side-effect of moving you further down the line.
I'm sorry to hear you're not happy with the upgrade to 1Password 6! I think you're referring to an old feature called 1PasswordAnywhere, which was used to view 1Password data from the Dropbox.com website (or in some cases, from a web browser reading the 1Password.html file in a local copy of a .agilekeychain sync file).
Just to be clear, sharing a 1Password vault (via Dropbox file sharing, or via a 1Password Families or 1Password Teams account) has nothing to do with 1PasswordAnywhere - they're completely different features for different purposes. 1PasswordAnywhere was a way to view your own 1Password data from a web browser. Vault sharing is a way to share a vault with someone else, so they can access it in the 1Password app on their own devices.
1PasswordAnywhere was an old feature designed years ago (originally around 2008, when smartphones were less prevalent than they are now) which is why the interface was a basic, shallow copy of 1Password 3. It was built into the old Agile Keychain format, and had very limited capabilities (for example, it never had the ability to edit data or create new items). It also had much weaker security than the main 1Password apps because 1PasswordAnywhere is a JavaScript app that can easily be modified to do malicious things. It was a great solution back when security concerns were less severe, but we don't recommend using it these days.
For customers who used 1PasswordAnywhere on the Dropbox.com website (i.e. the majority of 1PasswordAnywhere users), it relied on older Dropbox APIs. However, Dropbox needed to make improvements to their security architecture earlier this year, and unfortunately that meant 1PasswordAnywhere stopped working on Dropbox.com last April (but it was the right decision for Dropbox as well as a necessary one, as security concerns today are much more severe than they used to be).
It sounds like you had been using 1PasswordAnywhere by opening the 1Password.html file from the local computer file system. That method used to work well with older versions of supported web browsers, but modern browsers restrict loading files locally from the file system because they consider it a security risk. Although some modern browsers still allow the local file restrictions to be turned off, some don't.
Of course, even if you're still able to get around all the potential problems and can still make it work on your system, the 1Password.html file is no longer created in new .agilekeychain files (as you noticed). I don't recommend reverting to 1Password 4, although you're welcome to do that if you want to. However, there are a few things to keep in mind - for example, version 4 might still function correctly on El Capitan (which you said you're using on your Mac), but has some compatibility problems with Sierra. So if you plan to upgrade your Mac to the latest OS at some point, you'll run into issues with 1Password 4.
Also, due to changes that have been made to the 1Password database schema, 1Password 4 will not be able to read a database that has been updated by 1Password 6. That doesn't mean you can't revert, though - it just means you'll need to take some extra steps (for example, sync each of your vaults to Dropbox or to a local folder, delete the main 1Password database folder from your Mac, delete the 1Password 6 app, reinstall version 4, and re-add your vaults to it from the sync files).
If you had been using 1PasswordAnywhere to view your data from other computers, there might be an alternative that works well for you. For example, if those are your computers (or mobile devices), simply install the 1Password app on each one and sync your data between them. Or if those are public computers, you might want to consider trying out a 1Password.com account, which includes a full featured (and secure) web app so you can access your data from any web browser. However, you said you aren't interested in signing up for an account, and I completely understand. Web access is just one of the many great features of a 1Password.com account, but if it's the only feature you're interested in, I certainly wouldn't expect you to want a subscription.
Again, I'm sorry for any confusion about 1PasswordAnywhere! I hope this at least helps to explain what happened and why it's no longer available. But if you have more questions about that or anything else, please don't hesitate to let us know. We're always happy to help! :)
0 -
That's incredibly disappoint to hear. The read only nature of 1PasswordAnywhere is what I needed and I've been serving it from a controlled https server where there's little to no chance of the code being comprised.
0 -
Unfortunately even if you are confident that your server is secure, the browser itself may not be. 1PasswordAnywhere was developed before anyone needed to worry about things like cross site scripting vulnerabilities or local file exploits, and keep in mind that in most cases extensions you install have access to anything you do in your browser. Better safe than sorry.
0
