My data = my sync method, using subscription?
Hi,
I've been speaking with support already (#WFP-53581-884) over several days, and frankly am rather confused at the signals I have been receiving from them (despite them being very concise and polite!). I have 1Password4, and due to the FF and Chrome updates, it seems that I'm forced to update, if I wish to ensure a secure system.
I already have my data synced between my devices using my own storage/ syncing mechanisms (not using DropBox nor iCloud) and am happy to keep this system in place. I resonate strongly with the words of this thread, which stated simply: I do not want my data anywhere but in my hands. So, thanks for the design and development of the 1password cloud account system... but I don't want it. I don't mind the subscription model however.
As many here have noted, there seems to be a vast difference between the subscription model and the nearly extinct licensing model. Is it really true that if I were to go the subscription model that my data needs to live on your servers?
To be clear, I do not want my data on your servers. I do not want data leakage at all regarding this. I am uninterested in reading a whitepaper on how safe your severs are: I have my own servers and am currently using them.
How do I move from a standalone vault to the new 1password account system, without losing the one thing that is critical for me (ie. ownership my data)? According to my support thread, it seems that this is impossible!!!
If it really is impossible... What are the long range plans of the licensing system? (It seems that AgileBits is 'hell bent' on phasing it out).
Note that I am very satisfied with the product you provide and would prefer to keep using AgileBits software, but it seems that you'd prefer to shut me out, which I just don't understand!?
Any help appreciated,
Craig.
1Password Version: 4, upgraded to 6
Extension Version: 4.6.6
OS Version: OSX 10.10, Android 4.1
Sync Type: custom (ie folder)
Comments
-
Hi Craig,
even with the subscription model, you can activate the option "Allow creation of vaults outside of 1Password accounts" and store your passwords locally, then sync them via Dropbox or however you wish to do it.In other words, you would have an (empty) vault synchronised to the 1Password cloud, and another one which you sync the way you like.
I believe it should work that way, although I never tried.
Regards
Manuel0 -
@cmroanirgo: Thanks for reaching out. I apologize for all the confusion! I do think it's a bit understandable though that you're not able to get clear direction regarding a "sync it yourself" option with a 1Password.com membership, as we've very much built the service and apps with the opposite in mind. One of the primary benefits of a membership is not having to deal with sync configuration for individual vaults on each device. So while I'm sorry that there isn't a good, clear solution given the particular constraints you've decided on, I hope you'll appreciate that what you're trying to do isn't something we've designed for. :blush:
Now, before we go any further, I do want to mention one thing that might make all the difference to you: If you've already purchased 1Password for Mac version 4, version 6 is a free upgrade for you. So...you may be able to stop right there. it isn't clear from your comments if that's all you need, but I thought I should mention it just in case. ;)
And I should also mention that if you're really using Android 4.1, 1Password.com may not work there (not sure what browsers you have available to you) as it depends on security improvements made in the years since. So that may factor into things as well.
Now, while ManuCH is correct that it is technically possible to use local vaults with a 1Password.com membership in some configurations and sync using a 3rd party option, this isn't recommended or supported. And honestly, regardless of your situation, you may want to consider a 1Password.com membership anyway, not only for the benefits that already appeal to you, but also for syncing. I know you specifically mentioned this is a blocker for you, but hear me out. It'll make your life so much easier — and without sacrificing security.
It sounds like security is your chief concern (as it should be), and frankly it's ours as well. Otherwise we wouldn't use 1Password.com either! There's a lot more detail in our security white paper (which is actually a really fun read, even if you're not into cryptography), but I'd like to offer a few simple points that summarize how 1Password secures our data:
- Your 1Password data is encrypted locally on your device before it is transmitted.
- The server receives only an encrypted blob.
- Your Master Password* is never transmitted.
You might think I'm talking about 1Password.com specifically there, but that's the case no matter what 1Password setup you use — *the only difference being that 1Password.com data is also encrypted using the 128-bit randomly generated Secret Key, which is also never transmitted. So there's an additional layer of security there as well.
Indeed, when you use 1Password, AgileBits never has access to your data, regardless of the setup you choose. Even with 1Password.com, your data is encrypted on your device, so all the server ever ends up with is an encrypted blob. And since the Account Key is created locally, your Master Password is only known by you, and neither is ever transmitted, no one — including AgileBits — has the means to decrypt the data.
Suffice to say, if someone gains access to our servers and dumps the full database (we've designed 1Password.com with this in mind), they simply don't have what they need to decrypt it, as each individual user alone has the keys to their data. So an attacker won't have that and can't get it from AgileBits, even if they get everything else. So while there's a lot more that goes into making all of this work smoothly, this is something that I think all of us (I am not mathematician) can understand and appreciate.
I hope this helps. Whichever direction you decide to go, just let me know if you have any other questions or there's something I can help with! :)
0