Feedback on getting my 1PW standalone license onto another Mac: a difficult challenge!

bkendig

I just upgraded my work Mac from 1Password 6 to 7, and I ran into a whole bunch of problems along the way. I'm providing this feedback in the hopes that you AgileBits folks can use it to improve the experience.

I had been running 1Password 6 (with a standalone license) on my home and work Macs. I purchased a 1Password 7 license and upgraded my home Mac a while ago, so today I decided to upgrade my work Mac also. (The home Mac 1PW is synced with my iPhone; the work Mac 1PW has a local vault, not synced with anything.)

1. Downloading and installing 1PW 7.0.7 on the work Mac was easy. But then it launched to the "Welcome to 1Password 7" window with a "Subscribe Today" button. How to get my license into it? Closing the Welcome window would quit 1Password. I found that I could select "License..." from the 1Password menu, but clicking on the buttons in that dialog box didn't do anything. Eventually I figured out that in the Welcome window I could click "Need a license?" and then start the free trial, and that would at least get me into the application.
2. It asked me where to find my vault. I told it to use my 1Password 6 data ... and it opened a window showing me only a few very old entries. I remember that 1PW changed its vault format and I figure this was data from some old 1PW installation I had on this computer - but I couldn't find any way to point it to a more recent copy of my data. I didn't know where my more recent vault was (I know it's in "Library/Application Support/1Password 4/Data" but I didn't see any way to open it from there), and I didn't see any way in the 1PW application to change what vault it's using.
3. I still needed to get my license into 1PW. At home, I have my 1PW 7 license stored in my vault, which is synced to my iPhone, but how could I get it from my phone to my work Mac? I didn't have any way to get it from my phone to a flash drive. I tried emailing it from the iPhone app to my work email, but the email only contained a long "onepassword://" link which didn't do anything in 1Password (it would launch the app, which then ignored the link). I tried going into the license entry on my phone, tapping the contextual menu, tapping "Save to Files", then selecting Dropbox, but it failed with "The file couldn't be opened because it doesn't exist. The file doesn't exist." Eventually, the only way I could find was to go through Slack (which I have on my phone as well as on my work Mac). Opening the license file finally convinced 1Password 7 on my work Mac that it is licensed.
4. But I still had to figure out how to get my vault data back. The only way I could find was to unzip 1Password 6 (it had left a zipped copy in /Applications), run it (I saw all my old data in it), then export it to my desktop. Then in 1PW 7 I had to import it, but the "1Password 6" option under "Where is your data coming from?" wasn't the right choice - I had to choose "Other" then "Import a 1PIF File" even though it was a directory, not a file.

I think I'm all good now, but this was a lot harder than it should have been!

---

1Password Version: 7.07
Extension Version: Not Provided
OS Version: 10.13.5
Sync Type: Not Provided

Lars

@bkendig - wow, thanks for such comprehensive feedback! Sorry for the less-than-optimal upgrade experience. Let me see if I can offer a little perspective here:

There are a few intricacies to upgrading to 1Password 7 for Mac from previous versions, and although the setup flow incorporates virtually all of them, there's room for misunderstanding and error. If you install 1Password 7 for Mac onto a Mac that's previously had 1Password for Mac versions 4-6 on it, at ANY time (even if it no longer does), then the setup flow for 1Password 7 for Mac will find that previous data and import it. In the unlikely even that you previously had both our version of 1Password 6 and the Mac App Store version installed at one time or another, since the data for those versions is in different places in your User/Library folder, you'd get offered a choice of which data set to use. Otherwise, finding only one should import your existing data.

But then it launched to the "Welcome to 1Password 7" window with a "Subscribe Today" button.

That'd be this one:

How to get my license into it?

We've built some fail-safes into 1Password for this kind of stuff. In a case such as yours, if your work Mac and your home Mac are signed into iCloud using the same Apple ID, the license would've been reflected in Keychain Access, and picked up on install on this Mac (presuming you'd already installed on the home Mac first). Are both Macs using the same iCloud account? If you're one of the few who run different iCloud accounts in different locations (or choose not to have iCloud Keychain active), then the way to license 1Password 7 for Mac on a second Mac would be to use the same email from FastSpring that you received to download and install the license file on your work Mac as you did on the home Mac -- you have access to the same email accounts on both, right?

Eventually I figured out that in the Welcome window I could click "Need a license?" and then start the free trial, and that would at least get me into the application.

That'd be this one:

This is the second screen, where you confirm you want to make a purchase. The option on the right is the correct one to stick with the standalone license flow. Clicking on the "buy license option" should've gotten you to your lock screen, with a special message:

Entering your Master Password there would've gotten you into your (imported from version 6) data, and opened another purchase window:

...which can just be closed, if you're planning to add an existing license from email.

I'm surprised to hear you say your data were not imported on the work Mac. What version of 1Password had you been running there previously, and do you (or your company) use data-"cleaners" such as CleanMyMac or other corporate or personal uninstallers or "space recovery" apps? When you import your data using File > Import, you'll get this screen:

The top option, "1Password Keychain" is specifically for data in the older Agile Keychain sync format, which we sunset in 1Password 7. Anyone with sync data in the Agile Keychain format would need to use that option. "1Password 6" is for literal import of the database from a previous install, in case the auto-import fails for some reason (as it sounds like it may have in your case?). "Older 1Password" is for 1pif files exported from older versions of 1Password that are not auto-imported (if someone's upgrading from a much older version of 1Password directly to 1Password 7 on the Mac. And "Other" allows both .1pif and CSV files from other sources.

In general, we recommend that, if people experience issues, getting in touch with us is the first and best step to take, since there are enough ways to do things that no matter what kind of documentation we tried to put in place, the proper path is NOT always immediately obvious and varies from specific situation to specific situation. It's also worth noting that most of the issues you're describing here would be complete non-issues with a 1password.com account. We offer both standalone licenses and 1Password memberships because our customers want the ability to choose...but the above is definitely one of the reasons we developed 1password.com and why we continue to not be shy about recommending its use for the vast majority of our customers. No fiddling with license installation over multiple machines, no keeping up to date with upgrades across multiple platforms. And no problems with sync: sign in on each device, and it "just works." If that's the experience you're looking for, I can't recommend a free, 30-day trial of 1password.com highly enough.

bkendig

Thank you; I appreciate your response! A couple of notes:

• Yeah, I noticed back in the 1Password 7 beta that it tended to find the wrong old data on my computer - instead of getting the vault I had been using with 1PW 6, it found something older and it was a bit of a pain to point it to the right place. That's why I suspected something like this having happened again. Yesterday, though, where you said "you'd get offered a choice of which data set to use," that didn't happen for me. It automatically chose the wrong vault and stuck to that choice.

• My work Mac actually isn't signed into iCloud (we have security policies that disallow this), nor into my home email account. I wondered if maybe the AgileBits web site would have a way for me to be able to sign in with my account and have access to the license keys I had purchased with it, but, no such thing. (I'd like to request this for the future, though!) I could have brought my 1PW license key from home to work on a flash drive, but I was determined to find a more immediate way.

• I actually wasn't brought to the "Your Order" purchase window at any point. Maybe in all my flailing around I had managed to get my license key added to 1PW before I got there.

• I had previously been running 1Password 6 on my work Mac, and previously ... I may have been using version 4? Or I might have downloaded the Mac App Store version? I don't remember what might have been on this Mac; all I know if that for the past few years I've been using the version downloaded from your web site. It might be helpful if 1Password (either automatically, or through some 'verbose' option) would specifically show me a list of all the old data it sees on the computer, and would let me choose which data to use.

• The "1Password 6" import doesn't work for me - even now, with 1PW 7 up and running. I go to File -> Import... and select the "1Password 6" radio button, and then I see an "Import info:" pulldown menu that's empty (no text in it, and no options when I click it) and a disabled "Choose File..." button. If I select the "1Password Keychain" radio button, then "Import info:" correctly shows me "Primary".

You do make a great case for having a 1Password account ... but still, I like owning my software instead of regularly paying a license fee (even though I purchased Mac and Windows licenses for a lot more than the 1PW account would have cost), and I prefer knowing exactly where the files are and being able to sync them through a means that's not affiliated with AgileBits - nothing personal; I just feel it makes me less of a target were AB ever to get hacked. I may come around someday, but this is another discussion for another time. :smile:

Lars

@bkendig - regarding importing of data from previous versions, unless something is unusual with your specific setup, I've never seen such a thing before. If you're willing to create a diagnostics report from your Mac, I'd be happy to take a look to see what might have happened:

Sending Diagnostics Reports (Mac)

Attach the diagnostics to an email message addressed to support+forum@agilebits.com.

With your email please include:

• A link to this thread: https://discussions.agilebits.com/discussion/93266/feedback-on-getting-my-1pw-standalone-license-onto-another-mac-a-difficult-challenge#latest
• Your forum username: @bkendig

That way we can "connect the dots" when we see your diagnostics in our inbox.

You should receive an automated reply from our BitBot assistant with a Support ID number.  Please post that number here so we can track down the diagnostics and ensure that this issue is dealt with quickly. :)

I wondered if maybe the AgileBits web site would have a way for me to be able to sign in with my account and have access to the license keys I had purchased with it, but, no such thing. (I'd like to request this for the future, though!)

For a number of years, we sold our own standalone license directly via our own website/store (and we do continue to maintain those records for holders of older licenses). But because the vast majority of new customers (and everyone is a new customer in terms of version 7, unless they purchased version 6 very recently) are choosing 1password.com memberships instead of standalone licensing, we elected to use FastSpring as our license reseller, which means we don't have a way to directly allow lookups of licenses on our own website. I'll willingly agree your situation makes that an unfortunate issue...but your situation is also significantly unusual (license instead of membership, not using same iCloud account on second Mac, no access to email account used to purchase license on second Mac). In such a case, USB flash would've likely been among your best methods.

The "1Password 6" import doesn't work for me - even now, with 1PW 7 up and running. I go to File -> Import... and select the "1Password 6" radio button, and then I see an "Import info:" pulldown menu that's empty (no text in it, and no options when I click it) and a disabled "Choose File..." button.

The location of your actual SQLite database file is as follows:

1. 1Password for Mac 4-6, from AgileBits - ~/Library/Application Support/1Password 4/Data/OnePassword.sqlite
2. 1Password for Mac 4-6, from the Mac App Store - ~/Library/Containers/2BUA8C4S2C.com.agilebits.onepassword-osx-helper/Data/Library/Data/OnePassword.sqlite
3. 1Password 7 for Mac from Mac App Store OR AgileBits - ~/Library/Group Containers/2BUA8C4S2C.com.agilebits/Library/Application Support/1Password/Data/OnePassword.sqlite

When you use the File > Import menu and choose 1Password 6 option, you need to manually select the correct path to the OnePassword.sqlite file. It may not (indeed, likely WILL not, especially if you had both versions installed at one time) pop open the window in the correct place. However, navigating to the correct location should bring in your correct 1Password data from version 6. If you're interested in experimenting with this yourself, but you've already got your older data successfully imported and working in 1Password 7 for Mac, I'd strongly recommend making a backup (File > Backup) before proceeding. But you should be able to verify the above steps work. The other option - which I actually recommend more strongly - is that you send us the diagnostics report I asked for above. To be clear, you don't need to do this if things are working for you correctly now, but without taking a closer look at what might be going on with your work Mac specifically, it's difficult to say what might have happened.

I like owning my software instead of regularly paying a license fee (even though I purchased Mac and Windows licenses for a lot more than the 1PW account would have cost), and I prefer knowing exactly where the files are and being able to sync them through a means that's not affiliated with AgileBits - nothing personal; I just feel it makes me less of a target were AB ever to get hacked. I may come around someday, but this is another discussion for another time. :smile:

Since I take that last sentence to mean you'd prefer not to get deeply into that right now, I'll refrain from offering a lengthier explanation here, and instead offer you a thing or two for further reading, if you'd like. But just briefly, we spend a great deal of thought, effort and money making sure our server instances are as secure as they can be. We use Amazon's AWS service as our hosts, and if there's been a breach of our servers in the time since we launched 1password.com accounts, neither we nor anyone else has heard of or publicly disclosed it -- and it's evaded not just our combined countermeasures but also all our abilities to even notice it. I find that...unlikely.

Nevertheless, it's certainly possible for even the best services to be breached...which is why 1Password has never depended upon security-by-obscurity or on the strength of the defenses of the system on which it's installed/resides. The only thing stored on 1password.com's servers, ever, is your encrypted data -- all en/de-cryption is done locally, on your own device(s). That means, even if someone were to defeat all the defenses we have set up on 1password.com servers, all they could potentially obtain is encrypted data blobs. Because we knew when we launched 1Password.com accounts that we would present a juicier target (at least in theory) for hackers than any individual customer does, we also created 2SKD (Two-Secret Key Derivation), in the form of the Secret Key for all 1password.com accounts. Give that a read to learn how the Secret Key strengthens all 1password.com members' data on our servers. And if you'd like a truly deep dive into how we keep 1password.com members data both secure and private, feel free (encouraged, even!) to have a look at our 1password.com security white paper.