1PW7 always suggests creditcards and an identity
Not sure if this is a bug, or an "improvement" in v7, but in Safari 11.1.2, using 1PW7.1.1, Safari extension v4.7.2, I'm always being suggested 1 identity and all my creditcards (duh!), no matter what website I'm currently visiting. Is this expected behavior? I hope not, because I don't want 1PW to accidentally puke my creditcard details in a webform.
To be clear, when I invoke 1Password "Mini" (which, as others have mentioned, is not so "mini" anymore), now having learnt a new keyboard shortcut because 1PW7 hijacks cmd\ system wide (sigh), then the "Suggested items" category is active, and I get these completely off suggestions. I'm not happy with this, as you can imagine. I also have serious doubts that I want to see categories here (and I'm not alone in this).
I see a lot of negative user feedback on these forums, and as far as I can see 1PW7 has not been received that well with existing customers. I wish I was one of the people cheering for AgileBits, but I'm not. I'm a 1PW user since v3 and have been succesfully promoting 1PW with family, friends and clients over the last six years. I even donated a number of licenses to people who found the purchase cost of a 1PW license too steep, but wanted them to get serious with their online security. For the first time though, I feel that AgileBits is making weird decisions that don't deserve much praise. The UI is starting to fall apart (when was it ever a good idea to have a "Save" button on the top left of a window?), and the push for the 1password.com subscription is bordering on annoying/offensive (enough has been said about how the standalone license option is so difficult to find).
I fully understand that you have/want to move your product forward, but some of the UI changes are just hard to understand/counter productive. It seems as if time is spent on features I cannot imagine someone actually requested. OTOH, my longstanding request to have 1PW to better match the URL on the same domain name* did not get any attention. Instead, I'm only getting more (nonsensical) suggestions, not less.
- as a developer I often have many different logins on domain names I'm working on, e.g. domain.com/admin, domain.com/login, staging.domain.com/login, but instead of suggesting me the correct one on the URL I've typed, 1PW always suggest me all options and I have to always make a choice. Not good.
1Password Version: 7.1.1
Extension Version: 4.7.2
OS Version: 0.13.6 (17G65)
Sync Type: iCloud
Comments
-
@Karel - First things first: 1Password can't fill credit card or identity items if the appropriate fields don't exist (so, your credit card number wouldn't be filled into a username field, for example). More importantly, 1Password will never fill credit card or identity data unless you explicitly direct it to do so.
I'm a 1PW user since v3 and have been succesfully promoting 1PW with family, friends and clients over the last six years.
Thank you. :) We've got a special place in our hearts for people like you who've been with us the longest. You longer-time users have in many cases literally been what has allowed 1Password to grow into what it is today. Thank you for being one of them, and spreading the word about 1Password.
Regarding user feedback, this forum is (one of) the place(s) where we actively solicit it, so it's kind of expected that there'd be plenty of it here. ;) As far as the overall trend of it being "negative," my experience as both a consumer and a support representative is that people who have a problem/issue and who are seeking a resolution/answer/change tend to be more common than posts like this one. Humans in general are just a lot less likely to take their time to simply to say "great job!" than they are if they don't like something. But we do get plenty of both, in not just this venue but several others as well, like Twitter, Facebook and direct email.
I couldn't begin to give you an accurate idea of what specific percentage of total users are satisfied OR dissatisfied with 1Password 7 for Mac, for several reasons, not the least of which being: with the Mac App Store, we really have no idea who our customers are or how long they've been with us. And again, it's the people who have issues/problems who will tend to be the ones doing the lion's share of the speaking up, not the ones who are happy or at least satisfied. But even beyond that, with the size of 1Password's user-base now, even a couple of dozen "me-toos" chiming in about being upset about this or that change is a drop in the bucket of the total user base and thus not really indicative of any larger trend beyond a couple of dozen people being upset about something.
My point here is that I wouldn't take a casual read-through of the feedback in this forum as too accurate a measure of overall user sentiment. it's not a perfect analogy, but much like an electronics repair shop, (nearly) 100% of the people who come through the door have something wrong with their individual setup -- or at least something they don't like. And that's OK -- we want to hear from all of our users (if we didn't, we wouldn't maintain this public forum). Feedback from people in "the real world" has been an invaluable part of the development path of 1Password over the years, and it continues to be. But forum posters having issues with the changes in an upgrade doesn't mean nearly 100% of the users don't like 1Password. We wouldn't be in business long if that were the case. :)
I'm genuinely sorry you're less than enthused about 1Password 7. Maybe this doesn't need explicit articulation, but we never want to disappoint users -- any of them -- and we're sorry when we do. Especially with our long-time users. But the newer users coming through our doors are significantly different than the kinds of people we saw back when you jumped on board. Back in the 2010 (and earlier!) days, the people we saw were almost exclusively like you: highly technically skilled, up on terminology, comfortable running betas and trying new things out. Familiar with the command line. Often developers or tech workers themselves. In other words: exactly the kind of people who'd be eager to jump on board a cool new way to use cryptography to increase their online security.
Fast-forward just a few years, and all that (forgive the term) low-hanging fruit is already gone. The technorati have already jumped on board with 1Password (or possibly a competitor), and now the people coming to us for increased security are people with significantly less computer skills/backgrounds. They want - even need - things to "just work," and offering too many preferences/check-boxes/flyout menus/obscure-sounding options will only confuse, if not repel, them. But we believe they deserve good security too. So as the demographics of our userbase changes, 1Password has changed as well. These days, due to just the size of the user base as well as the different wants/needs of different types of users, we often get diametrically opposed user requests, literally. Sometimes in the same day. So, no matter what choices we make, we're going to wind up disappointing somebody.
But we've noticed something interesting about the glowingly positive posts like the one I linked to above -- they're almost always from newer users; people who don't have preconceived notions about the way 1Password "ought to" work or "has always worked." In other words, they're people who are either coming to 1Password from other password managers, or perhaps coming to password management itself for the first time. These newer users are finding 1Password easy and intuitive to use on the whole, which is exactly what we strive for. We freely admit we don't always hit the mark, which is why critical feedback is so valuable to us in general. But by contrast, most of the negative feedback we hear is some version of "I don't like this new thing, change it back to how it used to be," from longer-term, more-technical users who've grown accustomed to a certain way of doing things, a certain workflow.
Your specific concern about having the search and Suggested Items functions better match multiple similar domain names falls into this very area: it's something we'd like to fine-tune as well, and still hope to do in an upcoming release. But as the current releases have gone out, it's been a lower priority than some of the things that have been addressed, mostly because few ordinary users of 1Password have multiple logins for several domains. That's not to say it isn't a priority at all for us, just that (as you know, since you're a developer) limited developer-hours means that saying yes to doing one thing means at least one other thing doesn't get attention, and when balanced against everything else on our plates, this hasn't made the cut yet. Please keep an eye on release notes in future updates, and include beta builds in your update checks, if you'd like the newest features faster. Thanks for being a long-time 1Password user, and for taking the time to share your thoughts with us here.
0 -
Lars, thanks for your detailed reply. It helped me to understand why 1PW evolves the way it does. I'm not sure I agree with you that 1PW has become easier to use for less tech-savvy users though.
While typing this reply it suddenly struck me where you want 1Password to be heading. Instead of being mainly "just a browser add-on" (with a super classy application to allow for organizing your entries), you want it to take the spotlight and be there for users, at all times, with all the information they "need". That's why the elegant, compact and focused 1PW fly-out menu on the browser buttons has been replaced with a much bigger "in your face" window that now shows you a lot of irrelevant information (like categories, creditcards, identities). And that's why the default keyboard shortcut has been changed to function system-wide, instead of only when a browser has focus.
Paired with the information on Apple's "Password AutoFill" API in iOS 12, I understand that 1Password now has a chance to indeed become more than "just a browser add-on". But on the Mac, where I use 1PW the most, things have gotten just more crippled now. In my view, you have managed to make it less intuitive how 1PW works, especially for new users.
You see, in a browser, 1PW can autofill stored details of websites. I have explained how this works to new users dozens of times. It was like this from the start, and in earlier days 1PW Mini even only showed itself when a browser had focus (no menubar option). Skip forward to 1PW7, where now 1Password has gotten system-wide presence. Now when an application other than a browser has focus, 1Password suddenly lost its superpower to autofill. It even lost its superpower to show relevant suggestions (iTunes and App Store aside). Instead of superpower, it has now become super inconsistent. Instead of autofilling stuff for you, you now have to copy-paste whatever you need. And it gets worse, because depending on what category you've chosen, you sometimes have to click on a tiny arrow on the right side of a listed item to get to the actual details that were stored (Logins, Passwords). Copy-pasting in those cases comes with an extra step. I hope I don't ever have to explain that to new users.Of course, chances are likely that in time, Apple will make the Password Autofill API available in macOS, and then things will become more interesting for 1Password. Until then, I cannot agree with you that 1PW has become easier to use. Far from it.
But despite AgileBits' current success, I can see why you're scrambling to "improve" the application. There's competition from other vendors, many offering a similar product for a lower price. And hearing and reading that iCloud Keychain can already do 95% of what 1PW can do doesn't make for a comfortable position to lean back and see how things pan out. I understand that.
So I guess I just have to take a deep breath and accept the reality that 1Password has changed from a nifty nimble browser add-on to... well, whatever it is now. I just have to accept that it's now more oriented to "the masses", whatever that may mean...
My initial question remains unanswered though: why is 1PW7 "suggesting" me all my creditcards and an identity at all times whenever a browser has focus? These "suggestions" aren't there when other applications have focus, and when I'm looking to fill out credentials on a webpage I'd rather see less and (thus) more focused suggestions than more, irrelevant ones. So is this a bug or a feature?
0 -
I wonder on what occasions you fill identities or credit cards? For me, I fill one or the other sufficiently often that I am glad to have them available in the Mini window. Having to call them explicitly would be a hassle.
0 -
Showing credit cards and identities as suggestions for all sites is a feature. Because these items have the potential to be filled on any website they appear for all of them. You may not do much purchasing online but for some people, as danco alluded, that is one of the primary things they do with their computer.
It may be totally valid to say that 1Password’s evolution has not benefited your individual workflow, and that may be a fair analysis. But to conclude that 1Password hasn’t evolved into a more accessible offering from a technical know-how standpoint doesn’t seem to have any grounding in reality. The product used to be called 1Passwd (a name only the very tech-savvy would grok) and you practically had to be a wizard in order to get the only syncing, via .Mac / MobileMe, to work properly. It was still the best password manager available on Mac at the time, in my opinion. Rose colored glasses aside I don’t think there is any comparison in terms of usability for less tech-savvy folks between old 1Passwd and modern 1Password. When I started using it I couldn’t recommend 1Passwd to my family. Now I recommend 1Password without hesitation. Does there continue to be room for further improvement? Absolutely; of course.
I’m not sure how making access to your login information for apps more readily available makes 1Password feel more crippled to you, but I’m sorry that it does. It has the capability to show suggestions for any app, but it does require either that we add a mapping to 1Password from the app’s URL to its bundle ID. We’re continuing to improve this situation and hope to have support for many more apps for this feature in the future. As there is no API for filling in apps on macOS the best we can do at the moment is make this information more convenient to access and copy+paste. If an API becomes available that would allow for filling we’d certainly be interested in taking a close look at that.
Our desire to continually improve 1Password isn’t new: look at our release history for evidence. 1Password (even in the 1Passwd days) has always enjoyed a fair amount of success, but we recognize that there is room for improvement and refinement. If there weren’t we could all retire or move on to other projects. It has been a goal of ours from the beginning to build the best password management system available and we continue to do that.
If you take a look at iCloud Keychain for yourself you’ll find that 95% percentage, if judged objectively, to be much lower than stated. iCloud keychain is great as a basic single ecosystem password management system. It doesn’t have even half of the categories, browser, or OS support of 1Password. It may be adequite for your needs though, and not to mention free (comes with Apple devices), so you may find it to be a better solution for you. If you do I’d absolutely encourage you to use it. There is a certain Apple-esque elegance to it, which makes sense since Apple wrote it. We want people to choose to continue to use 1Password because it continues to prove itself as the best solution for them, not because they feel locked in. Whatever direction you choose to go in I hope you’re able to find a password management solution that you’re comfortable with and confident in whether that is 1Password or otherwise.
Ben
0 -
@Ben (and @danco) Thanks for your insights. You wrote: "You may not do much purchasing online...". But I do, a lot (way too much actually ;-) But who fills out creditcard details in web forms these days? I don't. It's a thing of the past as far as I'm concerned. But this may be a Europe vs. US development. With so many security breaches, I hardly ever leave my creditcard details at an online retailer's outfit. Both my business and personal creditcards have been paired to PayPal accounts, and it's usually much easier (and IMO safer) to checkout through PayPal than to fill out all the creditcard details (I have never actually done this automatically through 1PW, as I'm not sure why it would work with so many differently coded webforms). As an added bonus: when a creditcard expires, I only have to update it in one place.
You wrote: "I’m not sure how making access to your login information for apps more readily available makes 1Password feel more crippled to you". Well, I was hoping that had come through, but I guess it didn't. With a few hundred entries in my vault, what I really appreciate is 1PW will slim down the suggestions for me. If it wouldn't, then it would be a nightmare to work with 1PW for sure. But now, since v7 I actually get more instead of less (what I've been requesting for a few years) suggestions in the applications where 1PW offers the most value: web browsers. I don't want to see my creditcards and identities on every website I need to fill out stuff. This wasn't the case in v6 and earlier. So yes, this is a step down from my perspective. Less is really more in this case...
Regarding iCloud Keychain: just to be sure, I'm not an iCloud Keychain advocate. As a long term 1PW user it's actually quite the opposite. So far, iCloud Keychain for me is just a case of "too little too late". But this may change, of course. It all depends on what Apple is going to do.
0 -
way too much actually
Ha! I know exactly what you mean. ;) Amazon loves me.
But who fills out creditcard details in web forms these days? I don't. It's a thing of the past as far as I'm concerned. But this may be a Europe vs. US development. With so many security breaches, I hardly ever leave my creditcard details at an online retailer's outfit.
I think perhaps less North American businesses accept PayPal that European ones. It certainly isn’t my experience that PayPal is universally accepted... I’d say perhaps only about 25-50% of my online purchases could go through PayPal. 1Password memberships don’t take PayPal (a credit card has to be entered), though we do accept it for gift card purchases. But you’re right: it does seem to be less common to fill credit card info into a site, particularly with the uptick in merchants accepting Apple Pay. I still frequently fill identities for shipping info, though. In any event we may be getting further from the core of the issue than closer, so I digress.
With a few hundred entries in my vault, what I really appreciate is 1PW will slim down the suggestions for me. If it wouldn't, then it would be a nightmare to work with 1PW for sure. But now, since v7 I actually get more instead of less (what I've been requesting for a few years) suggestions in the applications where 1PW offers the most value: web browsers. I don't want to see my creditcards and identities on every website I need to fill out stuff. This wasn't the case in v6 and earlier. So yes, this is a step down from my perspective. Less is really more in this case...
It was the case in v6, though it was displayed a little differently:
In v7 more relevant items such as any login items for the site you’re on will still be listed above things like credit cards and identities. While there has been a fair amount of feedback regarding the new 1Password Mini (both positive and critical) I don’t recall much if any other critical feeback about this particular change. I don’t suspect this will change in v7, but it’ll certainly be worth evaluating the effacacy of continuing it for v8 and further and we’ll continue to listen to feedback folks provide about the information presented by 1Password Mini. Thanks for taking the time to share your perspective.
Ben
0 -
@Karel I'm wondering if there is a significant difference between UK and US sites, as to me your arguments seem completely back to front.
It's precisely because I don't want to have my credit card details stored at a retailer's site that I want 1PW to fill in details easily. Most sites that I use do not store credit card details once the purchase has been made (though some offer to store them, and I always refuse). And again, since the details are not stored on sites, I only have to change within 1PW. That said, a few sites insist on storing details, but whenever possible I go in to my account and delete the credit card details afterwards.
Also, there is one great advantage of credit cards over PayPal. If there is any dispute with a retailer, the credit card companies are on your side, and in fact are legally liable if you can prove there is a problem. For that reason, credit cards are generally regarded as the safest way to pay, provided the card details aren't stored.
0 -
@Ben You wrote "It was the case in v6, though it was displayed a little differently". I'd say quite differently:
1PW6 did not show irrelevant suggestions unless you clicked on the categories explicitly. 1PW7 on the other hand, does show irrelevant suggestions, claiming valuable screen space and just being a distraction. It seems it's really hard for me to get my point across. Are we not seeing the same things happening? Is this a bug afterall?
@danco who wrote: "It's precisely because I don't want to have my credit card details stored at a retailer's site that I want 1PW to fill in details easily". Transmitting creditcard details is a risk, so I don't do it. And how do you know the retailer doesn't store the creditcard details afterall? To be sure, I just don't give them my creditcard details.
"Also, there is one great advantage of credit cards over PayPal". Ever hear of "PayPal Buyer Protection"? In case of a dispute I'd rather deal with PayPal than with a creditcard company, any time. But as Ben pointed out, this is not relevant to the discussion.0 -
Not a bug. Working as intended, and how it’ll likely continue to work at least for v7. They may be irrelevant to you, but that certainly is not universally the case. If they are irrelevant you may want to consider setting them to not show in the browser (edit them and set the “display” value to “never”) or removing them from 1Password entirely.
Thanks.
Ben
0 -
I agree with @Karel that a discussion of what is best practice isn't strictly relevant to 1PW.
But what feels best for me is to use 1PW to fill in credit cards and my address and phone number. Losing the option to do that easily from within 1PW would be a great step backwards as far as I am concerned.
Basically, YMMV or "horses for courses" applies.
0 -
Totally. And fortunately 1Password is flexible enough that we can use those functions only when we want to. Saves me a lot of hassle though when I do. Cheers! :)
0
