IOS 12

williewonder
williewonder
Community Member

I got a new iphone. The transfer of the V6 data and software didn't work. V6 not in app store and app update downloaded V7 with supposedly 30 days free. The first thing it did was create a login. Can I have the "membership" without having the data in your cloud?

I do not want the data to be in your cloud. Where is my data now? How do I view the vault on the iphone?

It appears possible to buy a standalone V7, but not through App Store. If this is done does it work on both a Mac and iphone?

FYI - There is only one app I've found where the IOS 12 login fill in works; and to use it you have to click on a panel below the logon screen. Is this working as designed? I wouldn't really call this "automatic", it's more like avoiding cut and paste but not fluid.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    I got a new iphone. The transfer of the V6 data and software didn't work. V6 not in app store and app update downloaded V7 with supposedly 30 days free. The first thing it did was create a login. Can I have the "membership" without having the data in your cloud?

    @williewonder: You can use a 1Password membership and store your encrypted data in a local vault, not in the "cloud"...but then how are you going to sync your data?

    I do not want the data to be in your cloud. Where is my data now? How do I view the vault on the iphone?

    Can you tell me why? You'd be giving up many of the benefits you'd be paying for with the membership. Either way, you can view your data in the 1Password app. The issue is how are you going to access it on other devices?

    It appears possible to buy a standalone V7, but not through App Store. If this is done does it work on both a Mac and iphone?

    No. Without a membership, each version is a separate purchase.

    FYI - There is only one app I've found where the IOS 12 login fill in works; and to use it you have to click on a panel below the logon screen. Is this working as designed? I wouldn't really call this "automatic", it's more like avoiding cut and paste but not fluid.

    This is how you enable and use the new iOS 12 Password Autofill feature:

    Use 1Password to fill and save on your iPhone and iPad

    That will work for you in Safari "out of the box". But individual apps need to support it for you to be able to use autofill in them. There isn't anything we -- or Apple -- can do about that, but I suspect in time more will add support for it.

  • williewonder
    williewonder
    Community Member

    In answer to your question why I wouldn't want my password data in the cloud: It seems like once a month there is notification that some site has been hacked and passwords and data stolen. Other problems involved hackers managing to guess pass phases or questions and get access. And there is some question whether SMS second level authentication is really that secure now. It seems avoiding the cloud makes sense to me, given the lack of consistent security. At this point, I've certainly no longer confident in any on line security. I admit, the cloud could be really good and I would like its advantages. I would also enjoy the internet without spam, without hacking, without phishing, with email that works etc. However, it's pretty clear those things are not likely to occur given the current acceptance of the hacking, and that doesn't even get in to the dark web stuff going on.

    So, long answer to your question, but the short answer could be summarize as lack of trust and fear.

  • williewonder
    williewonder
    Community Member

    Your answer implies the trial version I have from the App Store has put the password vault in the cloud. Is this correct? If so how do I get it out of the cloud?

  • AGAlumB
    AGAlumB
    1Password Alumni

    In answer to your question why I wouldn't want my password data in the cloud: It seems like once a month there is notification that some site has been hacked and passwords and data stolen.

    @williewonder: Thank you. I understand completely. I had my personal information stolen in that high profile Equifax breach a while back, and yesterday I learned that I am probably also among those affected by a USPS website vulnerability...which I guess pales in comparison to the first, but man I could do without either. At this point, I just sort of feel powerless with regard to those, since the cat's out of the bag and can't be put back in: a lot of my private (or, what once was) stuff is just out there now. So I get where you're coming from.

    Fortunately 1Password works very, very differently. While most websites store users' account credentials on the server, with 1Password.com, they're never even sent to us. This was really important to us from the beginning when designing it, because we are terrified of being in a position where we could be used to get to our customers' data. Many websites also store users' data unencrypted; and even when they store it encrypted, if the "keys" to decrypt it are also there, it sort of doesn't matter.

    So with 1Password.com, we've designed things so all data is encrypted locally on the user's device using "keys" only they have -- a chosen Master Password, and a random 128-bit Secret Key, only the encrypted data is sent to and stored on the server, and the "keys" to the data are never sent; so even if someone manages to break into our server, they will not have the means of accessing anyone's data, just as we do not. Even though 1Password cannot prevent other websites from using poor security, it's pretty empowering to know that anything we -- ourselves and our customers -- put there is safe.

    And in light of the steady stream of website breaches these past few years, our decision takes on a whole new significance, as we're all constantly, painfully aware of the consequences of doing otherwise. You can find more details about how all of this works in our security white paper, and we're here if you have any questions.

    Other problems involved hackers managing to guess pass phases or questions and get access. And there is some question whether SMS second level authentication is really that secure now. It seems avoiding the cloud makes sense to me, given the lack of consistent security. At this point, I've certainly no longer confident in any on line security. I admit, the cloud could be really good and I would like its advantages. I would also enjoy the internet without spam, without hacking, without phishing, with email that works etc. However, it's pretty clear those things are not likely to occur given the current acceptance of the hacking, and that doesn't even get in to the dark web stuff going on. So, long answer to your question, but the short answer could be summarize as lack of trust and fear.

    No kidding. There's just so much to worry about. I just spent part of my afternoon fighting the good fight against spam (it used to be an all-Saturday ritual for me, but filtering is getting pretty good), so I'm right there with you. And it definitely seems like phishing attacks are on the rise. But while 1Password can't stop all the bad stuff happening out there in the web, having that as one thing I can really depend on means a lot to me. As long as I don't give out my Master Password, everything in my account is secure. And every time you use 1Password to save and fill logins, that does protect you from phishing scams, since it will only fill at the URL you have saved in the login. I think a healthy level of skepticism -- "lack of trust and fear" -- is valuable online. 1Password helps me not stress out about it as much though. After all, even if I do something stupid like paste a password into the wrong website and fall for a phishing scam, that will not affect 1Password, or any of the other accounts I have saved in it, since I'm using unique passwords for each of them. So every bit helps. :)

    Your answer implies the trial version I have from the App Store has put the password vault in the cloud. Is this correct? If so how do I get it out of the cloud?

    If you signed up for a trial membership, then yes, the encrypted data is stored in your account on the server. You'd need to store it in a standalone (local) vault and use it without an account otherwise, and that has its own challenges: you'd need to sync the data yourself using a 3rd party, and you'd have no backup unless you backup your data yourself. So that's not a route we recommend at this point, since there is really no upside, only downsides. Let me know what you think.

This discussion has been closed.