The inherent inadequacy of this extension on Linux

Bit of a click-bait title, and it pains me to be a Negative Nancy, but the intent is to draw attention, so here goes.

The Good

I will start by saying that this extension makes using 1Password on Linux viable to some extent. Considering where we came from, i.e having to run 1Password 4 under Wine, this is an upgrade.

Now I don't know about anyone else, but I primarily use 1Password on macOS, with the occasional Android/Windows one-offs. Considering AgileBits started offering 1Password in the Apple ecosystem, and by now with multiple releases, it is a fairly mature piece of software. And it shows. Using it on macOS is just a very pleasant experience, for simple and power users alike.

For me, the absolute most important thing is how much time is spent from the "need of password" till the "password where it should be" states. I'm trying to extract the most convenience out of the security I have. My current workflows (in order of time spent) are:

  1. Filling in browser. This is almost always one Cmd-\ away, so it's the fastest of them all.
  2. Pasting in any other context (App, Terminal). This is a big one, because of 1Password Mini. Why? Because it's entirely keyboard driven. It's a. Opt-Cmd-\ b. Search c. Left and d. Enter, and the password is in my clipboard, one Cmd-V away.
  3. Creating logins for web pages. Here again, 1Password mini shines. Invoking it and generating a password automatically autofills it in the page's password fields, and when you submit the form you get a dialog for creating a Login, which is one click.
  4. Creating a login/password for something else. Usually have to start the App for this, which is somewhat involved, but these cases are far between.

Two crucial features are a. How 1Password automatically removes a password from the clipboard after copying and how 1Password locks. The default IIRC is after 3 minutes of system inactivity, which is near perfect.

The Bad

With this established baseline, let's see how these workflows fare on Linux. I've been using the extension for about two-weeks, on a fresh Arch Linux install, running GNOME as my desktop environment.

  1. This is mostly unaffected, especially with 0.9's inline filling menu. Another alternative would be to set a key binding (in my case {Alt,Ctrl}-\ were unavailable, I guess Chrome(ium) limits what keys you can use).
  2. This is a deal breaker. Every time I have to change context (the extension cannot be globally invoked) to the Chrome window (which might be in another workspace) the slothful me starts protesting. Then I have to invoke the extension, search and click the copy button (can't navigate to the copy button via keyboard!)
  3. and 4. take equal amounts of time considering there is no automatic login save functionality.

On top of this, the copied passwords are not cleared from the clipboard after a set amount of time, and the extension locks itself while the browser is idle, instead of the system.

All in all, purely by comparison to the macOS equivalent, it is inconvenient to use the Chrome extension in Linux.

The Ugly

I imagine the issues above could be fixed with varying degree of success. The keyboard navigation should be the most straightforward to implement. However other things cannot be solved because of the environment constraints (that is Chrome).

This is just my opinion, but I don't think this extension is a viable solution to supporting Linux, and it may never be considering the limitations imposed by running in a browser (I could be wrong on this). This extension probably works well for Chrome OS, because the OS itself is for lighter usage. But this is not the case with Linux.

Getting an experience that is on some level equivalent to macOS would require an actual app. However this ship may have already sailed, it probably would only happen if instead of making a Windows 10 native app, a cross platform one was made (QT, Electron, or pick your poison). Though I'm sure AgileBits had their reasons not to go this route.

From where I stand the only viable alternative will be a "native" third party 1Password client following the release of an aforementioned API. The API sounds like it might be a way off, and this client is simply a figment of my imagination :)

The End

Just my wall-of-text pence worth. Now that I read it again it has a touch of a negative tone, I just want to say that I very much appreciate all the work that you've done on this, but that I also stand by what I've said.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @looselyrigorous: Haha thanks for the kind words! Save the best for last? :lol:

    Now, while I don't think it's fair to hold the new extension to the standard of a native app with years of development behind it, I couldn't agree more that there's plenty of room for improvement, and that we want to push it to the limit of what it can do. So thank you for this constructive criticism — and humour. ;)

    I think these are (mostly — browser constraints, as you point out) areas where we can do something to help with your pain points. I don't think our goal with this, targeted at being a way for ChromeOS and Linux (and, really, anyone else who can use a Chrome extension) users to access 1Password.com accounts, is quite aligned with your use case and expectations, but we'll see what we can do to win you over...and you should really check out the CLI beta — it sounds like that might be more up your alley:

    Announcing the 1Password command-line tool public beta

    I'm not trying to get you to ditch the beta extension though: please continue using it, and providing just this kind of feedback! Others are really enjoying this extension, so I'm not sure I'd go so far as to say it isn't viable, just not what you had in mind. And I think, actually, from your comments, that it can have a place in your workflow, especially as we continue to make it more robust, but that the CLI app may fill another need in your workflow — especially as a Linux power user. Definitely check it out and let us know what you think! :)

  • haraldwithtwoehs
    haraldwithtwoehs
    Community Member

    I (finally) switched to 1Password when this extension entered Beta, after years of being annoyed with [redacted competitor]. This is a solution that plays nicely across all platforms for the majority of my uses (signing into websites).

    FWIW I don't know of any [redacted competitors] that offer the functionality you're looking for...

  • looselyrigorous
    looselyrigorous
    Community Member

    @haraldwithtwoehs Be that as it may, I am neither comparing nor addressing other password managers. This has to do with my expectations and thoughts about this effort. While, as mentioned in the title, it's my opinion that the limitations imposed by the browser may make this implementation of 1Password inadequate in the long run, the effort is absolutely worthwhile. And indeed as you say, as long as you stay within the confines of the browser, it's a fairly consistent experience.

    Thanks @brenty for being such a good sport. I am in agreement with you, this extension should not be unfairly held to the standard of the macOS app. And believe me you, I am trying to warm up to it, fair to say it is pretty much all I have. The alternative would be to ditch the cloud service and go back to the Mac/Windows+Wine apps. Yucky.

    As my first post indicated, being able to navigate the entire menu by keyboard would be a pretty substantial change. I would consider the macOS 1Password Mini as the benchmark when implementing this. Emulating all the behaviours/quirks it has would make the overall experience more consistent.

    Being able to invoke a detached version of the extension via a global hotkey would be amazing. Essentially a global 1Pw Mini. Global hotkeys are possible on Desktop Chrome (but not Chrome OS), however a floating extension window on Chrome, I have no idea. I suppose this may have already been tried.

    These two changes would make the extension far more useful when operated outside of the browser context.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Great points all around, I say. :chuffed:

    And I think it's worth mentioning that 1Password for Mac, being our longest-lived product, really does serve as a benchmark for us as well. You can see this in the 1Password.com web interface, which, while we've been iterating on the interface, has takes a lot of cues from the native Mac app. But, much like this new extension, the web interface is limited in some ways because of the browser environment. We want consistency too though, so we'll see what we can do to improve that here.

    We're going to continue to push harder in both of these directions, and I wouldn't be surprised if we add other options (besides website, Chrome, and CLI) that will work on *nix's in the future as well, especially if more teams sign up and there's a bigger demand there. I like to think of this as a chicken/egg situation. We're starting smaller, but perhaps in time there will be a vitreous cycle with more Linux users choosing 1Password because of these options, and us bringing more options for Linux users in response. This is just the beginning. :)

  • Mitch
    edited October 2017

    Hi @looselyrigorous,

    You make very good points about the limitations of a browser extension. And we're aware, because we run into them every day. I'd kill to have access to a robust list view control with proper keyboard navigation, or the clipboard API, or the "real" system idle timer. In these areas, a native app like 1Password for Mac is and may always be a better experience.

    But I want to address a specific point you made:

    Getting an experience that is on some level equivalent to macOS would require an actual app.

    I can't speak for everyone at AgileBits. But if I woke up tomorrow with the time and resources to develop a native GTK or QT app for 1Password, I'd still choose to spend my time working on 1Password for Chrome. Why? Because I (and many of us) believe the browser is a critical environment for 1Password — perhaps the most critical. Even on my Mac, I spend most of my time interacting with the 1Password extension, and not the main app.

    1Password for Chrome is a new opportunity for us to really explore what's possible in the browser, since we're building it for users who can't install a main app. This has given us the freedom to develop features like TOTP filling, HTTP authentication dialog support, and the inline filling menu. These are unique behaviours that aren't available anywhere else, even in our most mature native apps.

    So in some ways 1Password for Chrome may always trail the native apps, but in others, it's going to achieve feats that the native apps couldn't dream of. And we're awfully excited about those. Stick with us and I'm sure you'll see why. :)

  • dteare
    edited October 2017

    Mitch summed things up perfectly but I wanted to add a few points:

    • We’re not using browser idle time for autolock. We’re using Chrome’s idle api which gives us access to system idle time. If this isn’t working as expected for you, please open a new thread so we can discuss this in detail.
    • We just published 0.9.4 which has added the ability to save logins and generate passwords from the inline menu. I hope it gets you closer to where you want to be.
    • I planned to get the keyboard navigation completed before the 1.0 release, especially the ability to navigate within the item details. Thank you for the motivation!

    We’re getting there. I want to be there already as much as you but I try to keep reminding myself that Rome wasn’t created in a day. :)

  • Tricon
    Tricon
    Community Member

    I apologize if this is considered a necro post, as this seems to be a conversation relevant to my feelings at this time.

    First, I am an enormous fan of AgileBits and 1Password, having used it since at least 1Password 3.0 on Mac. I have 2x team accounts and a family account in addition to the various versions I've purchased over the years. You are very talented developers and designers, and your community support and attitude are wonderful additions. Thank you for all of the work you've done over the years.

    As I've moved from macOS back to Linux, I must agree with the OP that Linux support has become rather frustrating. This is my biggest gripe:

    Browser solutions are egregiously slow:

    • Hit the hotkey to open 1PX: Wait... load, render.
    • Need to unlock? Enter your password, wait for it to communicate with the server. Wait... load, render.
    • On a VPN? The latency is even worse since everything is "online". In some situations, you may not be able to use 1PX or web at all.
    • Need to edit an item? Hit the hotkey, wait for it to open a tab, load 1P web, probably sign in, wait some more, site begins loading, wait some more, UI begins rendering, wait some more, site finally loads to usable state, just to delete an item or edit a field.
    • Need to fill a password? Open 1PX (more latency) just to select the item; unlike the "fill-in and go" hotkey the macOS version has.
    • Need more advanced functionality, like moving items between accounts or vaults conveniently? Or bulk copy/moving/tagging items? Well now I'm opening a Windows VM because the 1P site doesn't support such things. More latency, more time.

    I completely understand the limitations you are working with, I do. I also understand that 1PX and web are far behind the incredible macOS app that has been in development for years. I also really appreciate seeing that the macOS app is the benchmark in many ways, is your target.

    As it stands, I am grateful that 1PX exists so that I at least have some functionality. Alas, I'm beginning to feel the ever-increasing pain of lost time and productivity.

    Much love,

    David

  • ag_yaron
    ag_yaron
    1Password Alumni

    Hey David,
    Thank you for the additional feedback, although it is a very old thread :chuffed:

    I'm not sure why is 1Password X working so slow for you, the speed of your internet should not affect it as far as I know since it loads things locally first and only then checks our servers for changes. Could it be related to a graphics acceleration issue?

    I would like you to try to install the latest 1Password X beta, which addresses some of the points you've raised (specifically the one about editing an item). The beta will allow you to edit it within the extension and will not open your 1Password.com account in a new tab. You can download it from the Chrome extensions store: https://chrome.google.com/webstore/detail/1password-x-beta-–-passwo/khgocmkkpikpnmmkgmdnfckapcdkgfaf

    Give it a try and let us know if the beta works better for you.

  • Hi @Tricon,

    Thank you so much for the kind words. ❤️ It's always awesome hearing from wonderful fans like yourself. Thank you for all your support over the years – we wouldn't be here without you. 🤗

    I was as surprised to see performance being bad for you as Yaron was. Shortly after this thread was created (nearly two years ago) we added an offline cache within 1Password X so unlock would be much faster and you'd be able to fill without waiting for any of your items to sync.

    It sounds like something is wrong or misconfigured. Perhaps your particular Linux setup is not allowing us to create our offline cache, or perhaps it is being deleted regularly and forcing us to recreate it. I'm not sure yet but I like Yaron's suggestion: grab the latest beta and let's dig from there. It would also help to grab a copy of your background logs so we can see if anything strange is happening.

    Now, with that said, not all of your issues will be addressed by upgrading or fixing the setup. To show what I mean please allow me to go through each of your points in turn:

    Hit the hotkey to open 1PX: Wait... load, render.

    Opening the popup should be near instantaneous. It's actually slower on Mac because of the animation shown in Chromium browsers. This should be fixable once we get to the bottom of what's happening on your machine.

    Need to unlock? Enter your password, wait for it to communicate with the server. Wait... load, render.

    Same. There should be no need to communicate with the server during unlock as long as the offline cache was created successfully and not deleted.

    On a VPN? The latency is even worse since everything is "online". In some situations, you may not be able to use 1PX or web at all.

    Indeed this will be slower when you need to contact the server, but we've done our best to severely limit the number of times you need to actually communicate with the server.

    Need to edit an item?

    Yes! This is damn slow and we need to do better here. The 1Password.com site is great for many things but it was not tuned for this use case. We have plans on how to make this much better.

    Need to fill a password? Open 1PX (more latency) just to select the item; unlike the "fill-in and go" hotkey the macOS version has.

    I'm a little confused here as 1Password X has the inline menu, which I believe is the best filling experience we've ever had. When you come to a login page, 1Password X should show you a menu directly within the page. For example, here's how things look for me when logging into Evernote:

    I can select the login I want and 1Password X fills it immediately. My favourite part is we then automatically fill your password and one-time passwords as well if you have 2FA enabled. You can see this announcement post for a video of this in action.

    The only trick here is the inline menu will only appear when 1Password is unlocked. I wonder, do you see the menu appear once you unlock 1Password and navigate to https://www.evernote.com/Login.action?

    Need more advanced functionality, like moving items between accounts or vaults conveniently? Or bulk copy/moving/tagging items? Well now I'm opening a Windows VM because the 1P site doesn't support such things. More latency, more time.

    You're 100% right on this one as well. These are features we want to make easier to perform directly in 1Password X or from the 1Password.com web site. I'd like to get item editing sorted out in general first, and then dive deeper on how we can make these more advanced features available within 1Password X.

    Long story short: we should be able to fix up the majority of these issues by getting 1Password X working properly on your Linux machine, but two of them will indeed need to wait for some updates to 1Password X itself.

    Thanks again for sharing your experience and giving us a chance to help! ❤️

    ++dave;
    (one of the few who used 1Password longer than you have 😘)

This discussion has been closed.