On WLAN Sync in 1Password 7

13468915

Comments

  • kermit4karate
    kermit4karate
    Community Member

    @Lars Yes, obviously I don't disagree that I already have info in the cloud, but let's get real here. There's a world of difference between a Yelp review about a new ramen place, and my password vault.

    With each of the company's responses, many of which come across as glib, I grow less confident in AgileBits, and whenever companies repeatedly solicit the same feedback they've already received, and create multiple channels encouraging their users to "make their voices heard," while effectively ignoring all of the prior feedback they've already received, it smacks of lip service -- trying to make customers feel like they're being heard, while you're still not listening to them. Again, why not just send out a simple email newsletter to your subscribers explaining WLAN sync and asking how much they'd pay for it as an add-on? If you're really, really interested in answering a specific question, how is a user forum better than that?

    It's not my company, but I think this was a missed opportunity for AgileBits to educate the public on WLAN and local sync in general, who it's right for, who it perhaps isn't right for, but instead the company chose the path of least resistance.

  • jpgoldberg
    jpgoldberg
    1Password Alumni

    It's not my company, but I think this was a missed opportunity for AgileBits to educate the public on WLAN and local sync in general, who it's right for, who it perhaps isn't right for, but instead the company chose the path of least resistance.

    You under-estimate the resistance you, @kermit4karate, and others are providing.

    But more seriously, you are right that we have made a choice, although not a final decisions with respect to WLAN sync. Could we have solved some of the usability problems we face for people who end up with mismatched sync set ups through better presentation of the options? Probably not "solved", but we could have improved things.

    Again, this is a resource allocation decision. We've experimented with and worked on "first run experience" intensively across platforms over the past several years. Now for most apps we pretty much hide the ability to set things up with anything but our service on first run for a new user. This is not something we wanted to do when we were first planning things out. The original idea is that we would run both models side-by-side for as long as it took for people to come round to recognize the superiority of the new way of doing things. That turned out to be a disaster, and led to enormous sync misconfigurations. So now we very very strongly steer people toward just one.

    We've also been working on how to help people to better understand and be able to manage their Secret Key. If you lose your Secret Key you are just as screwed as forgetting your Master Password, but the Secret Key looks like a license code, something that can be reset and doesn't need to be kept secret from us. So working on how this is presented.

    Because those affect far larger number of users, those are the places where working on how to present things and developing new UIs has grabbed our attention. I don't disagree with your assessment that we made a choice and that that choice has not down well for the status of WLAN sync; but that is different than saying that it was the wrong choice.

  • Lars
    Lars
    1Password Alumni

    @kermit4karate

    I don't disagree that I already have info in the cloud, but let's get real here. There's a world of difference between a Yelp review about a new ramen place, and my password vault.

    I think I may not have explained myself very well. I did not mean to suggest that because you left a Yelp review somewhere that you might as well put everything on "the cloud," nor that you were being some kind of hypocrite. That would indeed have been glib. What I was getting at (not very well, apparently) was that during the time you were happily using WLAN sync, there were hundreds of thousands of users (perhaps into the millions, I'm not the keeper of the statistics around here) who were at that same time using either Dropbox or iCloud. And so when we say "we've never had a breach of users' encrypted data," it includes that time period and all those users who have been happily using 3rd party cloud sync solutions with 1Password for years. My point was to say that it isn't as if we've simply ventured off into uncharted and dangerous waters with the introduction of 1password.com accounts. In fact, 1password.com is considerably more secure by virtue of the Secret Key (as well as a few other technologies we deploy server-side) than the more-limited 3rd-party APIs we must use when enabling other cloud sync solutions. But even with those 3rd party solutions, and over those years with this size user-base, we've not had a breach. That speaks to the security of 1Password's design. Sorry if that didn't come across cleanly. :)

  • kermit4karate
    kermit4karate
    Community Member
    edited May 2018

    @Lars I wouldn't expect AgileBits to have suffered a major cloud compromise yet, because if the company had, we wouldn't be here. ;) The company would already be a footnote in history, and those of us in this forum would have moved on to other password managing solutions or products.

    I appreciate you taking the time to reply, but nothing you've said changes the way I feel about 1Password IF the company continues down the path of not providing a WLAN local sync option for Windows in 1Password 7.

    Like I mentioned before, it's not a question of whether I trust your intentions or the company's. I do. What I don't trust is my password vault to your cloud, and I strongly believe that AgileBits is missing an opportunity, and over time a great many customers, by removing WLAN for Windows functionality.

  • AGAlumB
    AGAlumB
    1Password Alumni

    I wouldn't expect AgileBits to have suffered a major cloud compromise yet, because if the company had, we wouldn't be here. ;) The company would already be a footnote in history, and those of us in this forum would have moved on to other password managing solutions or products.

    @kermit4karate: That's a very good point! :lol:

    I appreciate you taking the time to reply, but nothing you've said changes the way I feel about 1Password IF the company continues down the path of not providing a WLAN local sync option for Windows in 1Password 7.

    That's okay. I'm glad you took the time you let us know where you stand. Going back to some of your earlier comments, you made a good logical observation that we might not know how many users want this feature without doing some sort of survey. Nevertheless, there are many good arguments against doing that, the best being that we do not have the email addresses of all 1Password users (not even close), and I don't think it would be right of us to spam all of our users if we did. Those whose email addresses we do have signed up for our newsletter, and sending out an email address to all of them about WLAN Server would also be unwelcome to most, since this is a feature that very few people have used historically, and even fewer have continued using it in recent times.

    But I realize that's not going to be very satisfying. So it's worth considering another angle, especially in light of earlier discussion about cost and making WLAN Server an add-on purchase: with 1Password 7 out without this feature, we'll be hearing from everyone who wants to use WLAN Server in the new app, because it isn't there — either to let us know they won't pay for it because it's missing the feature that's important to them, or because they want a refund for their purchase because of that. That's the best survey ever, because these people are actually there trying to use it, when survey responses rarely translate into real world behaviour.

    Like I mentioned before, it's not a question of whether I trust your intentions or the company's. I do. What I don't trust is my password vault to your cloud, and I strongly believe that AgileBits is missing an opportunity, and over time a great many customers, by removing WLAN for Windows functionality.

    To be clear, we didn't remove this. If the new app had this functionality, it would have been cheaper to just leave it in. But it doesn't. People would have to code it and test it. That's why there's a cost involved, and a question of whether or not it's something we can pull resources away from other requested features and improvements to work on instead. There's an opportunity cost as well, as it means not working on something else.

    And, finally, the security of 1Password.com doesn't depend on good intentions. We simply don't store the keys to anyone's data, only the encrypted data itself. And thanks to SRP, the keys to decrypt it are also never even transmitted to us. If nothing else, I think that's worth looking at just because of the technology involved:

    Developers: How we use SRP, and you can too

    I hope you will. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    I was about to purchase 1Password 7 for Windows (it is a huge step forward usability wise!), but decided to check for support of WLAN sync at the very last moment - it's a shame you don't support it anymore, even though the license cost went up significantly. It means no 1Password 7 for me now and quite likely no 1Password at all going forward. That's really unfortunate. It was a feature that made the application to stand out. Hope you change your mind.

    @SessionType: Thank you for taking the time to share your preferences with us. Definitely sign up for the WLAN Server newsletter if this is something you'd like to see in a future version. I can't make any promises that it will happen, but we're trying to gauge interest. And please let us know what about WLAN Server interests you over other sync methods. Thanks! :)

  • kermit4karate
    kermit4karate
    Community Member

    What has frustrated me in this discussion is that I'm an encountering a "I will never put anything in the cloud" as an absolute dogma instead of thinking about the actual threats and looking at our design with respect to those threats. So while we listen to many of you express why WLAN sync is so important to you, I would like you to examine our system and see what we have done to protect against the threats to having such data in the cloud.>

    @jpgoldberg This may come as a shock to you, but I'm very confident in the new 1Password 7 security model. What I'm not confident in is storing my password vault in your cloud. Period. Call it dogma if you want, but AgileBits is far, far from the first company to present a solid security model, repeatedly pen test it, pass regular security audits, etc., and yet STILL be compromised at some point later.

    The dogma comes from experience. For the reasons others have already mentioned -- your attack surface vs. mine, your attractiveness as a target, your greater risk as an employer with many employees, among other reasons -- I strongly believe that storing my password vault in your cloud carries with it a greater risk of compromise than does storing it on my home network.

    As for something that @Lars, @brenty and other company reps have said, that by releasing 1Password 7 in the way the company has, and waiting to see the feedback on WLAN sync from people who upgrade...you see how flawed that logic is, right? People like me and most of the others in this thread, just as one small example, aren't going to upgrade to 1Password 7 at all. The only way, IMO, that you have to truly gauge the interest with any degree of accuracy is to survey your customers now. This forum won't do it because most of your customers never use it. Waiting until after the fact won't do it either, because you won't know which customers you've lost because they chose to not upgrade.

    If you really want to know how many people want WLAN sync (or something similar) in 1Password 7 -- or, more specifically, want a means to sync across devices that doesn't require them to store their vault in the cloud -- you need to send out a survey to your current customers.

  • Jul
    Jul
    Community Member

    Hello,

    just to be clear and without ambiguity :

    • I'm extremely happy with 1Password 4 (local version) and so is my wife. Because it's simple (I don't understand why you say that WLAN sync is difficult to use. It's not.) and secure (WLAN sync contributes to this security). And this solution respects our data / privacy (best way to follow the GDPR rules is not to have our data at all).
    • We are both agree that we will not switch to 1Password 7 unless the WLAN option is implemented
    • And of course I will not switch to 1Password 7 if price is too high (I read about making the WLAN sync a paid option in the new version)...

    Thanks for reading me, best regards
    Jul

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @Jul! Thanks for taking the time to share your thoughts with us regarding your 1Password use-case and WLAN sync. If you haven't already, definitely sign up for the WLAN Sync newsletter; that's the best way to register your views, and hear about new developments and decisions in this area as soon as they happen.

    1Password 7 standalone licenses are sold per-person and per-platform. That means, if you and your wife each use only Windows PCs, you would need two licenses, one for each of you. If either or both of you uses a Mac and wants to have 1Password available there as well, that would require a separate purchase of the 1Password 7 for Mac license. Both platform's licenses are $64.99.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @kermit4karate: I'll be the first to admit that I didn't articulate it particularly well, but our customers don't live under rocks: people at all interested in a new Windows app know it's out, from out blog, social media, and news sites around the web. And when those people go to get it, those that want WLAN Server will find that it is absent from the new version. That's why we're hearing from some more folks now than we did before the official release. The rest of the people won't notice its absence. People who go to the trouble to install a new app and consider buying it at all are a much more accurate gauge of real interest.

  • kermit4karate
    kermit4karate
    Community Member

    @brenty "People who go to the trouble to install a new app and consider buying it at all are a much more accurate gauge of real interest."

    In some situations, yes, but in this situation, I don't agree at all. With all the PR and the marketing blitz, you guys are quite obviously going to see a lot of sales of 1Password7 in the short term after its release, but it'll take months for things to shake out -- how many current customers aren't upgrading because of no WLAN sync or because of something else, how many people test the new version but cancel shortly thereafter, whether the tech media coverage remains so positive after the affiliates and early adopters are done with the fluff.

    The better way, IMO, both for the company and its customers (like me), to have handled it would have been to survey current customers before deciding to not include WLAN sync in the new version. It would have told you how many customers are interested in it, what they would be willing to pay, and help you figure out back when it still mattered whether to spend the resources on it.

    I suspect we will eventually see email surveys go out about this from the company, but if it doesn't happen soon, it'll be too late. Customers will have moved on, and they're unlikely to come back for a while after this, if ever.

  • exitstrategy
    exitstrategy
    Community Member

    it just seems, they dont want to implement it. All the talk from Agilebits people here. In that time they probably could have coded the WLAN sync already.
    I am really disappointed. i like the App but will look for something else now.
    I just dont understand why they dont listen to their customers and try to impose their cloud solution.
    a lot of security concerned people dont want cloud based vaults.

  • kermit4karate
    kermit4karate
    Community Member

    @brenty @Lars @jpgoldberg OK, one more post and then I'm out until/unless something changes, but what's slowly happening in this thread is what I alluded to earlier regarding the company missing this as an opportunity to educate the public about what WLAN was/is, and how it was the right choice for some users, and the wrong choice for others.

    As more and more people LEARN what WLAN sync was and why it meant so much to a such a vocal niche of mostly techie users, I emphatically believe that more and more people will miss not having it as an option in 1Password 7, even though they didn't care about it before. Every single person I've convinced to go with 1Password over LastPass over the last few years was sold on it because of the fact that they could sync without storing their vault in the cloud.

    I don't think it's that most people prefer a cloud-based solution. I think it's more that they just didn't understand WLAN sync. ;)

    I'm just sayin'. This is why a survey ahead of time would have been a good idea.

  • SessionType
    SessionType
    Community Member

    @brenty I prefer WLAN Sync over other methods because I don't want to depend on any cloud (neither 1Password nor another one). I don't see how increasing my trusted computing base improves my security.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @SessionType: Thanks for letting us know. If your mind is already made up, this may not matter, but 1Password.com is designed so that even a server breach won't expose anyone's data; it's all encrypted locally, and only the user ever has to keys to decrypt it, so that no one can use use us to compromise user data. That's also why the Secret Key exists, to make it infeasible to even perform a brute force attack against users' Master Passwords, as both are needed to decrypt.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @kermit4karate: As I mentioned earlier we can't do that (don't have everyone's email addresses) and wouldn't anyway because it would be unjustifiable to spam all of our customers just to try to reach the few who care about WLAN Server. The Wi-Fi Sync feature was introduced more than a decade ago, so your hopes of of "more and more people" are not going to be fulfilled. On the contrary, every time a newer, less fiddle sync option comes along (Dropbox, iCloud, and now 1Password.com) we see people moving away from WLAN Server. In case you missed it, I've already mentioned to you specifically that Wi-Fi Sync was the only sync option for quite a while in the past. Fewer people are using it now because they didn't want to dal with it in the first place; it was just the best option available at the time. I'm sorry but that's the reality.

  • AGAlumB
    AGAlumB
    1Password Alumni

    it just seems, they dont want to implement it. All the talk from Agilebits people here. In that time they probably could have coded the WLAN sync already.

    @exitstrategy: Not really. If you've been following along you'll see that we've been pretty busy adding a bunch of other features and improvements that many more people have been waiting for.

    I am really disappointed. i like the App but will look for something else now. I just dont understand why they dont listen to their customers and try to impose their cloud solution. a lot of security concerned people dont want cloud based vaults.

    We listen to all of our customers but we can't do everything that everyone wants. As such, we need to focus on the things that offer the most benefit for the greatest number of 1Password users. For now, that isn't WLAN Server. I hope you find what you're looking for.

  • SessionType
    SessionType
    Community Member

    @brenty I'm aware of the design decisions you are referring to, but all the good properties that follow hold only if there are no bugs in the implementation, but bugs do happen. So the new version removes the safer option which makes the product a step back with regard to security of my data. That makes one wonder - why bother spending extra to end up in a worse place?

  • AGAlumB
    AGAlumB
    1Password Alumni

    'm aware of the design decisions you are referring to, but all the good properties that follow hold only if there are no bugs in the implementation, but bugs do happen. So the new version removes the safer option which makes the product a step back with regard to security of my data. That makes one wonder - why bother spending extra to end up in a worse place?

    @SessionType: It's a good theory, but in practice that's simply not the case. While there was a lot of work involved getting all of this setup, the principle is very simple:

    1Password.com doesn't have users' Secret Keys or Master Passwords because they're never sent to 1Password.com.

    We use Secure Remote Password protocol to allow users to login without transmitting these secrets, as a derived verifier is transmitted instead. And this is verifiable (no pun intended), either by you or anyone else:

    How we use SRP, and you can too

    So if that somehow didn't work, others in the development community and independent security researchers would already know that, and we'd have fixed it as a result. Definitely check out the white paper. Fascinating stuff. :)

  • Gerhard87
    Gerhard87
    Community Member

    So, after reading the last two pages, I have to say I am like @dieseldawg familiar with the matter. Both, cloud and local vaults have pros and cons.
    I prefer local vaults as well, I even asked during the beta of 1Password 4 for Windows for an additional password file as security enhancement.
    For casual users, the cloud solution is easier. Advanced user should have the possibilities to decide for them self.
    I think the discussion on the last pages was more focused on security. Let the customer decide. If he wants local vaults or WLAN sync, try to deliver it. If it's a price issue, I agree with the "addon" fee.

    I haven't read all pages, only first post and page 5 and 6, but did anyone ask, if the WLAN sync feature gets removed from the mobile apps anytime soon? I hope not.

    For the support nightmare topic of WLAN sync. Specify on use and exclude the other cases. Clearly state this is an advanced feature. Just an imaginary example, to prevent everyone from clicking on this feature, Only make it visible in the menu if a config value is set to true or 1, then only advanced users or interested user will see it and use it.

    Only one aspect for WLAN sync security topic, I usually only sync all my devices once a month within a 5 min window, so the attack window is very small.

    I would even copy the vault to my mobile using SMB v3 ( encrypted).

    I'm ok with a paid addon or server program or "Pro version" for the WLAN feature. I think the price should not be higher than 20$.

    The need for a local vault copying mechanism to tablets and mobiles is there. In theory, the apps already support it and in an old version the mechanism is integrated, therefore you would not start at zero.

    In the meantime you could reuse the WLAN sync part of version 4 or include a version 4 license in version 7. At the moment I'm using version 4 for WLAN sync and for everything else version 7, but this should only be an interims solution.

    If you still cannot confirm this solution, you could at least say how many people already registered for the newsletter/ feature request
    Lastly, I'm strongly interested in a local sync mechanism!
    Thanks.

  • Malachit
    Malachit
    Community Member

    Dear Ladies and Gents,

    I have read only a couple of posts from page 3 up to 6, but I think we go around in circles with the discussion.
    The Team of AgileBits decided, that they don’t want to implement WLAN Sync for various good reasons. Their business model is subscription with all, easy to use, services. If you have a look on the pricing site, you don’t find a price for a single version to use with local vault. Please don’t understand me in a wrong way, if it was my company, I would do the same!

    On the other hand, we have various users; and I am one of them, that want full control of their data. And we don’t want sensitive data stored in a location we don’t have under control. (Even we think we have our own system under control, but in my opinion we haven’t. But it’s a psychological thing)
    Do I use cloud services? Yes, I do, but only with non-sensitive data. Sensitive data is crypted with Cryptomator or another tool to make sure, that no one can use this data.

    In my opinion @Gerhard87 wrote like it is in reality:
    “Only one aspect for WLAN sync security topic, I usually only sync all my devices once a month within a 5 min window, so the attack window is very small.
    I would even copy the vault to my mobile using SMB v3 ( encrypted).
    I'm ok with a paid addon or server program or "Pro version" for the WLAN feature. I think the price should not be higher than 20$.“

    And I would go a little bit further (for the “old fashioned” guys). I don’t need a version that may support server vaults. This is not my approach to use this kind of program and data storage. For me an only single vault version with only WLAN sync would fit.

    But I can arrange myself with a "addon" or “Pro version”, that costs some extra money.

    Sorry, if you maybe offended by this direct statement in a “German style”, but it is like @chasty wrote on page 3.

    „Now I was very pleased that 1PW 7 is again offered with a single license for purchase, (And I bought it!) but unfortunately without wireless synchronization.
    That really disappointed me!“

    To end with @Gerhard87
    “I'm strongly interested in a local sync mechanism!“ (whatever it looks like)

    And I am sure, that you will find a solution which will satisfy all your customers. :)

    Thanks.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Malachit: Far from being offensive, your kind words are greatly appreciated! I'm not sure what the future will bring, but we're lucky to have customers that are as passionate about 1Password as we are. Thank you for taking the time to share your thoughts on this with us! :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Gerhard87: Likewise, thanks for weighing in. We have no plans to remove WLAN Server from the mobile apps. Just as we don't have free resources to devote to developing, testing, and supporting the addition of that feature to the new Windows app at this time, we also can't spare anyone's time or energy to try to remove that from the mobile apps. We've got people on four platforms -- including Windows, in version 4 -- who use it after all (including you!), so there's no reason to do that; it would just be more work for us! Anyway, thank you for taking the time to give us your perspective on this too. :)

  • dked
    dked
    Community Member
    edited June 2018

    i thought that wlan support was in 1password 7 - that's why i paid extra to buy the new version - but now that I try to find the menu option and cannot find the wlan sync i came across this thread - yes i never plan to ever have the online passwords as it is more secure to wlan and have my passwords in a place that's less of a target for hackers than a password management suite's data center which is a more prominent hacker target than just my local network - so yes i need wlan in 1password 7 for windows just like it has on mac

    actually i want to use or thought i would be able to use folder sync which can point to a network drive and share the same data as 1password mac - is this the same thing?

  • webse
    webse
    Community Member

    Wouldn't a WebDAV sync option (iOS and win) be possible? In an working environment it would be easy to setup and also personal users with enough experience could setup a webdav server. (local webdav server e.g. owncloud in combination with openvpn for maximum security)

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @webse! Thanks for the idea. In fact, that very idea was intriguing enough to us that we explored it quite thoroughly a few years back...and it wasn't really feasible. Not if we wanted to keep our customers from seriously sluggish performance. Here's Dave Teare's story of how it went down, from January of 2016. Long story short, we created a much faster, more reliable, more secure setup with 1password.com than could ever have been achieved with WebDAV.

  • kermit4karate
    kermit4karate
    Community Member

    @Lars “more secure...” Only if you make some pretty significant assumptions about the end user. I’m more concerned by the company’s refusal to recognize the inherent risk in storing a user’s vault in the cloud, regardless of whether the key is ever exchanged or stored with it.

    The point is that systems are compromised when something unexpected happens, as in you didn’t think it was possible, and yet it happened.

  • Lars
    Lars
    1Password Alumni

    @kermit4karate - you're right re: end user. It would be presumptuous of us to assume we are better prepared or more secure than any given, specific end user. Nevertheless, we can infer from experience that most users are not long-time security professionals, which means that in the aggregate, our own setup will be more secure because it is purpose-built for only this (meaning it's not also syncing your file-upload server, your photo-server, and potentially much more, all with varying levels of security), and our servers are monitored constantly by experts whose job it is to do so. I run a couple of servers myself, but even I gotta sleep sometimes. ;)

    I’m more concerned by the company’s refusal to recognize the inherent risk in storing a user’s vault in the cloud, regardless of whether the key is ever exchanged or stored with it.

    We don't "refuse to recognize" that. In fact, that's the entire reason the 2SKD (2-Secret Key Derivation) of Secret Keys associated with 1password.com accounts was created. :)

  • Searchlight
    Searchlight
    Community Member

    Well I think that I must bite the bullet and drop 1Password. For 6 pages the team does not get tired to argue why it is a good thing for us users that they removed a feature that we used or furthermore had to use because of regulatory rules that permit saving sensitive data on external storage space specially on foreign storage space.

    The fact that AgileBits is a Canadian company does not much improve the situation - Canada is part of the five eyes states (a term that in the Apple Appstore AgileBits pretend to not know about) and it is not allowed for many of us to share password data on systems where foreign governments, particularly the U.S. government could easy get access to them - including iCloud, DropBox or AgileBits.

    Unfortunately, AgileBits uses much energy to defend their business decision to cancel the option for a local sync in favor to push their subscription-based cloud service and does not use this energy to at least bring back the already functional WLAN sync that was part of the old version 4 and is still part of the Apple version.

    Well then - I loved 1Password for the last couple of years and bought it on iOS, OSX and Windows - I was ready to buy the upgrade to 1P 7 - I would even be ready to buy a software subscription to get any new version on any device for an annual fee but I'm neither willing nor allowed to sync my password using a cloud service so I think it's time to move on to something like Keepass. It's user experience is far inferior to 1P but it's OSS, it's a multi-platform system and it supports local sync.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited June 2018

    Well I think that I must bite the bullet and drop 1Password. For 6 pages the team does not get tired to argue why it is a good thing for us users that they removed a feature that we used or furthermore had to use because of regulatory rules that permit saving sensitive data on external storage space specially on foreign storage space.

    @Searchlight: I'm not sure you've read it. We didn't "remove" a feature, and there are very good reasons that we built not only 1Password.com, but also a brand new Windows app. We also have servers in Germany (1Password.eu) and Canada (1Password.ca) for those that are required to not use services hosted elsewhere. This doesn't make any difference security-wise, but for some it can mean avoiding fines and such.

    The fact that AgileBits is a Canadian company does not much improve the situation - Canada is part of the five eyes states (a term that in the Apple Appstore AgileBits pretend to not know about)

    I am familiar with "five eyes", but the rest of your comments there don't make sense to me. We're not Apple, nor do we own and operate the App Store. No need to "pretend". :)

    and it is not allowed for many of us to share password data on systems where foreign governments, particularly the U.S. government could easy get access to them - including iCloud, DropBox or AgileBits.

    Literally no one ever has used 1Password to "share password data on systems where foreign governments, particularly the U.S. government could easy get access to them"; that's not something that's ever been remotely supported. Fundamental to 1Password's design has always been that the data is end-to-end encrypted, so 1Password simply doesn't depend on the sync service to protect your data.

    Unfortunately, AgileBits uses much energy to defend their business decision to cancel the option for a local sync in favor to push their subscription-based cloud service and does not use this energy to at least bring back the already functional WLAN sync that was part of the old version 4 and is still part of the Apple version.

    We didn't cancel anything. And, as you mentioned, you can still use WLAN Server in the versions that have that feature; we're not removing it.

    Well then - I loved 1Password for the last couple of years and bought it on iOS, OSX and Windows - I was ready to buy the upgrade to 1P 7 - I would even be ready to buy a software subscription to get any new version on any device for an annual fee but I'm neither willing nor allowed to sync my password using a cloud service so I think it's time to move on to something like Keepass. It's user experience is far inferior to 1P but it's OSS, it's a multi-platform system and it supports local sync.

    If that's a better fit for you, that's totally okay. We'd rather you use that than nothing at all. Stay safe out there!

This discussion has been closed.