Are people ever satisfied?

Sorry, but I have to write this somewhere so my head does not explode ;)

When AB announced that 1PW 6 for Windows will be subscription-only, everyone (at least it felt like that) where complaining about "another subscription" and were afraid that also all the apps for the other platforms were going that way. They demanded statements that the next version for Mac would also be available as standalone licensed. And they were all committing they were willing to pay "full price", just to get the standalone license.

And now? 1Password 7 for Mac is out and the Windows version is coming soon and will also have a standalone license option.
Are the protesters happy now? Of course not, because now the "full price" they claimed they were willing to pay, is too much and that AB should offer upgrade pricing. I mean WTF??? The last time someone paid for a 1Password upgrade was like 3 or 4 years ago.

People buy computers and devices for thousands of dollars, but are too stingy to pay 60 bucks for a tool that helps them keep their passwords and other valuables safe. And if they thought about that for a second, they would realize that those 60 bucks for ONE license for ONE platform would give them almost 2 years worth of subscription for ALL platforms.
They even would not need to use for their stuff if they don't trust that. They could still use iCloud, Dropbox and whatnot.

I totally get that "everyone is going the subscription route" thing. I'm in the same boat. But honestly, you have to pick which product is worth your money. You don't have to buy every subscription that comes your way. I pay for 1Password, Netflix (ok who doesn't), Spotify and Amazon Prime.
Yes, that's a lot of money, but those things either bring me joy, safe me money or keep my staff secure. It's money well spent.

So folks at AB, keep up the good work and don't let the whiners get you. You're doing great.

Sorry for the venting, it had to be done :)

I know the answer to my initial question is of course "no"

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided


  • I used to whine a lot on the internet, so I know the whining mindset. It is difficult to break free from but it's possible. Now I'm generally happy with my software. If I'm unhappy, I move to something else.

  • I feel the same way. Though you have to consider that the people complaining back then are not necessarily the same people complaining now.

    Personally, I wish AgileBits would have just decided to go subscription-only. They had already taken the heat for the perceived move away from standalone licensing. Now they are dealing with customers being confused about the two models when they purchase or upgrade. Sure they would lose some customers had they done this. I just don't think it would have been that many. But then again I obviously have no insight into their sales numbers.

    I am also a bit worried that the two models are going to conflict in another way that hurt either subscription-holders or license-holders or both. One of the selling points of a subscription model is that the company can offer continuos improvements to the product both big and small. With a licensing model customers often have to wait a long time between major updates and improvements because otherwise there would be little incentive to buy the next version. In that sense the two models are in conflict and I'm not sure how AgileBits is going to handle that in the future.

  • rickfillionrickfillion Junior Member

    Team Member

    It's nice to see people are looking out for us, but don't worry... we've got thick skins. :)

    We want to keep as many people safe online as we can. Externally it may have looked like we were trying to ditch local vaults because 1Password for Windows had v6 which lacked support for them. But it was always the plan to get local vault support in there. When your teams are small, you can only work on so many things at once. It's difficult to convey just how big of a release 1Password 6 for Windows was... it was literally from scratch with zero lines of code shared with version 4.

    I'm really happy that v7 has support for local vaults and that as many people use it as wanted it.

    Supporting OPVault (& iCloud on Mac/iOS) and in the same apps is a bit of additional work, but right now we think it's worth it. AgileKeychain was the harder sell from a development perspective, and that's why version 7 of both Windows and Mac don't have support for that. AgileKeychain goes back to 1Password 3 and was the first sync format to work with Dropbox. There was a ton of legacy and if 1Password 7 for Windows had to support AgileKeychain too I think we'd still be waiting a while for its release.

    There are going to be some features that only make sense within the context of The best example is Travel Mode. It doesn't make sense without the concept of a central server. We're not going to shy away from building those features. Other features we want to build are a more natural fit for both local and account based vaults.


  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    edited May 2018

    @Rick, I think that there are a lot of things that are obvious to us insiders that others just aren't going to be aware of. It's frustrating when people jump to the wrong conclusions, but we can't really blame them given their own experiences and what they see.

    Security worries

    As you know, I've engaged in countless discussions with people who were worried about the security of a subscription service. I can't blame them because for many years we boasted of never seeing anyone's data in any form whatsoever. What they may not recognize is the extent to which the service maintains the same (or better) security properties of its predecessors despite us holding on to data.

    That is a conversation I have had many times before and will continue to have. Although it can be frustrating, our security design is unusual and is unlike what most people have ever encountered. I can't blame people for initial skepticism.

    One true sync

    I also think that an enormous number of people cannot be expected to understand the virtues of "one true sync system".1 We know that the majority of our customer support queries are the result of people having set up sync differently on different platforms, but this is not something people outside the company know. We internally know how difficult it is to maintain different sync systems. Synching with Dropbox is not as simple as it might seem to an outsider. From a security point of view, there is enormous benefit in designing a sync system specifically around the needs of 1Password data instead of trying to contort 1Password data to work with some third party system. (Of course our service is much more than just about synching, but I'm trying to focus on the virtues of "one true sync system.")


    I find it interesting how many people assume that our push for the service is financially motivated. While I'm not privy to the relevant financials, I am confident that that just is not the case. There were technical (including security) problems that we could not solve through a third party or file-based sync mechanism. As your rant points out, paid upgrades come erratically. Some app stores don't allow us to offer update pricing. There is no way to charge people who have bought 1Password 4, 5, or 6 on the Mac App Store less for 1Password 7 than we charge new customers unless the upgrade is completely free.

    So for non-subscribers there will be paid updates to new versions, often with no ability for us to offer upgrade pricing even for people who purchased the "old" version yesterday. If you are using 1Password on multiple platforms you are going to face this even more. A person who uses 1Password on 10 Macs pays much less than someone who uses 1Password on Mac, iOS, and Windows. Again, the nature of app stores doesn't give us a reasonable way to fix that unfairness. But a subscription does. If you subscribe, you are a 1Password customer, which and how many clients you use is irrelevant. It really is much fairer pricing.

    Anyway, you know that I share your frustration. We are trying to do the right thing, and we are doing the right thing. But there are lots of ways in which what we do can be misconstrued. It's a fact we have to live with.

    1. I'm not saying that we expect to drop Dropbox synching any time soon, but we are going to push hard for the service, and we are not going to add new additional mechanisms. ↩︎

  • I’m very happy with the 1Password subscription, and I use to be very vocal against it when it 1st came out (ask @brenty :lol: . I started to look at the security of them, talked to people who are actually hackers, and did this for a while. The last straw was when Dropbox lost my trust. I wasn’t even done doing my research, but I felt I had enough info to pull the trigger.

    I’ve been very happy that I made the switch. So far my mom locked herself out twice, and I was able to get her back into her passwords. I have gotten some new computers using different operating systems as well. I think just between my wife, daughter, and myself we have about 13 devices (iOS, Mac, Windows, Linux, and android).

  • brentybrenty

    Team Member

    @prime: Indeed! :lol: And while I know you're aware of this, for context it's worth pointing out that 1Password data is end-to-end encrypted, so it simply doesn't depend on the sync service to protect your data.

    Now, that is sort of academic when you're at the point where you just don't feel comfortable using their service. But I do want to be clear that we didn't build (or drop Dropbox support — I still use it myself) because Dropbox is unsuitable for 1Password users; for a number of people, it works great. But building our own sync service (with the benefit of years of feedback from customers, and experience developing, testing, and supporting various sync options) allowed us to build a top-to-bottom integrated solution that alleviates nearly all of the pain points that most users can experience with a more general-purpose sync service not designed with 1Password in mind. And, more importantly, when our customers do have problems, we're in a much better position to help them ourselves, instead of being dependent to some extent on another company's software or service.

    And, because we took the time to design and build all of this, features like account recovery for family members by family members and automatic offsite backup, which could not have existed in the past, empower us to help our loved ones not only stay secure, but also ensure that they themselves don't lose data where in the past getting locked out or losing a device would have been fatal. So when Goldberg says isn't just about sync, he isn't kidding. But re-reading what I've written, he's right that about 80% of this isn't stuff that is going to be obvious to users, so it's on us to not only do a better job communicating, but also to listen so we can continue to find ways to help people stay safe online. Cheers! :)

  • @Manaburner I so agree... $10K laptop, $20 laptop bag...

    I am not part of the old set of customers, came in under the current pricing structure, feel for folks who feel they are losing functionality, but have been on the other side of this web page too, where financials and resource constraints affect decisions. If the pricing model helps keep the company independent (as there doesn't seem to be an exit strategy and sell), and focused on the fundamentals, I'm good.

    In all fairness, I am multi-platform and would find stand-alone licensing prohibitive (not sure how many devices allowed under it, but hey). iPad, iPhone, android, mac, a couple of desktops and laptops, it works for me.

    Not worried about the security model either, don't feel the need for 2FA (not crazy, just not willing to lock myself out when a very expensive GPU rig would take a long long time to crack my password, forget something slow like HTTP with an IPS and/or WAF in front of the server, I'm sure.

    I find the haters interesting. Usually can tell it is from deep disappointment though (they will rant and rant and rant, and then say, but I still love the product).

    Right now, it is the WLAN anger. Found interesting someone worried about quantum computing and how he would never place a bank account password in the cloud (though of course, the bank account itself is already there). I haven't got a dog in that fight, but AES256 is at least at this moment quantum resistant it seems, but not so public key crypto (used to encrypt communications, https with TLS anyone?) So WLAN is safe but his router is burnt as well as all his communications with the aforementioned bank???

    Nah, I am OK with the cloud service. Really.

    But, hmmm.... SRP is key exchange, and public key exchange is not quantum proof.... hmmm? Been reading too much lately...

    Still OK with it. I haven't ticked off any government entities recently... and besides, much cheaper to just call and threaten me in a meaningful manner.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    edited June 2018

    Thanks @AlwaysSortaCurious,

    I do want to address one thing that you've said.

    If the pricing model helps keep the company independent (as there doesn't seem to be an exit strategy and sell), and focused on the fundamentals, I'm good.

    While I'm not privy to the financial details, I do not believe that our margins differ in any meaningful way between subscription and licenses. It's that we can offer more features by running the service. Secure sharing is probably the most obvious one, but easier and more reliable synching is another less obvious one. Also we can offer better security than what most people do when we leave them to sync through some third party. Things like Travel Mode, availability on more platforms through either the web app or 1Password X would not be possible without us running a service.

    OK. I'm going to comment on more

    I am multi-platform and would find stand-alone licensing prohibitive (not sure how many devices allowed under it, but hey). iPad, iPhone, android, mac, a couple of desktops and laptops, it works for me.

    Any number of devices per platform are allowed. So if you were to run 1Password for Mac on 10 Macs you would need only one license. But if you were to run 1Password on one Mac, on one Windows system, and one iOS device, you would need three purchases. That unfairness is not be our design, but is a consequence of how app stores work. We want to charge people for 1Password, irrespective of device and number of devices they need it on.

    I find the haters interesting. Usually can tell it is from deep disappointment though (they will rant and rant and rant, and then say, but I still love the product).

    I think that its been so long since we've had a paid update that people have forgotten that it is a thing. I also think that some people fell victim to their own rhetoric: "With a license I make a purchase and can use it forever," lots of people have been saying. And that is true, but that doesn't mean that the particular version that they can use forever will continue to work on later operating systems or inter-operator with later versions of 1Password.1 Being reminded of paid upgrades is a bit of a shock. Also, given the nature of app stores, we can't offer different prices for people who bought the old version one week ago than we offer to those who bought it five years ago.

    Post-quantum crypto

    SRP is key exchange, and public key exchange is not quantum proof.... hmmm? Been reading too much lately

    A quantum computer that poses a threat to the 4096 bit groups we use for SRP would pose a bigger threat to everything that you use 1Password for even if you didn't use 1Password. A machine that could do that would be able to break the keys used in site certificates and in code signatures used for all of the software that you use.

    Also the big message about quantum computing is "don't panic". There are some promising post-quantum algorithms out there, the trick is making them efficient enough for practical use and getting them well-studied with rock solid implementations. My personal favorite approach is super singular elliptic curve isogeny, but that is probably because it is the one I understand the best (though my understanding is limited) and because it is fun to say "supersingular elliptic curve isogeny."

    Twenty years ago when Shor's algorithm was first published, nobody knew how fast or slow development of practical quantum computers would be. We all had guesses, but the development has been slower than almost everyone guessed. It has certainly moved at the slow end of what I'd imagined. Even if the pace picks up substantially (and recent press reports and developments do make make we think it has), we have time. We need to be working on practical post-quantum algorithms (and people have been doing so for 20 years), but I'm confident that the these will be in place long before any practical quantum computer becomes a threat.

    OK. I've digressed, but that is what the Lounge is for.

    1. We want to make improvements over time, and don't want to restrict newer versions to work with ancient versions. (We've spent nearly six years phasing out the Agile Keychain Format, and we are still not done with it; but we certainly want to push people away from that less secure data format.) In general, offering older, less secure options, can lead to "downgrade attacks", meaning that it isn't just the people who choose to use the outdates systems who can become victims. ↩︎

  • It's hilarious that anyone thinks that the dissatisfied people are angry about paying for an upgrade. When v7 finally gets its kinks worked out (and it looks like there are a LOT of kinks at this point), I'll gladly plunk down e-Pay money for 1Password Mac for the 4th time (I started with version 3, but version 6 was a free upgrade). I also have upgraded the iOS version for money every time that was needed. That doesn't bother me, since I own those software licenses. I'm not against paying, I'm against buying subscriptions.

    The bad:

    • AgileBits now sells a standalone product that nobody knows the price of until they install it (that's too late, team).
    • AgileBits thinks that their own cloud password shared storage is unhackable. Everyone who's ever been hacked (meaning: everyone) thought they weren't hackable, until the hack happened. The hubris is gigantic to suggest otherwise.
    • Clouds go down. It's nigh impossible for it to never happen. It will happen to AgileBits one day.
    • Based on the discussion boards, bugs & problems with the new version are very abundant.
    • Subscription models are great for publishers and not so great for customers. Example:
      • I bought 1Pv5 as an upgrade in November, 2014. Again, v6 was free to me. I've also kept buying the iOS upgrades, but that's a separate issue.
      • If I'd bought the subscription model from then to now, instead of paying the initial upgrade fee, I'd have paid $125.58 so far just for the Mac alone. I paid far less than that. And I'm too tired to do the math for the iOS version; would I have had to pay a separate subscription fee for that too?

    The good:

    • At least 1Password is still available standalone. The entire password manager industry is moving to subscription model, and at least 1Password can distinguish itself by offering choice to the world. I purchased 1Password originally because it did stand alone and did let me eventually bank my vaults where I want them, not where the company wants them.
    • The upgrade cost appears to be reasonable, although I can't actually know without installing the upgrade (which I won't, until all the current chaos burns away).

    So, yeah, I love 1Password. But just because every other product has gone subscription doesn't mean it's a good idea for EVERY product to go subscription. If it's ever announced it's subscription-only, that'll be the end of me as a customer.

  • Also very happy here. The online interface is an estate planning dream!

  • I was the one that opened the other 'complain' thread, so ignore this if you wish.

    Just to clarify, I'm happy to buy software, my concern is in the pricing model of per platform per user, which causes me the need to buy for me (2xPlatforms), my wife (2xPlatforms) and my kid (1xPlatform). At the end of the day, it does come to a lot of money. It seems that the pricing model is pushing people for the subscription model, instead of coming with some type of pricing that could benefit people that require several licenses.

    Second point I want to make is about the subscription model. There are other reasons why some users CANNOT use a subscription model. Many organization require to master the data, and do not allow use of cloud services. I work for such as a company, therefore, I need to use the stand alone version.

    Feel free to ignore honest feedback.

  • brentybrenty

    Team Member
    edited June 2018

    @andydev: We're not forcing anyone to go with a membership. Are some people incentivized because it's a good deal? Sure. But I don't see why that's a bad thing. If it isn't a good fit for you personally, then it doesn't matter anyway. I see a ton of good deals on cool tech I would never use, so I don't buy it. While memberships are the best option for most people, they're not for everyone. That's why we offer licenses as well. But we can't offer a "bundle" for all of the 1Password apps because many of them need to be sold through app stores we don't control. I don't see how your work can dictate how your family uses 1Password though, so you could use with them and then create a local vault for work stuff. Just a thought. :)

This discussion has been closed.