Chrome Version 99.0.4844.74 won't verify (1Password 6 / Extension Version 4.7.5.90)

nkukit
nkukit
Community Member
edited March 2022 in 1Password 3 – 7 for Mac

Hi,

Chrome Version 99.0.4844.74 does not work with 1Password Browser Extension Version 4.7.5.90 — it won't verify.

The previous Chrome version works fine, but Chrome always auto-updates, so no chance for a working setup. Beta doesn't work either.


1Password Version: 6.8.9
Extension Version: 4.7.5.90
OS Version: macOS 12.2.2

«1

Comments

  • Joy_1P
    Joy_1P
    1Password Alumni

    Hey @nkukit! Chrome recently changed its code signature. Because of this, 1Password 6 for Mac no longer works in Chrome 99 or later. I'm afraid that there won't be an update, as 1Password 6 is no longer receiving security updates (and hasn't been receiving it since 2018). We have an article detailing this situation here: https://support.1password.com/kb/202203/

    To continue using 1Password in Chrome, my best recommendation is to upgrade to 1Password 7 through a membership. We can offer you a special promotion, as you've been a user for a long time. If you're interested in that offer, please let us know, and we can get things moving along.

  • arlutkus
    arlutkus
    Community Member

    Hi,

    I am having the same issue. After updating to macOS Catalina 10.15.7 and Google Chrome Version 99.0.4844.74 I can no longer use the 1Password extension. Can you please fix this.

    I have 1password 6 Version 6.8.9

  • Hi @arlutkus:

    On March 15, Google released Chrome 99, which contained a new code signing certificate. Because of this change, 1Password 6 for Mac no longer works in Chrome 99 or later. The last major update to 1Password 6 for Mac was almost 4 years ago, and as 1Password is a security product, we strongly recommend keeping it up to date.

    At this point, updating to 1Password 7 for Mac would be the best option if you want to continue using 1Password in Chrome. Please reach out to us directly at support+tradein@1password.com to discuss the options that are available now. After emailing in, you'll receive a reply from BitBot with a support ID that looks something like [#ABC-12345-678]. Post that here, and I'll be able to connect the dots and locate your email conversation.

    Jack

  • nicksoper
    nicksoper
    Community Member

    @Joy_1P I have had a 1Password 5 and 1Password 6 licenses, now Chrome won't sign the plugin, would it be possible to share steps to your "special promotion" that you mentioned to upgrade to 1Password 7, please?

  • nkukit
    nkukit
    Community Member

    Ugh... bummer. I've been on a family plan since 2013 :-(

    Reached our to support now re PW7, but no "quote" yet

  • Hi @nicksoper:

    Please reach out to us via email at support+tradein@1password.com, and my colleagues will be able to get you set with the promotion. After emailing in, you'll receive a support ID that looks like [#ABC-12345-678]. Post that here, and I'll be able to locate your email conversation and connect the dots.

    Hey @nkukit:

    I've located your ticket, and one of my colleagues will be with you soon.

    ref: MXE-78794-262

    Jack

  • motionsick
    motionsick
    Community Member

    Yes, just noticed this suddenly stopped work for me as well. Same version of Chrome/1Password 6.

  • Hi @motionsick:

    Thanks for reaching out. As I've noted above, Google recently released version 99 of Chrome, which contained a new code signing certificate. As a result of this change, 1Password 6 for Mac no longer works with Chrome 99 or later. The last update to 1Password 6 for Mac was nearly 4 years ago, and as 1Password is a security product, we strongly recommend keeping it up to date.

    At this point, updating to 1Password 7 for Mac would be the best option if you want to continue using 1Password in Chrome. Please reach out to us directly at support+tradein@1password.com to discuss the options that are available now. After emailing in, you'll receive a reply from BitBot with a support ID that looks something like [#ABC-12345-678]. Post that here, and I'll be able to connect the dots and locate your email conversation.

    Jack

  • pcnudde
    pcnudde
    Community Member

    This is really frustrating. I have the same problem and have been using 1password for over a decade. But I really don't like membership models. Are the memberships the only option at this time?

  • dky
    dky
    Community Member

    In the same boat as everyone here. Just upgraded yesterday and now my most used feature autofilling is busted in Chrome. Anyone know what the options are?

  • 1userof1password
    1userof1password
    Community Member
    edited March 2022

    I'm in the same boat as everyone here. While I understand the move to a subscription model for development and new features I can't understand how maintaining features that were sold to users at the time of purchase isn't being done.

    When I purchased my license it was for use of 1password and it's features (which includes browser integrations). I wonder about the potential legal ramifications here given that we purchased 1password and it's features for a lifetime and now they are removing some of those features.

    Even in this reddit post from a 1password developer they say "The term "lifetime license" can mean different things to different people, I think, and it's not a term we ourselves have used. Standalone licenses, which are good on a per-person, per-user, and per-version basis, do still exist, and I suppose they're "lifetime" in the sense that they don't expire, but they are good for what they're purchased for." I personally purchased 1password for it's password storage and browser integration.

  • sjacob1
    sjacob1
    Community Member
    edited March 2022

    There was no warning at all from 1Password that this was going to suddenly occur. :( I've been a happy 1Password user who bought the apps years ago.

    I use Dropbox sync[1], and so I remained on 1Password 6, as that was the only option you gave us.

    What you're telling us is that from one day to the next, suddenly without any heads-up we're completely abandoned. :/

    I REALLY did not need the headache of having to deal with this without the choice of when to do so. I wanted your software, which I paid for. I don't want an account. I don't want you to own the storage of my password vault. I want the ability to manage it myself, which you gave us (and was why I bought 1Password) before taking it away in order to extract rent from people who had already bought.

    This is really upsetting.

    • Stephen

    [1] 1Password accounts aren't a feature. NOT using a 1Password account was a feature. The fact that Dropbox, which sync'd my vault, could not have the passphrase to unlock it, and 1Password, into which I typed my passphrase, would not have a copy of my vault was very good from a security standpoint. You holding my vault hostage by forcing me to upgrade to 1Password 7 and also owning the software into which I type the vault unlock passphrase is a large security risk.

  • MattRobinson
    MattRobinson
    Community Member
    edited March 2022

    I agree with the customer sentiments in this thread.

    It isn't fair or trustworthy to use a change to a Browser Code Signing certificate as a means to force us into a subscription model after claiming we had a 'lifetime' licence to use 1Password on our Macs.

    To be clear, this is not a situation where 1Password 6 for Mac cannot be used anymore. This is a situation where 1Password needs to update an extension to use a new CS Certificate. I can accept an issue where Chrome changes so much that the 1Password extension can no longer be specifically supported, but this doesn't seem to have happened here.

    If the issue is simply to allow the Chrome 1Password Extension to validate against a new Certificate, why not just release an upgraded extension signed with the new certificate? It wouldn't require any code changes to the extension or the 1Password product.

    So, please may I have a new version of the Chrome 1Password extension signed with the new Chrome 99 Code Signing Certificate, for 1Password 6.8.9 ASAP?

  • Allewars
    Allewars
    Community Member

    I've been using 1Password for 14 years now and I love it. I've recommended it to lots of friends who also became happy 1Password users.
    I can't imagine my life without it. Well, now I don't need to imagine my life without it, I'm living it, kind of.

    I'm also suffering this issue about the Chrome signature, and is nightmare. Even more since I'm in the middle of a project and this change is having an impact in my workflow.
    However, software ageing (and ageing in general) is real, and we can't do anything about it. No matter how much we hate it.

    I didn't liked when 1Password turned to a subscription based model, but I was happy that I could continue to use the old good version 6.
    Suddenly I found myself spending hundreds of dollars every month for all the software I use, and is starting to feel uncomfortable about it.

    I hope AgileBits can come with a solution about the current issue, but if not, I will completely understand it.

  • nicksoper
    nicksoper
    Community Member

    @Jack.P_1P my support ID is [#VIX-39151-217]. Thanks for offering to help :)

  • Squerp
    Squerp
    Community Member

    I wanted to add that while the decision to obsolete 1Password 6 is itself frustrating, the execution technically here was also quite poor. You're wasting huge amounts of customer time by making us Google for threads like this instead of providing the information proactively, which is disappointing given how clear most update paths have been in the past. It gives me a lot more pause about whether I want to buy into the subscription model that seems to be the only remaining option.

  • 1plane
    1plane
    Community Member
    edited March 2022

    I'd just like to reiterate what's been said above. At least part of the reason 1Password has seen broad adoption is because those of us who have been using it for over a decade also set it up for many family and friends. And I totally agree that a from a software development perspective, the subscription model is the way to go. But also recognize that any of us who are still using 6.8.9 are most likely doing so because we were early adopters who supported you from the beginning. We'd appreciate the same kind of dedication.

  • baxterkimel
    baxterkimel
    Community Member

    also, 1Password 7 isn't necessarily better than 1Password 6. The user experience is poor. There is no support for "Smart Folders" on macOS, which I heavily depend on to filter by keyword, find addresses, etc. Also, you can't view items in "Item List Layout - Top" like you can in 1Password 6, which is ideal for greater information density in a single view.

  • Hi folks,

    Thanks for reaching out.

    @pcnudde / @dky:

    We no longer sell standalone licenses, and 1Password memberships are the way forward now. As I mentioned above, please reach out to us via email at support+tradein@1password.com, and my colleagues would be best equipped to get you set with our trade-in offer (50% off for three years). Post your support ID you receive after emailing in, and I'll be able to make sure it's gone to the right place.

    @1userof1password:

    As mentioned there, standalone licenses of 1Password are valid for a single individual, for a single platform, for a single major version. You're more than welcome to continue to use older versions of 1Password, but however as operating systems and browsers continue to update and evolve, there may be changes in what functionality is available when working with newer, up to date browsers and operating systems.

    @sjacob1:

    I'm sincerely sorry for the trouble here. We collected very little information about our license purchasers at the time of purchase, so we have very limited methods of reaching out. Additionally, we never want you to feel like your data is trapped, which is why exporting your data is always available. As I've noted previously, if you'd like to get started with our trade-in offer (50% off for three years), email into us at support+tradein@1password.com and we'll be able to get the ball rolling.

    @MattRobinson / @Allewars:

    The best option for using 1Password in Chrome at this time would be upgrading to 1Password 7 for Mac. The last update to 1Password 6 of any kind was nearly 4 years ago, and as a security product we strongly recommend keeping it up to date.

    @nicksoper:

    Thanks for sharing your support ID, we'll be in touch soon.

    ref: VIX-39151-217

    @Squerp:

    We initially saw reports of the code signing change in Canary, and within two days we were seeing this change in beta and release channels. As I mentioned above, we have very little information about purchasers of standalone licenses, so we were limited on ways we could have proactively notified you about this.

    @1plane:

    I sincerely thank you for your support for all these years, and we wouldn't be here without it. We've found that a subscription helps put us on the same page, in a manner of speaking. We have to continue to prove our worth, rather than being able to risk getting comfortable.

    @baxterkimel:

    Thanks for your feedback on 1Password 7 for Mac. I'll share it with the team as we work to iterate on 1Password 8 for Mac.

    Jack

  • Lutzlikatze
    Lutzlikatze
    Community Member

    I'm chiming in as a very long-time user of 1Password (I must have started with version 3 or even earlier).

    I have contacted 1Password support a couple of days ago. Their answers were very pleasant and comprehensive, and I have been offered a discount on a subscription for the next three years. BUT I still prefer the standalone version 6.8.9 which has worked very reliably for many years, and I simply don't like the subscription schemes.

    And now I am just reading here that my data will apparently be stored in a company cloud. Oh dear... No, on second thought I probably won't accept the discount offer and stick with Firefox as long as it works together with 1Password.

  • dmitryb
    dmitryb
    Community Member

    @Jack.P_1P

    I completely agree with @MattRobinson this really looks like a very simple issue for you to fix, just update the extension. But instead you chose to use this situation as an excuse to force your old customers into the new subscription model. This feels very wrong and even unethical from your side, at least wait until there will be a more justifiable reason.
    Honestly, I've been a very happy customer of 1password products and as I'm sure many others, don't mind to pay at all. The problem is that you no longer offer an option to avoid hosting passwords on your servers and choose other means for synchronization like dropbox. Instead, you keep repeating nonsense about 1password 6 being old and insecure. It's perfectly fine, just let us keep using it, please!

  • mvgodinho
    mvgodinho
    Community Member

    Unfortunately, this seems to be recurrent from 1Password. Since they stopped selling standalone versions, there's always a pressure towards the subscription model. First, they killed the Safari extension. Now, the Chrome one. Soon the Firefox one will misteriously stop working too. Then, the fools who paid expensive lifetime licenses and made 1Password the big company that it is now (meaning us) will be thrown out like garbage. Capitalism at it's best...

  • Jack.P_1P
    edited March 2022

    Hi @mvgodinho / @dmitryb / @Lutzlikatze:

    While I can't speak to the technical requirements it would take to continue allowing 1Password 6 to communicate with the latest version of Chrome, what I can say is this: we have made the choice to no longer invest resources into 1Password 6 for Mac. 1Password 7 for Mac was released 46 months ago, with numerous fixes and improvements over almost 4 years from then until now. As we near the release candidate of 1Password 8 for Mac, it simply doesn't make sense to invest additional efforts into 1Password 6 for Mac.

    Given this, our recommendations are as follows:

    • If you'd like to switch to a 1Password account (and receive 50% off your first three years) to update to the latest version of 1Password, reach out to us at support+tradein@1password.com.
    • If you'd prefer to keep using 1Password 6 for Mac, you're more than welcome to continue to do so, using either copy and paste, or the 1Password classic extension in a up to date supported browser (Firefox). At this point, we cannot make any promises on if Firefox will continue with its current signing certificate, but if in the future there is a change to the code signing certificate from Firefox, it would be expected that 1Password 6 for Mac would no longer communicate with Firefox.
    • If neither of those options are amenable to you, we don't want you to feel like you're trapped. You're always able to export your data and import it into another password manager. If this does apply to you, stay safe out there when selecting another password manager, and we'll be here for you in the future if you decide to give us another chance.

    Jack

  • mvgodinho
    mvgodinho
    Community Member

    The defense rests...

  • nicksoper
    nicksoper
    Community Member

    I knew one day that 1Password6 would eventually stop working based on 1Password saying development stopped and when Safari support stopped, I felt I was on borrowed time anyway.

    I followed the steps here, signed up for 1Password7, and I had the discount applied, which I am grateful for.

    In the few days I had to use the 1Password desktop app to get passwords (and couldn't use the Chrome plugin to autofill) the amount of time that added was a real chore.

    Having used 1Password7 for a few days, it's much better at entering credentials into fields. Many websites I would have to manually grab login credentials from 1Password now can autofill.

    The Emergency Kit also makes a lot of sense.

    Just my 2c. Thanks again @Jack.P_1P

  • stephenmw
    stephenmw
    Community Member
    edited March 2022

    I'm grateful I found this thread and really disappointed with 1Password's handling of this issue. I understand that the the old version of 1Password we paid for was on EOL, but if you knew this Chrome issue was going to break all of us why not give us a heads up? That would have given us some time to transfer over to a subscription plan without a week of headaches following EXISTING guides for the issue.

    I probably went through the steps for troubleshooting the issue 3 or 4 times. None of the online documentation says "Actually this is broken now and will never work."

    Please at least update your online documentation for troubleshooting the issue.

  • svpnaar
    svpnaar
    Community Member

    This really sucks! No other words I can think of ... What about releasing the 1 password 6 code in the open source community? I'll bet there will be a lot talents that have time, effort and the will to fix the signing issue in such a way to keep a lot of users happy!
    Forcing customers in to a subscription lock-in mode is so "seventies"!

  • Hi @stephenmw:

    I can emphasize with your frustration here. We simply didn't have much notice in this. We first saw reports of the change in Chrome Canary, and within 2 days, we saw reports of this change in beta and stable channels. Have you reached out to us directly via email at support+tradein@1password.com? My colleagues there would be happy to help get you migrated to a 1Password account as well as apply the trade in discount (50% off for 3 years). After emailing in, you'll receive a support ID that looks something like [#ABC-12345-678]. Post it here, and I'll be able to make sure your email has gotten to the right place.

    @nicksoper:

    I'm glad to hear 1Password 7 is working so well for you. Thanks for your kind words, and we'll be here for you if you need any help in the future!

    Jack

  • 1userof1password
    1userof1password
    Community Member

    @Jack.P_1P is it possible to offer a subscription model where we can not host our passwords on your server? I understand the need to move to a profitable business model and I have no issues paying for 1password again. A big concern for myself (as well as other users it sounds like) is that by hosting our information on your servers we are losing control of the ability to ensure our data is safe. Another question that I haven't been able to find an answer for is how you stand behind your hosted security model? I read numerous things that say you take the proper precautions and have never been hacked but let's say this were to occur, how would 1password stand behind its customers in making them whole?

    If this model is not offered, is there some way to open source the chrome extension for v6 to allow the community to keep it up to date with Chrome?

  • Lars
    Lars
    1Password Alumni

    @1userof1password - 1Password has always been developed to withstand hostile conditions. In the days of local vaults and standalone licensing, this meant developing with the presumption that devices not only can be lost or stolen, they will be. They can be accessed by unauthorized people in certain conditions. In short, as a result, 1Password has never been built to depend upon the security of your device itself (operating system, device passcode, etc).

    That commitment to security of your data that is as independent as possible from the systems on which it runs continues today. The most important thing to remember with regard to 1password.com memberships in terms of the safety and security of your data is that what's stored on the 1password.com servers is ciphertext, encrypted by secrets (your Account Password and Secret Key) which only you possess. Those secrets are never transmitted to us, nor stored anywhere on our servers. What that means in practice is that even if an attacker were able to get around the considerable server-side protections we do have in place on the 1password.com servers, the result would, at worst, be a haul of encrypted data the attackers lacked the keys to decrypt (or the secrets with which to derive them). We addressed this a while back in a post on our blog. Most important among the protections that do NOT depend on the security of the 1password.com servers is what we refer to as 2SKD: two-secret key derivation, utilizing the Secret Key.

This discussion has been closed.