Hi, thanks for updating the interface of 1password for windows, i have immediately subscribed after checking, great job. But unfortunately, it is impossible to open a local vault that we had on 1password 7. There are some passwords which we are not allowed to sync to cloud (for work), hence they must stay local, and personal passwords that I want to sync to cloud. It would be very nice if opening a local vault on 1password 8. Is it planned or will not be possible ever? Thanks. 1Password Version: 8 Extension Version: Not Provided OS Version: windows 10

Hi @benwade Thank you for your interest in 1Password 8. I understand the concern regarding the lack of standalone vaults in this version. In case it is helpful, I wanted to outline some of the important aspects of how we handle your data. 1Password always works from a local copy of your data. Data you enter is encrypted before it is saved into this local database. The database is stored on your computer, and syncs when you are online. This means you can access your data while you're offline (or in the event that we are offline). The Secret Key - This is explained more fully in our security white paper, but the short explanation is that if someone were to guess or bruteforce your account password, that still wouldn't be enough to get your data. The Secret Key provides a serious safeguard against this, and the mathematical complexity that it puts in an attacker's path is essentially insurmountable with current attack methods and hardware. It makes it such that even if someone could steal everything from our servers, they wouldn't be able to access any secrets you've stored in 1Password. This key is not available to us, either, so even in the case of a malicious employee with the highest levels of access, your data is protected. We put our trust in encryption rather than authentication. This is because, in short, "Encryption means that 1Password does not face the kinds of threats a largely authentication-based system would face, and we have used an authentication mechanism that defends against many of the threats faced by many other systems." You can read more about this, if you're interested, in our short guide here: https://support.1password.com/authentication-encryption/ We undergo security audits and pen tests, which you can find here: https://support.1password.com/security-assessments/ In short, we have made 1Password as secure as possible, keep the ability to unlock your data out of our own hands, collect nothing besides what's needed to run the service, and continually have our security tested for weaknesses. One of our founders, Dave, wrote about why we're moving away from standalone vaults and to membership exclusively, here. While of course you are ultimately the final judge of what's best (or perhaps even necessary based on policies etc) for your situation, I hope this provides some helpful context for how we're doing things now and going forward. Ben

I have the same issue as Ben - my employer has strict requirements for where their secrets may be stored, with strong regulatory and industry specific attestations required - beyond the SOC2 that you attest to. If you had a docker container / local server option - even if that server required a phone-home for licensing purposes- that would enable my continued usage of Version 8.

There's a survey in progress here concerning self-hosting : https://survey.1password.com/self-host/

Yep; indeed. Thanks for calling that out, @"J.M"! @"Joshua Samuel" I'd encourage you to participate in the survey. This will help us gauge the level of interest in such a solution, and help us determine feasibility. Ben

1P_Ben Will the 1Password iOS app be updated to version 8, or will a separate version be added to the App Store? I wish to stay on stand-alone, Wi-Fi synced, vaults for now in version 7. I’m concerned having app auto-update on will leave me stuck on the new version!

Local Vault | 1Password Community

1P_Ben
1Password Team
3 years ago
@mikebore

We can't control what other apps can import — that would be on the developers of those apps. That is the intention with 1PUX though, yes. We have created documentation that should make it relatively easy for any 3rd party solutions looking to support importing 1PUX into their products:

About the 1Password Unencrypted Export format

Ben
Former Member
3 years ago
Thanks Ben. How does the 1PUX file relate to the 1pex format you mentioned in this thread:[https://1password.community/discussion/comment/624218/#Comment_624218]
1P_Ben
1Password Team
3 years ago
1PUX is unencrypted. 1PEX will be encrypted. 1PUX is the correct solution for moving from 1Password to another password manager.

Ben
Former Member
3 years ago
Thanks.
1P_Ben
1Password Team
3 years ago
You're welcome. 🙂

Ben
Former Member
3 years ago
Now that 1Password 8 finally pulled the trigger on local vaults I actually decided to move on and got Enpass. I am sad that 1 Password changed their view on local vaults. I really appreciated the app and say thank you for the past 12 years. But I figured now it's the right time to say good bye.
PeterG_1P
1Password Team
3 years ago
We appreciate the note, @blaukraut, and thank you for your support over the long term. We hope we can win you back some day! Stay safe and best wishes from all of us.
Former Member
3 years ago
1P_Ben PeterG_1P Jack_P_1P

I use 1P on multiple PCs, iphone, ipad, all the family has it. I have used it for years.

I have used recommended 1P around me for years to friends and colleagues. I give demo to people around including co-workers, new hires, strongly advocating it, specially because my company does not want credentials stored or synchronized in the cloud.

1P team is also not an option for these reasons. Local (non synched) vaults have been an option to comply with this company policy.

While helping a coworker today, I have realized that she used 8 vs my 7. We then realized that local vaults were not an option. I could not give her a copy of my sharable local company passwords as a local vault. She will never be able create a local vault. We had to switch to v7. *This is a HUGE DISAPPOINTMENT. *

I have given my feedback on the page for the potential 1P team hosted version. One is needed for sure. More than ever.

I have read all of the above corporate arguments from 1P to abandon local vaults, and I simply don't buy them. Many of us professional users have a perfectly valid use case for local vaults. And I accept the manual backup need, because you local vault is not synched.

If there was an hosted 1P team version, you could imagine to drop this local vault feature after a couple of years maybe, the time to convince the CTO/CSO to buy it. But now, without alternative solution, NO !!! And if there was 1P team hosted, I would be the first one to push it to the security teams.

I have really the feeling that 1P let many of us professional users fall down by shunting local vaults. And this has nothing to do with subscriptions. With v7 I have local vaults and a subscription.

If this is not remediated, I will simply need to use, and recommend the product from a competitor. Listen to your customers. If you want to introduce changes, bounce them to us for feedback.

Realize that you created a problem. Please, put this back !!!
foolioCA
New Contributor
3 years ago
Add me to the +1 of those that are extremely disappointed to learn that local vaults and particularly those that are sync'd via WLAN is being removed. I was okay with licenses due to family plan and continued development and improvements in the product. Now you want to charge us for functionality being removed.

We have all been victims of people touting their security in the cloud and some of us have been victims of identity theft from breaches of credit unions and other places. Those that have been using this product for so many years are clearly security aware and conscious. The work use case applies to me but more so my personal things. I have simple shared accounts stored in the cloud but all of really sensitive info (drivers license, SSNs, and mostly financial logins) are sync'd via WLAN between my phone and personal laptop (not my work laptop). There is no way in hell that will be migrated to the cloud. I would say if 1password guaranteed to reimburse from losses due to a breach but it would be impossible to prove as well as bankrupt the company with the magnitude of users. Yes I have read and understand your private key logic and I understand the technology. But it doesn't convince me to take an unnecessary risk due to another companies selfish or poor business decision - it's just not worth it.

A standalone local vault is less work to maintain - it's absurd. WLAN sync has worked flawlessly for me - can't imagine it's that much support but even if that alone were removed I might begrudgingly deal with it. Add me to the list of people that will limp along on the old versions while looking for a more reasonable security conscious app and then migrate.

Disappointed.
PeterG_1P
1Password Team
3 years ago
Hi foolioCA, thank you for this post. I'm afraid that if standalone vaults are a must-have for you, then we're at a bit of an impasse.

We made the decision to move to the 1Password.com model for a number of reasons - including an increased ability to add more security-related features and better support folks who have encountered issues.

While we'd welcome your input on the self-hosting survey, the days of standalone vaults (or syncing to third-party services like Dropbox) aren't coming back. We had the chance to create a dedicated security architecture, greatly improve the functionality of the apps, and provide better support, and we took it.

To address a specific point:

Yes I have read and understand your private key logic and I understand the technology. But it doesn't convince me to take an unnecessary risk due to another companies selfish or poor business decision - it's just not worth it.

I think it's worth saying for anyone who's following along that the elements needed to decrypt your data are still stored exclusively with you. We never, ever have access to your account password or Secret Key. While I respect your decision not to put some or all of your data in the cloud (it's your data, and your decision), I'd be interested in what the specific concerns are around this - how should an attacker break strongly-encrypted data without access to the keys that only you, the local user, have?

I am sorry to learn that you're disappointed with the direction we're going, but these decisions were taken with an eye towards usability, convenience, and (very importantly) security. I hope you'll stick with us, but if not, we wish you all the best, and safe travels.

Forum Discussion

Local Vault

About the 1Password Unencrypted Export format

Recent Discussions

New item login field already populated

1Password not recognizing Barclays website

URL private link opening

Feature request: Warn before archiving an item

Can't log into 1Password app on my pcs after recent update.