Hello all, I'm the Chief Defender Against the Dark Arts at AgileBits, the makers of 1Password.
The discussion and analysis in Dale Myers' article is very good, although someone who just reads the headline could very easily come away with the wrong impression.
The "older" .agilekeychain format (AKF) — designed nearly a decade ago – does indeed expose the same sorts of information that would be in someone's browser bookmarks. So if someone gets hold of your AKF data they will be able to see what sites you have Logins for and what titles you have for your items.
Given the constraints we faced back then, that might have been a reasonable design choice at the time. But it is certainly not an acceptable design choice today.
The article does point out that that the OPVault data format was introduced as a replacement for the AKF back in December 2012. The OPVault format not only encrypts much more of the metadata, but it also provides for authenticated encryption and includes many other improvements.
The article also points out that the behavior of the AKF "discovered" is documented in many places. We've blogged about it, we've talked about it on our discussion forums and it is in the docs. What isn't in place is some big red letters in the user interface that says "Using this format leaves URLs and Titles unencrypted".
Dale Myers' article also correctly points out that we do offer instructions on how to migrate your data from the Agile Keychain format to OPVault.
The article criticizes us for
(a) Not making OPVault the default for new Dropbox synching, and
(b) Not providing a nice easy way to migrate
Obviously we would love to see everyone on the new data format. It is a big improvement over the old one in an enormous number of respects, but until we can be confident that everyone is running clients on all of their platforms that can handle the new format, we are treating migration as an "expert only" thing.
Rolling out a data format change when you have one "product" and one platform is easy. But we need to make make sure that people are using versions (and that such versions are available) of 1Password that handle the new format on all of the devices that they sync with.
So if we were to make OPVault the default sync format on Mac, we would need to know that the 1Password app people are using on Windows. We have been conservative about this.
Also, in our beta testing of data migration, we discovered a nasty bug in how we encoded keys for the some attachments. The result is that some of our beta testers would have lost data if they had not had good backups of their AKF data. Obviously, that is not something we wanted to push into general release. (Only attachments created in specific circumstances were victims of that, so we didn't spot it in internal testing.)
Now you may very well disagree with some of our judgement calls, particularly about how cautious we have been and continue to be in migrating people to the new format. But I hope that even if you do disagree, you will see that there are reasons for our choices.
I am a bit annoyed. I recently set up syncing between my iPhone and Mac with 1Password, and during the process, nothing in either app prompted me to use the newer format, or informed me about the trade offs that would be made by choosing one or the other.
I understand. And this is pretty much what we are taken to task for in the article.
The difficulty is that when you set thing up, we don't know what other platforms you will set up for. Since OPVault (still) doesn't work everywhere, we leave switching to it an advanced process.
We've thought about adding a screen that asks "Will you by synching to devices using 1Password for Android or 1Password for Windows prior to version XX or 1Password for Mac prior to version YY?" and then using OPVault if their answer is "no".
But a mere warning about what metadata is and isn't exposed, without something that people can easily do is just going to confuse most people more than help.
A big green "this is the best default" with a less prominent option "if you're more advanced and are sure you are using the latest versions of this, use this" seems like a reasonable compromise.
There are definitely ways to present these options without getting super technical, I know that, like the security underlying these options, there are trade offs, but having the only option being me opening a terminal and running defaults, after searching in rage, this can't be the right trade off, it just can't.
It seems like there's no communication around this at all, despite the fact that it's been three years since the change was implemented.
Convenience is great. It's part of why I use 1Password. There is a limit though to convenience. It's not convenient for me if my data is out there. If you aren't willing to automatically push this to users, at least give the users the option. You can outline the pros and cons of each choice.
Also, it's been 3 years since OPVault first came out. How careful can you be?
Well, we've been slower than we (and you) would have liked getting OPVault to different platforms. For sophisticated users, handling the switch should be fine. But we need to make the transition rock solid everyone.
If even just 1% of our customers end up synching a .agilekeychain on some devices and an .opvault on others, they will get data that slowly drifts apart. And we've grown kind of popular over the years. 1% of users is a lot of people.
Our transition from OS X keychain to Agile Keychain back in 2009 was an rough experience for customer support. And back then we were Mac only.
I'm not saying that the wait hasn't been longer than it should be. But our plans for a swift transition didn't work out as we would have liked.
Security is your thing. I think when it comes to protecting your user's data vs inconveniencing them, you should inconvenience them. This will make us trust you more vs creating a new database format almost 3 years ago which fixes some of the security bugs of the old one and expecting only the experts to figure it out. Please make it the default.
If people end up with one set of devices synching an .agilekeychain and on another set of their devices synching an .opvault they may not notice until things have different far apart.
Preventing data loss is part of data security. So many of these decisions aren't so much a "security v convenience" decision but a "security v security" decision.
I've been using your software for years now and had no idea about the "new" format. And I don't care about Windows. Please improve how you inform your customers and give me a way to migrate.
And beware - trust is hard to earn, but easy to lose.
The discussion and analysis in Dale Myers' article is very good, although someone who just reads the headline could very easily come away with the wrong impression.
The "older" .agilekeychain format (AKF) — designed nearly a decade ago – does indeed expose the same sorts of information that would be in someone's browser bookmarks. So if someone gets hold of your AKF data they will be able to see what sites you have Logins for and what titles you have for your items.
Given the constraints we faced back then, that might have been a reasonable design choice at the time. But it is certainly not an acceptable design choice today.
The article does point out that that the OPVault data format was introduced as a replacement for the AKF back in December 2012. The OPVault format not only encrypts much more of the metadata, but it also provides for authenticated encryption and includes many other improvements.
The article also points out that the behavior of the AKF "discovered" is documented in many places. We've blogged about it, we've talked about it on our discussion forums and it is in the docs. What isn't in place is some big red letters in the user interface that says "Using this format leaves URLs and Titles unencrypted".
Dale Myers' article also correctly points out that we do offer instructions on how to migrate your data from the Agile Keychain format to OPVault.
The article criticizes us for (a) Not making OPVault the default for new Dropbox synching, and (b) Not providing a nice easy way to migrate
Obviously we would love to see everyone on the new data format. It is a big improvement over the old one in an enormous number of respects, but until we can be confident that everyone is running clients on all of their platforms that can handle the new format, we are treating migration as an "expert only" thing.
Rolling out a data format change when you have one "product" and one platform is easy. But we need to make make sure that people are using versions (and that such versions are available) of 1Password that handle the new format on all of the devices that they sync with.
So if we were to make OPVault the default sync format on Mac, we would need to know that the 1Password app people are using on Windows. We have been conservative about this.
Also, in our beta testing of data migration, we discovered a nasty bug in how we encoded keys for the some attachments. The result is that some of our beta testers would have lost data if they had not had good backups of their AKF data. Obviously, that is not something we wanted to push into general release. (Only attachments created in specific circumstances were victims of that, so we didn't spot it in internal testing.)
Now you may very well disagree with some of our judgement calls, particularly about how cautious we have been and continue to be in migrating people to the new format. But I hope that even if you do disagree, you will see that there are reasons for our choices.