Unfortunately this only works with hosted 1Password (as far as I can tell), there doesn't seem to be any support for self hosted vaults. Can Roustem or anyone else from 1Password team clarify this?
This was the precise reason I switched to BitWarden 6 months ago, needed a solution where my passwords didn't leave my network.
Appreciate your response. I'll reiterate what I've said past threads - I love 1Password a lot, and used it exclusively from 2012 to early 2020, in addition to using it personally I converted majority of my extended family to it as well. What irks me is that I paid for the desktop (macOS) app and iOS app once back in 2012 and once again for 1Password 7 (or 6?) upgrade, that is not enough to support the company and is primarily the reason why AgileBits went subscription route. Again - 100% understand and I'd like to support this business.
I really don't want to store my passwords on your "servers", and I'm sure there are few others like me - not a majority. In our case BitWarden's idea of paying for a subcription (happy to do it), and hosting BitWarden in my own network - pretty close to local vaults in terms of analogy.
I still like the UX of 1Password, if you ever allow local vaults and still charge subscription, I'll sign up on day 1 - I just don't want anything to do with my entire vault being hosted elsewhere, potentially irrational but when it comes to things we store in 1Password and the like - CC #, Passport number, decryption keys, licence codes, launch codes (jk) - I feel OK with my irrational paranoia.
> I really don't want to store my passwords on your "servers", and I'm sure there are few others like me - not a majority.
Businesswise, it makes sense as a first push: get a solid UX working for existing 1pass users who sync via the cloud better access on Linux. Then move on to the less glamarous parts like local vaults.
> I just don't want anything to do with my entire vault being hosted elsewhere, potentially irrational...
There is no logical mechanism that can tell you the correct amount of risk to take on, and yet you can't take actions without accepting some degree of risk. You can't justify your tolerance of risk, so it can't be rational, and yet you have to take an action, therefore you can't be fairly accused of being irrational. It's thus neither; I call it "arational" behavior.
You might think, hold on, there's a logical way: I'll look at what happens to a group of people pursuing different risk strategies, then model the expected risk vs return, and thus I can determine the optimal level of risk.
But I'd argue it's fallacious to apply that general claim to the individual. For one, you invariably have a set of outliers who were overly risky and beat the odds, were they all wrong? If not, what's the cutoff point, and why? (And likewise, a set of outliers who were unlucky despite being overly conservative, were they also wrong?)
Another reason is, as they say in finance, "past performance is no guarantee of future results." Any model you come up with to justify a risk strategy can and will be invalidated as history unfolds.
If you can't trust them to host an encrypted blob, you can't trust them to run code on your local machine. I agree with you that the resistance isn't rational.
Hosting my encrypted data means anyone with sufficient access at any single time can copy the encrypted data and attack it or me, then or later when eventually feasible.
Hosting only an executable I download and execute means the adversarial extraction of data must be contained within the executable and bypass all security from within my system. There is a window of opportunity for sending out a signal indicating the executable can not be trusted.
I do trust the team of 1Password to be competent and not evil, but there are many things that can go wrong anyway.
I remain disappointed that there is no way to set up nor configure a 1Password.com account without the web client.
> I do trust the team of 1Password to be competent and not evil, but there are many things that can go wrong anyway.
Very much this. I don't benefit in any way from having a copy of my sensitive data in their cloud, so as a very basic security principle, I don't want them to have it.
And that's just for my personal use. If they drop support for local vaults, I have to stop using it for work, too, because my employer prohibits password managers that store passwords in the cloud. My understanding is that these policies are specifically designed to keep us in compliance for government contracts, so I don't think they're changing.
I agree; and unfortunately I found self-hosted vaults to always be a bit challenging to get right, if I wanted to use my vault on multiple devices. The local-network only sync engine never worked for me, so I ended up using another third-party's servers to sync anyway. I signed up for 1password.com a couple months ago and it's been painless. To each their own!
> an executable I download and execute means the adversarial extraction of data must be contained within the executable and bypass all security from within my system
(emphasis mine)
Security is about having layers. I can't begrudge someone wanting to add layers to their security.
And I would bet that a team who's job for many years is to ensure the safety of your data will do a better job at it than 99.9% of users that host it themselves.
That isn’t logical at all. The two are completely different threat models.
I used to be a happy 1Password customer until they decided that they did not want people like me as customers. I trust the code, I don’t trust them to store my data, encrypted or not.
They've absolutely crippled 1password to make local vaults as difficult to buy and use as possible. They don't roll out updated versions as often, many versions don't get support for local vaults for years, they make it nearly impossible to buy the non-subscription version, and you can no longer upgrade older licenses to use new versions.
Their entire business model is really sleazy and they've gone out of their way to alienate people who don't want to pay for a subscription and hosting service for something as simple and secure as locally encrypting passwords. I was a loyal customer for a long time but after a few years of them jerking non-subscribers around, I got tired of it and tell any friends and family to stay away from it.
Every company that has moved to a subscription and cloud-based product has essentially traded a one time $30-50 license to getting that (or more) every year, and the product is usually inferior from my experience.
> Every company that has moved to a subscription and cloud-based product has essentially traded a one time $30-50 license to getting that (or more) every year, and the product is usually inferior from my experience.
Two mild counterpoints:
(1) While "from my experience" is always definitionally anecdotal, most applications that I'm aware of that have moved to (or started with) a subscription-based model have released new features on a rolling schedule that's at least as fast, if not faster, than the "one-time license" model. On the Mac/iOS, there's Ulysses, Fantastical, and Drafts off the top of my head; cross-platform, the JetBrains IDEs all come to mind. (They're not precisely the same model due to their "perpetual fallback license" approach, but they're definitely trying to drive you to subscribe.) And, for all the mostly-deserved hate Adobe gets, their release cycle appears to have picked up speed since they moved to a subscription model.
(2) The one-time license model works great for applications that don't need any updates in the future beyond perhaps bug fixes. If you want ongoing support and new features, where does the money to support that come from? In years past it would have come from upgrade pricing, but programs went years between new releases and there was nothing that compelled users to upgrade if the old program was still working on their hardware. I get that as a user that's great, but for developers, it's, well, rocky. It was livable a decade ago because those big application programs were way more expensive. At today's prices, where $39 seems kinda steep, that may not be a workable business model.
As for 1Password specifically, I run it on a work laptop, a personal laptop, an iPad Pro, an iPad Mini and an iMac, and keeping the various "local vaults" in sync was always a bit of a pain in the ass -- and of course there was no way to access that vault over the web on a different machine if I really, truly needed to. And I know more than a few people using 1Password for Families. I don't think it's a "really sleazy" business model at all. It may be a business model that you don't like, but that's not the same thing.
Maybe they weren't. 1Password used to support self hosting and third party sync services. Some versions still support some third party services but only subscriptions work everywhere.
As somebody who uses exclusively local vaults and pays via subscription, that is totally possible. It’s not possible on Linux, as noted above, but the Mac/iOS apps have supported that for the full lifespan of the subscription model.
Some of them I sync via Dropbox’s native 1Password integration. Others are stored as raw files from 1Password’s perspective, and I sync them by either copying the files or storing the file vault in Google Drive.
If you don't mind sharing: what benefit do you get from this configuration vs using the features of 1Password.com that are included in membership? - Ben, 1Password
I currently get by on Linux by syncing my 1Password vault and reimporting it to KeepassXC every time I need a newly added or updated entry. Annoying to have to create new entries on another devices and sync when I need an account on Linux but it works. Looks like this update provides me with nothing useful.
There’s no way I’m moving to a 1Password account, but I might just switch away entirely the next time I need to pay for an update or whatever, given the apparent lack of interest in serving my needs despite the amount of money I’ve paid for updates, etc. to date and the fact that it’s clearly technically possible.
Use local vaults and you can firewall the application. Sync a different way and somebody would have to compromise 1Password and the sync service to get your passwords. Use a 1Password account and you have to use your master password in a web browser to manage your account.
1. I don’t like or want subscription software. I shouldn’t have to pay continuously to retain access to features I’ve paid for for years and it’s not ok to potentially lose access to my main method of creating and accessing secure logins across devices if I stop paying (which could be by choice or, whether temporary or permanently, involuntarily/accidentally).
2. I don’t want to store my data on their servers. I have ways of securely syncing data that I trust and that use only devices I control. For reasons of trust, security, etc. I want control of where my vaults are stored and it not to be the same company as the one that provides the software (for some machines/vaults I can also prevent 1Password from accessing the internet at all, to ensure the vault can’t leave a secure network, for instance).
3. If everything I store in synced folders was a separately charged service I’d be paying thousands a month. This trend is unsustainable and unwanted. I see absolutely no incremental value in the hosting service so I don’t want to pay for it.
3. The whole sleazy business model that pushes users towards subscriptions and makes it harder and harder to stay on self hosted vaults and uses things like this, described by them as the most requested feature, as leverage to try and force more users to switch. When the subscription model was introduced there were assurances to concerned customers that we were valued and this self hosted sync method would be supported. I am fine not getting features that are and should be deeply integrated with and require their hosting service (I also have no interest in ever having access to my vault via a web browser, which has the potential for horrible enough security properties that I’m glad it’s not an option (and I don’t have the time or inclination to have a feature which I don’t require anyway audited)). But when an entire desktop client is put in that bucket, it is because someone decided to make it so to try and get us to fall in line, not because it needs to be. Not the action of a company that respects any the users who still want to self host like they say they did.
At this point, with what appears to be a company that’s hostile to my use case, it’s getting difficult to justify spending more money at the next upgrade just to avoid the one time pain of evaluating options and switching to something that’s potentially better for my needs (if it, say, has a full
Linux client I can use). If I move I’ll also likely plan to switch over the teams I manage that do use the subscription model. Subscription software makes far more sense in a corporate setting, and if the 1Password account fits the threat model then great, I use it, but if I am no longer using or evaluating 1Password (especially when the reason is partly trust in the company itself), that gets trickier, as does continuing to recommend it to others.
I'm in the same boat as the sibling: I'm about to move off of 1password because there's no Linux client. I'm a regular licence user, not a subscription user, and I will never buy a subscription from you but I've been happily paying to upgrade every time you release an upgrade to the regular software.
It seems that this is signalling your commitment to stop supporting users like me, and that's very disappointing.
A subscription implies you lose access to the software when you stop paying the subscription.
Buying a license implies you own it and are entitled to use it indefinitely. You might not get any updates but you also aren’t losing access to what you already paid for. Very, very big difference.
While I understand where you're coming from, I think "indefinitely" is a fairly impractical viewpoint in the sense of modern computing, particularly in the context of 1Password. Presumably you'll continue to update your web browser and your OS, which will at some point necessitate updates to the 1Password apps. For example, with Safari 13, which came baked in with macOS 10.15, Apple changed their entire extensions framework and retired the old one. 1Password 6 was built around the old one. So even if you have a license, and could theoretically install 1Password 6, if you're a Safari user it doesn't do you much good. Membership on the other hand would've included 1Password 7, where we implemented a Safari App Extension for Safari 13+ support. Just a counter-point for consideration. Also, for what it's worth, 1Password memberships become read-only when your subscription lapses, but you don't lose access. - Ben, 1Password
...why? Of all possible target audiences it would seem Linux users would be the least receptive to this kind of thing.
Forgive my bluntness, but to me this looks like you're just testing forced adoption of 1password.com hosted SaaS on a platform you don't really care about before rolling out the same to Mac & Windows. Which would be unfortunate.
I can't speak for them, but it's my impression from using 1Password for a good few years (both the local-vault product, and then the "account" subscription service) that local vaults are basically deprecated, even though they work fine. They're just not a good way for AgileBits to make money. So they'll keep them working in the software for existing customers who paid for them and expected them to work; but they won't add new features to them (except by coincidence as part of architecture-level updates) and won't bring them to new platforms where they weren't originally promised to work. They're a legacy feature, serving legacy customers.
For the same reason that they won't bring local vaults to Linux, I don't think they'll ever kill local vaults for macOS or Windows. There are customers who paid for that product, and expect it to still work. (And, unlike e.g. an old version of Photoshop, it's implicit in the USP of a "password manager" product that it'll continue to get updated so that it works on new OSes and so forth, so that you can still have access to your passwords. You can't just stop supporting it; that'd break the whole value-prop of the product, retroactively, and so break the trust of future customers in any "password manager" products you have today.)
I hope Agilebits considers adding local vault support. I’m a long time user and even a subscriber, but I don’t actually use the account I pay for, for anything except license to use the software - I still use local vaults.
I’m happy with this arrangement - it’d be a shame if the Linux client never gets this functionality.
This is what I like about HN, interesting people drop by from time to time to visit.
I have been a happy 1Password customer for years, but I am in the market for a change now. I really wish 1Password had an iOS client that didn't require 17+ permissions.
Please tell me local support is coming. I'm a longtime 1Password user who only uses local vaults and I feel like 1Password is increasingly showing me they aren't interested in me as a customer.
No, this has been available for YEARS on Mac/Win, so it's not a preview of anything. Self hosted vaults haven't been in the new apps for years either, although the last version to support local vaults is still available.
The latest versions of 1Password still support locally stored vaults. They only sell the cloud service subscription these days, but you can still use local/Dropbox vaults on every platform. (except for Linux it seems)
Depending on your use case, KeePassXC supports reading local vaults, but currently just reading them because I didn't have the need to try and round-trip the vaults for my on-call laptop.
I don't believe it would be an overwhelming amount of work to implement the write portion (err, aside from getting a security review) but I do seriously doubt that KeePassXC would accept the PR to change the backing store, meaning it would have to be a fork :-(
This was the precise reason I switched to BitWarden 6 months ago, needed a solution where my passwords didn't leave my network.