I hope Apple will give option create different password to access password app, not same iPhone passcode/password.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
1Password migrants thread
- Thread starter MacBH928
- Start date
- Sort by reaction score
This is one of the main reasons why I will NOT use anything that syncs only through some Cloud-based SaaS. That was one of the big issues that caused me to migrate away from 1Password.
One of my big requirements is the ability to KEEP and BE IN LEGAL POSSESSION OF MY OWN DATA, regardless of what program/application I use. With how data and privacy are in the US in relation to the 4th Amendment to the Constitution, any 3rd party you use to store data on (passwords, pictures, posts, etc.) is the possession of that 3rd party, not the actual user. If for some reason, if a person is under investigation, no warrant would be required to be served to that person to retrieve data from that 3rd party, as the 3rd party is not privy or pursuant to that investigation. Because of that, the government could simply subpoena the 3rd party to get that data (more importantly, those passwords), and could get access to everything that person has.
That is what makes using any SaaS even more dangerous than holding that data yourself. I would rather be in control of my data instead of giving up that control to a 3rd party. So synchronizing by WiFi or some other local process is a major requirement.
Additionally, it took Apple 10+ years to finally get into this game, as password managers have been around for over 20 years, with some going as far back as the early 1990s. So while Apple will likely be around next year, they still fall into the same situation as any other Saas; they are 3rd party to any government entity that may conduct any given investigation.
So while others may think that that wouldn't be a problem for them because "they haven't broken the law", that potential exists for everyone, and if we are talking about privacy, let's be sure to take all privacy into consideration.
Right now, I'm still rolling along well with Enpass, as it meets my requirements.
BL.
1password (and other cloud password managers) servers can die completely and you will still have access to your passwords. They can go out of overnight, not tell anyone, and when you wake up, your passwords will still be there. You just need to export them, and more to another password manager.
As for the law, let them take my password vault, doesn’t mean they won’t get in (and probably wont’).
Last edited:
I migrated from Enpass myself to Passwords.app. I couldn't go back due to how clunky Enpass is. One feature is that Passwords.app will auto-grab the code from your iPhone and plug it into the web login form automatically. No more typing 6 or 8 number values
So it is like an interface to manage Apple Passwords app?
If you use FOSS software that is e2e, then you should be safe right?
I do not trust them when they say a closed sourced software called e2e. I am sure somewhere in the "agreement" you clicked OK on something that says they can decrypt it or something like that.
What exactly happens if 1password server is not responding or your credit card got declined? You can still use the app but not add+delete+sync ? I imagine every time you launch 1password it does some sort of a "handshake" with their servers to say "everything is ok"then proceeds to unlock.
One feature is that Passwords.app will auto-grab the code from your iPhone and plug it into the web login form automatically. No more typing 6 or 8 number values
what are you exactly talking about? SMS 2fa?
I migrated from Enpass myself to Passwords.app. I couldn't go back due to how clunky Enpass is. One feature is that Passwords.app will auto-grab the code from your iPhone and plug it into the web login form automatically. No more typing 6 or 8 number values
Umm.. That is exactly what Enpass does, on both desktop and mobile apps. For MacOS/iOS/iPadOS, they use TouchID/FaceID; on my PC I would have to enter a password because I have nothing biometric on my PC, and I'm okay with that, as my PC is not my daily driver. Plus, I can back up/export my vault to my NAS, which also gets backed up to local disk, leaving me in complete possession of all of my passwords/sensitive data.
BL.
The subscription of 1Password is worth it to me, is my conclusion, after given it some thought.
I've had a lot of discount this far, as I wathced my account.
But now and forward, it really doesn't cost more then 2kg quality espresso-beans/year to have this app that I really aporeciate and have available on all devices.
I never questioned buying some great and new beans to my espresso-machine, ever 😂
So I'm staying with 1Password.
I've had a lot of discount this far, as I wathced my account.
But now and forward, it really doesn't cost more then 2kg quality espresso-beans/year to have this app that I really aporeciate and have available on all devices.
I never questioned buying some great and new beans to my espresso-machine, ever 😂
So I'm staying with 1Password.
To me the two crimes committed by the 1Password people are: subscription model and making the WIMP interface an Electron app on the Mac. The latter is truly shameful.
Same here. I’ve spend way more money on more shroud things.
“Crimes” 😂 yeah, ok.
The whole Election app has been blown way out of proportion. It’s one that he best apps on my MacBook, including the Apple apps. It runs so smooth and no issues.
1Password keeps all your data locally. If it can't reach the servers it still works. I just did a test where I disconnected from the network, completely restarted 1Password, and worked with my vaults. I was able to see all my data and add a new entry without a problem. The program reported that I was offline and any changes I made wouldn't be sync'd to my other devices.
With 1Password you keep and are in possession of your passwords. They are stored locally. Complete and searchable exports are trivial (but store them somewhere encrypted). The 1Password servers don't have access to your passwords. It's a matter of semantics whether you consider them to be in possession of those passwords. Certainly a subpoena of their servers would not cause your passwords to be exposed. A subpoena of your computer would be a greater risk.
But you can still unlock Passwords with the Mac admin password
Last edited:
You're probably using Electron based apps without even knowing it, yet due some reddit posts, things went viral with 1PAssword's use of electron.
As for subscription models, it seems outside of open source based applications nearly every publisher it seems is embracing the subscription model. I'm not defending that action, just pointing out that like or not, subscriptions are here. Its up to each of us to weight the monthly cost vs. the need that the apps fills. For me, 1Password is worth it, though every time my account nears renewal, I analyze whether I should switch. Neither points that you posted are crimes, they are business decisions like or not.
As a consumer, you are free to vote with your wallet, but I wouldn't take it personal, they're doing what's best for their company and you need to do what's best for you and your family.
I was one of those haters, but I was also doing beta testing. Now, it’s a very smooth app with no issues. I fount this Wiki page and they list Bitwarden, WhatsApp, Discord, Twitch, Signal, and others using Electron.
The days of one time purchases are going away, but the days of simple security are long gone also. I actually remember when passwords were not case sensitive. Apps (especially password managers) have to keep up on the latest security measures, and that cost money. I find value in some of the subscriptions, 1Password being one of them. I’ll drop most of my streaming services before I drop 1Password.
Exactly, voting with your wallets is the best way.
Last edited:
For Bitwarden that's still true of the Mac desktop app, but it's not accurate for the iOS app. They recently replaced the iOS version with a native one.
Still being used, and yet people complain about it used on 1Password, that was my only point. I honestly couldn’t care less what’s used, as long as it worlds and it’s secured. Sadly, people will find anything complain about.