1Password migrants thread

[MacBH928]

I switched over to Enpass because I had almost every device with a lifetime license for 1Password EXCEPT my Windows machine. I couldn't stand it. So i switched to Enpass, it's pretty much a clone.

I switched to Enpass since about this thread started (about 4 years). While it still works, it seems as good as dead. Developer only releases security fixes more or less. No improvements or advancements. They really do not seem enthusiastic about the app. I imagined they would jump head first trying to pick up those 1password migrants.

 

[MacBH928]

Regarding Strongbox: It is always disheartening when an application founder sells out. However, I think password applications that are exclusively for Apple operating systems, will have a tough time staying in business with the advent of Apple’s Passwords app. Thus, I think that the developer was wise to get out when he could.

never thought of it this way. Smart man. Just yesterday I had a family member who has no idea what his passwords are and he said its all stored in Apple Passwords app. This just shows you how much regular folks are indifferent to spending money on password app if one given for free built in. Reminds me how Explorer killed Netscape.

 

[MacHeritage]

One thing 1Password did was remove the ability to download the browser plugin for 7.x. If you have it, you are probably ok. If not, too bad. It's copy & paste for you.

I know, I deal with this when using another browser other than Safari. It is crazy that they did that. Safari is built-in but the rest... Grrr. I wonder if I can copy it from an older Mac to the newer one... I will have to try that out later on. It should be possible with Firefox at least.

 

[Mr. Heckles]

One thing 1Password did was remove the ability to download the browser plugin for 7.x. If you have it, you are probably ok. If not, too bad. It's copy & paste for you.

They didn’t, it no longer works on certain browsers.

 

[Jordan Klein]

They didn’t, it no longer works on current browsers.

Mine works fine in Brave, Safari, and Firefox on macOS 15.4 (Intel)

 

[Mr. Heckles]

Mine works fine in Brave, Safari, and Firefox on macOS 15.4 (Intel)

I meant certain ones.

 

[svenmany]

Mine works fine in Brave, Safari, and Firefox on macOS 15.4 (Intel)

I'd be careful. Just because it appears to work, it might not really be protecting you adequately. Unless it's being updated to cater for browser changes and new security threats, I wouldn't assume it works fine.

If 1Password still provided it as a download, then they would be obligated to ensure it is safe. Since they aren't working on it anymore, they no longer provide it.

Password software is a different beast than other software which handles less sensitive data.

 

[MacBH928]

It has come to my attention that cloud based password managers can log passwords typed into their websites to unlock the vault. While its unlikely a trust worthy organization would do that, I am still worried. I can not imagine if a hacker or a malicious actor/employee uploads such code. Everything from bank accounts, to government, to online storage will be unlocked.

Not sure if my worry has any basis as I mainly use Bitwarden now.

 

[svenmany]

It has come to my attention that cloud based password managers can log passwords typed into their websites to unlock the vault. While its unlikely a trust worthy organization would do that, I am still worried. I can not imagine if a hacker or a malicious actor/employee uploads such code. Everything from bank accounts, to government, to online storage will be unlocked.

Not sure if my worry has any basis as I mainly use Bitwarden now.

1Password's website application is an application that runs entirely within the web browser. It makes calls to their servers which are probably just variations of the ones made by their desktop application. 1Password's website application doesn't not send your credentials to their servers for them to unlock your vault.

Do you have a reference that raises concerns about a particular password manager's website?

 

[MacBH928]

1Password's website application is an application that runs entirely within the web browser. It makes calls to their servers which are probably just variations of the ones made by their desktop application. 1Password's website application doesn't not send your credentials to their servers for them to unlock your vault.

Do you have a reference that raises concerns about a particular password manager's website?

am not technical, but I heard if you login from the website they can alter that to log your password. Even if you trust 1password/Bitwarden/Proton Pass , a hacker might do a breach and insert code to log the passwords. If this is possible or not possible please inform me.

 

[Mr. Heckles]

am not technical, but I heard if you login from the website they can alter that to log your password. Even if you trust 1password/Bitwarden/Proton Pass , a hacker might do a breach and insert code to log the passwords. If this is possible or not possible please inform me.

Heard from where?

 

[Rodan52]

I'm still sticking to Enpass. No remote storage on proprietary data bases, full local control of my passwords, encrypted syncing via OnePass or iCloud and plenty of templates with customisable additions for Notes, timed authenticator codes and PassKeys, plus security checks via WatchTower. Yes, I am slowly (very slowly) duplicating some of my data onto Apple Passwords for convenience but it still doesn't have nearly the features I need and want.
I have had this PWM for 6 years now and it continues to adapt and evolve to new security requirements. I have a lifetime licence and have never been asked to pay for an update with the exception of when macOS upgraded to 64bit APFS. Even then I got a discount as an existing subscriber.

 

[bradl]

I'm still sticking to Enpass. No remote storage on proprietary data bases, full local control of my passwords, encrypted syncing via OnePass or iCloud and plenty of templates with customisable additions for Notes, timed authenticator codes and PassKeys, plus security checks via WatchTower. Yes, I am slowly (very slowly) duplicating some of my data onto Apple Passwords for convenience but it still doesn't have nearly the features I need and want.
I have had this PWM for 6 years now and it continues to adapt and evolve to new security requirements. I have a lifetime licence and have never been asked to pay for an update with the exception of when macOS upgraded to 64bit APFS. Even then I got a discount as an existing subscriber.

How long ago was the bold? I ask because I went straight to Enpass when I purchased the M1 MBP, which should have been around mid April 2022. If I'm right, I should have missed this, which is why I haven't paid for any update since purchasing Enpass.

BL.

 

[Rodan52]

About 4 years ago, just after macOS Mojave.
ADDIT: Wow, doesn't time fly, I just checked, it must have been around 2019-2020

 

[svenmany]

am not technical, but I heard if you login from the website they can alter that to log your password. Even if you trust 1password/Bitwarden/Proton Pass , a hacker might do a breach and insert code to log the passwords. If this is possible or not possible please inform me.

Who are "they"? You might be referring to a particular threat vector that you read about. Could you provide a link?

 

[MacBH928]

Heard from where?

Who are "they"? You might be referring to a particular threat vector that you read about. Could you provide a link?

I was talking to some coders on social media and they mentioned that this is possible so I came to here to see if anyone can deny or confirm

 

[svenmany]

I was talking to some coders on social media and they mentioned that this is possible so I came to here to see if anyone can deny or confirm

Reconnect with them and get the details, then tell us.

 

[Rodan52]

I don't think it's that simple. A "hacker" would need a lot of personal information about you and probably access to your email address. Even so you would still receive a query from your provider asking if it was you. If you have 2FA in place (and everyone should by now) you would further need to authorise any change on another trusted device or an Authenticator app.

 

[lostPod]

I switched to Enpass since about this thread started (about 4 years). While it still works, it seems as good as dead. Developer only releases security fixes more or less. No improvements or advancements. They really do not seem enthusiastic about the app. I imagined they would jump head first trying to pick up those 1password migrants.

Seems to be the case, which is too bad. Unfortunetly, I have multiple devices. I see many Apple only applications that look awesome and are lifetime.

 

[cubbie5150]

I switched to Enpass since about this thread started (about 4 years). While it still works, it seems as good as dead. Developer only releases security fixes more or less. No improvements or advancements. They really do not seem enthusiastic about the app. I imagined they would jump head first trying to pick up those 1password migrants.

Yeah, I bought my Enpass lifetime license in February 2022 after leaving 1password behind, and it remains my sole password app. However, I am not anything close to a "power user" (whatever that means in relation to a password manager), so its relative deficiencies are lost on me as I haven't bothered trying anything else. All that said, I still have noticed that we get updates once in a while, but no experiential or functional changes in quite some time.

🤷‍♂️ it works well *for me* but I can definitely see how peeps who use it differently/much more frequently than me would want something more/different. It remains in use for me as it meets one of my non-negotiables: my vault is stored locally and I sync devices via wifi.

 

[MacBH928]

I don't think it's that simple. A "hacker" would need a lot of personal information about you and probably access to your email address. Even so you would still receive a query from your provider asking if it was you. If you have 2FA in place (and everyone should by now) you would further need to authorise any change on another trusted device or an Authenticator app.

-All they need is your user name and password. If you inject password reading script in the site, thats it since Bitwarden is access from a website. Similar situation for cloud based password managers.

-I know 2FA gives safety, but I doubt many people have it set up and I am not convinced of the authenticator app thing. If you delete or lose your device thats it. You can't access your passwords because you need the device/app to unlock it+it should always be with you.

Yeah, I bought my Enpass lifetime license in February 2022 after leaving 1password behind, and it remains my sole password app. However, I am not anything close to a "power user" (whatever that means in relation to a password manager), so its relative deficiencies are lost on me as I haven't bothered trying anything else. All that said, I still have noticed that we get updates once in a while, but no experiential or functional changes in quite some time.

🤷‍♂️ it works well *for me* but I can definitely see how peeps who use it differently/much more frequently than me would want something more/different. It remains in use for me as it meets one of my non-negotiables: my vault is stored locally and I sync devices via wifi.

-For me the killer feature is the min assistant. AFAIK it exists only in 1PW, Enpass, and Codebook. I do not understand how this isn't any more popular. At any time I can invoke the keyboard shortcut and have access to any info I need like addresses, CC numbers, emails, etc in any app.

 

[MacBH928]

Well as foretold by me, based on Proton's history, they are hyper adding features to their bare bones password app. Give it another shot if you were considering it.

 

[einsteinbqat]

If you guys remember, Applause is the company that bought the Bartender app (go through the MacRumors news archive and forums to read about the controversy).

 

[eltoslightfoot]

If you guys remember, Applause is the company that bought the Bartender app (go through the MacRumors news archive and forums to read about the controversy).

Did Applause buy someone new?

 

[gregmac19]

Did Applause buy someone new?

I am not sure why einsteinbqat posted what he did, as the information he shared has been covered, starting with Post #2,882 in this thread.