Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
1Password migrants thread
- Thread starter MacBH928
- Start date
- Sort by reaction score
You did a good job expounding on your objections and while I may not agree with every point raised, I understand more clearly your position. Thanks for taking the time to reply.
They will be moving to a subscription with the release of version 6. People who buy version 5 will have full use of version 6, if I am not mistaken.
WiFi sync requires the devices using it to be on the same WiFi network. If anything, that network should be one in which you are secure in handling such data (read: your own WiFi network or one where you trust that will be secure).
The sync only happens between those devices and does not touch any other device or piece of equipment except the router serving WiFi. For example, if my Mac and iPhone are the devices, their network connection would only touch my WiFi router; if it were my desktop PC hardwired to that router (network cable) and my iPhone, their network connection would only touch that router. I would trust that network, because I manage that network.
Wash/rinse/repeat if I were at my parent's place. I know that no other devices external to their home network touch their router, so I could be secure there. Would I do this at a Starbucks or a place with free WiFi? absolutely not; I don't know who would be the man-in-the-middle for such a thing.
In short, it depends on how paranoid you want to be with your data. But as most of these password managers can hold more than passwords (1Password, Enpass, Codebook, and others can store credit card data, Social Security cards, etc.), it does pay to be paranoid.
Another reason why WiFi sync helps is because when you store your data in any cloud service, once your data hits that service's servers, it becomes THEIR data, not yours. They are the ones in legal possession of your data; so while they are contractually obligated to provide that data back to you, there is nothing legally obligating them to return that data should the company close. Similarly, if a person were under investigation, that person is protected by their 4th Amendment right in the US Constitution (if that person is based in the US) against search/seizure without a warrant. However, 3rd parties are not protected by that right. Those cloud services are 3rd parties. They can easily be subpoenaed to hand over that person's data, without any real recourse from that person.
That's why having while having this data in the cloud is great for convenience, that convenience comes at a cost of not being secure in that data only being available to you, especially in relation to any investigation concerning you. That is why having your own standalone local vault and WiFi sync is important; you're securing yourself against such searches and seizures by anyone else.
BL.
Well, you can make your own choice but I think as a society we became very sensitive especially online. There is that show from the 90s still going on called "South Park" they insulted and mocked many things and people but a lot of people love that show and is extremely popular so ?♂️
actually I don't know, but one thing I know is software implement on the server (their computers) you can never know whats going on in it, open source or not. From what happened to FB and Google, even if they breach this ToS and Privacy Policy they will hardly get a slap on the wrist meanwhile your info will be "leaked" all over the internet. Its a matter of trust really. For example, Apple would tell you they "encrypt" your data but in reality they have the decryption keys AKA if police (or a malicious employee) wants to they CAN open your files and see them and idk what they will do with them.
That being said, same can be said about closed-source/proprietary software like 1Password/EnPass. Even if synced locally you don't know what going on behind the scenes and if their software is sending your data back to their servers behind the scenes. The safest is open source AND local vault like KeePass and KeeWeb.
In the end its all about paranoia level and who you trust, for example you have no problem your doctor have your medical history but you might not like it if it was posted on the bulletin board at your work.
I will be looking forward for your feedback and comparison to 1password, I still have not made the jump.
Hi... (First of all - I'm not a native speaker - so sorry for any grammar issues and so on...).
I can fully understand what 'svenmany' is talking about.
I'm also looking for a new password manager (1Password at the moment).
While I'm a big fan of them (using them for several years), I don't like a lot of 1Passwords decisions for their future products.
Looks like I will try the Open Source way with maybe KeePassXC and and a iOS KeePass app...
Yes there are a lot of programs on the market, but after longer research there are only a few left.
Strongbox and Keepassium in my case (at the moment).
Strongbox (https://strongboxsafe.com) looks nice, has decent features and a very good approach.
But I think I will go the way with Keepassium (https://keepassium.com).
It's not as feature rich, but everything looks well thought out and follows the concept of making slow but steady steps forward.
That's what I want to have with a password manager (my opinion).
I have to fully trust the developer (also because he is the guy who makes the program where I do store my major secrets)....
Enclosed you can find a very interesting conversation between the developer of Keepassium and Strongbox.
I have formed my opinion about Strongbox and Keepassium...
If you have 1Password 6, it will work on Monterey; however, it is an Intel binary, so it will run on Monterey as long as Intel is supported. When Apple drops support for all Intel CPUs, it will fail to run on any future release of MacOS.
If you have 1Password 7, they do have an Apple Silicon version of that application on 1Password’s site, but I’d suggest to get it ASAP. When 1Password 8 for MacOS is released they’ll more than likely pull that file.
Also, keep in mind that while 1Password 7 does support standalone vaults, you need the license to run it in that way. You can no longer purchase that license, as AgileBits shut down the servers provisioning those licenses. So your only option with that is by subscription or not at all.
BL.
They probably confusing you on purpose so you buy into their subscription. Give Enpass a shot. Its the closest thing to 1Password I found.
Codebook has its quirks, but it is a rather fine solution.
When I say quirks, that is my underhand way of saying it does not offer some consumer-oriented conveniences such as:
- automatic TOTP copying (for users to paste)
- automatic TOTP pasting (like 1Password does)
- no option or prompt to change/ edit passwords in the password manager on the fly when changing the password on a website
There would be more, but in my limited testing, these are what I have come by.
Codebook is a decent solution. Enpass is better, as it is more or less a close sibling of 1Password. However, no native Apple Silicon app means I cannot use it till they do (I do not want to do Rosetta, no matter what).
No other password manager is going to work for me - 1Password worked and works best, but their new direction with v8 is unacceptable. Then, Enpass is the only successor that will work. Enpass as a company does not inspire confidence. It is beyond shoddy and unprofessional.
Codebook seems to be the only reasonable and adequate solution. USD 11 (equivalent) on Android, USD 12 on iOS, USD 25 on macOS. I do not need the Windows client.
All of these prices are one-time. I do not know if they will ever charge anything again? V5, v6? No clue about the future. Total price USD 48.
TWISTER
In my country, 1Password is available to subscribe for an equivalent of USD 13-15. This means I could technically pay for 1Password for 3 years without buying into Codebook today, if I could tolerate the bloat that is 1Password on both iOS and macOS now. They are going directionless on the Apple platform now.
So, Enpass is the cheapest for me at USD 2 a year, when it ships an Apple Silicon app. Otherwise, Codebook it is. Seeing how Codebook could make the Apple Silicon app, I am inclined to think they are proactive and on top of things.
When I say quirks, that is my underhand way of saying it does not offer some consumer-oriented conveniences such as:
- automatic TOTP copying (for users to paste)
- automatic TOTP pasting (like 1Password does)
- no option or prompt to change/ edit passwords in the password manager on the fly when changing the password on a website
There would be more, but in my limited testing, these are what I have come by.
Codebook is a decent solution. Enpass is better, as it is more or less a close sibling of 1Password. However, no native Apple Silicon app means I cannot use it till they do (I do not want to do Rosetta, no matter what).
No other password manager is going to work for me - 1Password worked and works best, but their new direction with v8 is unacceptable. Then, Enpass is the only successor that will work. Enpass as a company does not inspire confidence. It is beyond shoddy and unprofessional.
Codebook seems to be the only reasonable and adequate solution. USD 11 (equivalent) on Android, USD 12 on iOS, USD 25 on macOS. I do not need the Windows client.
All of these prices are one-time. I do not know if they will ever charge anything again? V5, v6? No clue about the future. Total price USD 48.
TWISTER
In my country, 1Password is available to subscribe for an equivalent of USD 13-15. This means I could technically pay for 1Password for 3 years without buying into Codebook today, if I could tolerate the bloat that is 1Password on both iOS and macOS now. They are going directionless on the Apple platform now.
So, Enpass is the cheapest for me at USD 2 a year, when it ships an Apple Silicon app. Otherwise, Codebook it is. Seeing how Codebook could make the Apple Silicon app, I am inclined to think they are proactive and on top of things.
Purchased CodeBook
It's been long enough. Decided to pay for Codebook. Paid for Android, iOS and macOS. Net paid about USD 48.
No subscriptions, works great with Safari considering it uses the AutoFill API.
This is how Codebook looks in Activity Manager:
To the best of my understanding, the Direct Download version does not use those other two instances, it only had 1. Feeling a little like a fool for not downloading direct, but for me the price on Mac App Store was cheaper. Details:
1Password 8
This is how 1Password 8 fares. 6 instances!
Details:
It's been long enough. Decided to pay for Codebook. Paid for Android, iOS and macOS. Net paid about USD 48.
No subscriptions, works great with Safari considering it uses the AutoFill API.
This is how Codebook looks in Activity Manager:
To the best of my understanding, the Direct Download version does not use those other two instances, it only had 1. Feeling a little like a fool for not downloading direct, but for me the price on Mac App Store was cheaper. Details:
1Password 8
This is how 1Password 8 fares. 6 instances!
Details:
Last edited:
Used to love 1Password now they pull this stunt:-
Not happy to say the least, you can't even remove it.
Not happy to say the least, you can't even remove it.
Forced advertising like that really really REALLY bugs me, especially for an application that I pay for. A quick “hey here’s the offer” then goes back in hiding is not great but ok, sure. But forcing that on an application I paid for?! Good grief.
I have no idea what has happened to their choices lately. They have the email addresses of EVERY 1Password user, otherwise users cannot use the app. So, what gives? Why can't they simply email the users? This injection also points to deeper control of software, something they could do on the fly, perhaps, and that does not inspire confidence in me for these gentlemen.
I have now paid for Codebook. Integrates in macOS with AutoFill feature, so Safari is a more seamless experience than most password managers, but then that also means it shares the same quirks that iCloud Passwords come with.
Nevertheless, no subscription and the total cost of about USD 48 for iOS, macOS and Android apps. Something that might interest people here: This is one of those rare apps on Google Play Store (rare for me to come across, I mean) that have 255 ratings/ reviews at the time of writing and 5.0 stars.
Last edited:
To my recollection (read: earlier posts in this thread and its responses), Enpass was supposed to be a universal binary, so it should not be Intel only, requiring Rosetta. I can’t confirm that yet due to being on an Intel Mac.
Since it is a free download for the trial, if you’re on a Silicon Mac, you should be able to run it. Could you, and report back on if it prompts you to install Rosetta?
BL.
It needs Rosetta on my M1 Mac, so it isn't an option for me. So far I like SafeInCloud and Strongbox, I bought both to test them a bit more. Secrets and Minimalist lacked features, like backups for instance.
Ahh.. Did a bit more searching about this and found this on the Enpass forums:
When we can expect Enpass Update for native Support on Apple Silicon (M1 Support)?
As of now, Enpass will run M1 chips with an inbuilt compatibility layer. We are looking to fix it in two stages. First to release an optimized version for the compatibility layer. The user interface of Enpass uses cross-platform Qt Toolkit, which is currently not stable now for M1 native supports. We will release a native build just after that.
So the problem doesn't appear to be Enpass itself or them refusing to create a Silicon-native binary. If Qt isn't stable, then that screws that up for Linux, Mac, and Windows, as that framework would have to be compiled from scratch to even give them a chance to compile Enpass natively.
BL.
QT 6.2 with support m1 was released 2 months ago, i also suppose it was available on some previous beta-version.
So its more problem of Enpass for now, that they are so slow to adopt their client to m1 chips
I don't get why its a problem to run in rosetta, from what I heard apps run in rosetta are actually faster than running native on Intel. but to each his own.
Why would you say that? Its not near as professional and stable as 1password but it has its own community to live on. Userbase is a huge indicator for me how serious this company is and on iOS store they got 1K reviews 4.5/5.
Note: I just realised Codebook has more reviews than EnPass making it a more popular product. Also EnPass reviews are minute compared LastPass and Dashlane who have north of 40K reviews. I am amazed who is using these less popular than 1Password and subscription based password managers, makes me wonder if they have fake reviews like Amazon. None the less this is just iOS, so numbers might be hugely different on android and Windows.
This is why I no longer want to be associated with AgileBits , its not about just subscription they are literally turning greedy and aim for pure profits. The benefit of the end user is no where near on their priorities list, they have a monthly income from subscriptions and their only aim is to make that income higher. They are just another Comcast or FB now.
Why would you say that? Its not near as professional and stable as 1password but it has its own community to live on. Userbase is a huge indicator for me how serious this company is and on iOS store they got 1K reviews 4.5/5.
Note: I just realised Codebook has more reviews than EnPass making it a more popular product. Also EnPass reviews are minute compared LastPass and Dashlane who have north of 40K reviews. I am amazed who is using these less popular than 1Password and subscription based password managers, makes me wonder if they have fake reviews like Amazon. None the less this is just iOS, so numbers might be hugely different on android and Windows.
This is why I no longer want to be associated with AgileBits , its not about just subscription they are literally turning greedy and aim for pure profits. The benefit of the end user is no where near on their priorities list, they have a monthly income from subscriptions and their only aim is to make that income higher. They are just another Comcast or FB now.
Last edited:
Running in Rosetta may be faster than on native Intel, but I just do not feel like it, until I must use something that is still not Universal with regards to Apple Silicon. Then there is something else that bugs me about them - they may be too much like 1Password. Why have they not provided the Password AutoFill API even as an option on macOS? Nobody knows.
I have been through the Enpass forum. To me, the company always sounds non-committal on everything. I cannot particularly explain this, but that's the kind of air I get when browsing through those forums and reading their responses to people.
Enpass is a nice piece of software, and I was happily using it for a while on my Intel MBA 2017. It works nicely akin to 1Password, except that it does not have the Apple Silicon update yet which I realised when I got my 2021 MBP. It may be silly, but I would really love for my password managers to stay on top of things. If they are relying on QT the way Free Download Manager is, I am not going to be too happy with it and would appreciate them working with something that updates faster. Free Download Manager is a non-essential piece of software, it is a convenience, so it may take time to update. Password manager on the other hand is a necessity. They should be more on top of the game, the way 1Password used to be before they decided to overhaul and reimagine their game. Enpass on iOS looks great, works great. Far more polished than it is on the Mac. What prevents them from giving the macOS app the same polish?
On the other hand, Codebook is Apple Silicon compliant, does not need even iCloud, I am currently syncing it over WiFi on all my clients (macOS, iOS, Android). And it does seem to me like I have moved on from Enpass, considering I paid for all Codebook clients - Android, macOS and iOS well before the trial period was over. No subscription, nothing.
Sure, there are some conveniences such as password history missing in Codebook (unless I have been lazy to discover them). But, it is better on Mac with more recent technologies.
In Codebook's defense, Codebook may not be known more than Enpass, but Zetetic is definitely known more than Enpass, as Zetetic was the company that basically started the entire password manager craze some 20 years ago, when they created STRIP, which was a password manager for the Palm Pilot. STRIP eventually became Codebook.
More than that, and what makes this even more serendipitous, is that Enpass relies on SQLCipher, which is FOSS and peer reviewed for handling AES encryption for SQLite databases.
Zetetic - the same company making codebook - originally developed and currently maintains SQLCipher. So they are all dependent on each other. Enpass can't operate without SQLCipher, just as Codebook can't operate without SQLCipher.
I'd trust the longevity of Codebook as well as Enpass right now over the current road path for 1Password.
BL.
That is an enormous amount of memory displayed for 1Password. I wonder why it seems to be so much worse on Mac than Windows (total memory < 140 MB). I don't plan on trying the Mac version until it's released, but I won't be happy if I see what you're seeing.
I did run Discord on Mac and Windows; I understand that application is Electron based. When displaying processes hierarchically, they both show around 70 MB at the top level. But under the main process on the Mac are a bunch of other processes showing very high memory consumption - especially the renderer.
I'm happy you eventually pulled the trigger on CodeBook and I hope it serves you well.
well to each his own, personally I will be happy that EnPass is actually working faster on my new M1 than on my older intel machine, Rosetta or not the result is its a better app here.
I am hoping that with more users switching over to Enpass they get more serious and becomes a real 1password killer. I have learned that to have more options available is better, the co-existence of Codebook and EnPass is good, so is LastPass and KeePass. It gives us options, unlike: Its either Android or iOS, pick your poison. If I find Enpass lacking I just might go to Codebook.
Does Codebook support cmd+\ autofill shortcut? On Bitwarden its cmd+shift+\ .
Zetetic might be known more, and I am not sure what their core business is but they treat Codebook as a second class citizen. I think we reached 30 pages of this discussion without anymore even mentioning or knowing about it. Just shows you how much they are not serious about the product. Its probably a byproduct of their core business.
This doesn't mean its bad, I just rather be on the bandwagon of someone who is more serious about it.