1Password migrants thread

[bradl]

I think you can still use version 7 without their subscription service.

If you already purchased a license for 1Password 7, then you can use it without their subscription service.

If you have NOT purchased a license for 1Password 7, then you can NOT use it without their subscription service. Making it worse, they have shut down the servers that provision those licenses, leaving you with no choice but to purchase a subscription. If you use 1Password with neither purchasing a subscription or a license, your vault is left in read-only mode, leaving you no way to perform any CRUD function with the passwords in your vault.

BL.

 

[svenmany]

If you already purchased a license for 1Password 7, then you can use it without their subscription service.

If you have NOT purchased a license for 1Password 7, then you can NOT use it without their subscription service. Making it worse, they have shut down the servers that provision those licenses, leaving you with no choice but to purchase a subscription. If you use 1Password with neither purchasing a subscription or a license, your vault is left in read-only mode, leaving you no way to perform any CRUD function with the passwords in your vault.

BL.

I think I'm getting it.

I assume you mean the problem is that a local vault goes into read-only mode. If not, then don't keep reading...

So, if I'm running 1Password 7 without having purchased a license, then I must be running it since I am subscribing to the subscription service. (Otherwise, I'm just pirating the software.) But, I could still be using a local vault. This is exactly my situation; I have both server and local vaults.

If I then stop subscribing to their subscription service, certainly my online vaults go into read-only mode. You're saying that my local vault also goes into read-only mode. I should still be able to really use my local vault, so they really should provide some way to license a product for purely local use.

Is that the gist of the complaint?

 

[bradl]

I think I'm getting it.

I assume you mean the problem is that a local vault goes into read-only mode. If not, then don't keep reading...

So, if I'm running 1Password 7 without having purchased a license, then I must be running it since I am subscribing to the subscription service. (Otherwise, I'm just pirating the software.) But, I could still be using a local vault. This is exactly my situation; I have both server and local vaults.

If I then stop subscribing to their subscription service, certainly my online vaults go into read-only mode. You're saying that my local vault also goes into read-only mode. I should still be able to really use my local vault, so they really should provide some way to license a product for purely local use.

Is that the gist of the complaint?

Exactly. And there is no way to purchase that license, because they took those servers down. That leaves you no choice but to subscribe to their subscription service, regardless of which supported version of 1Password you are using.

Making it worse, while they even have 1Password 6 or lower available for download from their site, you can't even purchase a license for that version, because the servers that provision the licenses for all versions of 1Password were taken down. To that effect, you are essentially forced into their subscription service model, or nothing at all.

BL.

 

[MisterSavage]

1Password exports in JSON format. The 1pux export file is just a zip file. If you uncompress it, you'll find a plain text file containing JSON. It's really very easy to read and process.

You can also access JSON output of your data directly from their servers:

https://support.1password.com/command-line-getting-started/

My data wasn't on their servers but if there's an easy way to get a JSON version of your data that's great.

 

[maflynn]

You prefer to have the vault hosted by the app company rather than your own choice of iCloud / Dropbox / OneDrive / Google Drive / Box / WebDav / Nextcloud?

Yes

you can't even purchase a license for that version

That makes sense, I can download an older version of many applications but I cannot purchase a license to those older versions

 

[Huntn]

1022 seems to say that a license for version 6 was being used in the version 7 software, and that made the data unmodifiable.

I'll study the thread a bit more to understand what you're saying.

Possibly I misunderstood the situation.

I’ve never seen such a message on v7 whether on iOS or on macOS. Also no problems with adding new entries.

While I don’t doubt you saw what you saw, I also know I’ve seen so such thing using 1Password v7 with a v7 license.

How long ago did you buy your v7 perpetual license?

I purchased it a long time ago when they were hiding the subscription free version7. I did have issues develop with sync from my MacOS version, the iOS version continued to function. The primary reasons I ejected 1PW was their insistence on a subscription to move forward along with abandoning support for independent vaults and forcing their servers on their customers. If v7 is working for you, without adapting to their new reality at best you are on borrowed time.

 

[deeddawg]

If v7 is working for you, without adapting to their new reality at best you are on borrowed time.

Yes, indeed. While 7 is working just fine, the writing has been on the wall for a few months now.

It is for that reason that I evaluated options and recently pulled the trigger on an Enpass perpetual license. Unlike @maflynn I prefer my vault hosting be separate from the app provider.

 

[bradl]

Yes, indeed. While 7 is working just fine, the writing has been on the wall for a few months now.

If you had a perpetual license for 1Password 7, you'd be in the sweet spot, as there is either a Silicon version of it or a universal binary, so you'd be set for life without needing to migrate, unless you're wanting to argue the principle of the matter.

It is for that reason that I evaluated options and recently pulled the trigger on an Enpass perpetual license. Unlike @maflynn I prefer my vault hosting be separate from the app provider.

That is the other major issue; 1Password 8 would require you to store your vault on AgileBits' servers, and not a place of your choosing.

BL.

 

[deeddawg]

If you had a perpetual license for 1Password 7, you'd be in the sweet spot, as there is either a Silicon version of it or a universal binary, so you'd be set for life without needing to migrate, unless you're wanting to argue the principle of the matter.

Yes, I was able to find the (elusive) way to buy a v7 perpetual license back in late 2018.

It was a "sweet spot" as you say when Apple Silicon came out and Agilebits supported it. Nevertheless the writing is on the wall with v8 - and while v7 will continue to work until a macOS update renders it incompatible, it is clear that users like me are being shown the door.

So while I could keep using v7 for quite some time, I chose to make my exit on my timetable - when I had bandwidth to research & try out alternatives - rather than being in a rush to make the transition due to a surprise incompatibility.

That is the other major issue; 1Password 8 would require you to store your vault on AgileBits' servers, and not a place of your choosing.

Irrespective of costs/principles of subscription models, that was a full-stop deal-breaker for me.

 

[bradl]

Yes, I was able to find the (elusive) way to buy a v7 perpetual license back in late 2018.

It was a "sweet spot" as you say when Apple Silicon came out and Agilebits supported it. Nevertheless the writing is on the wall with v8 - and while v7 will continue to work until a macOS update renders it incompatible, it is clear that users like me are being shown the door.

Actually, I'd argue the opposite here.

IIRC, the binary that works on Silicon is either a native binary to Silicon, or is a universal binary; either way, that binary will not require Rosetta 2 to run, so it can run for the lifetime of Silicon. Like how I am with 1Password 6 and how it will run and continue to run as long as my OS supports it, that native or universal binary of 1Password 7 you have will run for as long as your OS supports it.. and seeing that Apple will be using Silicon for a very long time (until they change the architecture on their own), 1Password 7 will continue to always work for you.

You would be correct that it would be incompatible if the binary were an Intel binary, but when someone last checked it, it wasn't.

So while I could keep using v7 for quite some time, I chose to make my exit on my timetable - when I had bandwidth to research & try out alternatives - rather than being in a rush to make the transition due to a surprise incompatibility.


Irrespective of costs/principles of subscription models, that was a full-stop deal-breaker for me.

I agree with this, and have had to do the same as well; since I have no viable path to get to 1Password 7 without a subscription, my timetable was effectively set to whenever Apple drops Rosetta 2. I'd rather set that on my own than prolong the proverbial suffering, especially when I purchase a new Mac.

BL.

 

[VitoBotta]

After trying both Bitwarden and EnPass for a little while I decided to stick with 1Password. It's just better than anything else out there IMO.

 

[bradl]

After trying both Bitwarden and EnPass for a little while I decided to stick with 1Password. It's just better than anything else out there IMO.

I don't doubt that 1Password's features and functionalities are superior to the alternatives; their business practices are what's been called into scrutiny. In short, UI and eye candy aren't the whole story.

BL.

 

[VitoBotta]

I don't doubt that 1Password's features and functionalities are superior to the alternatives; their business practices are what's been called into scrutiny. In short, UI and eye candy aren't the whole story.

BL.

It’s not just the UI for me but usability with the browsers both on desktop and mobile. It works much better for me.

 

[bradl]

It’s not just the UI for me but usability with the browsers both on desktop and mobile. It works much better for me.

If it's usability, Enpass has exactly the same usability with browsers on both; the only difference on mobile is that 1Password's mobile app has a built-in browser, while Enpass integrates in with every browser that supports Autofill - which all browsers do, as it is a user configurable issue in the Settings app in iOS. In fact, so far that I use, the only advantage 1Password has right now over Enpass is that you can run the 1Password Mini application so you can access the vault easier, where Enpass requires the desktop application to be running. At least that is my experience when comparing Enpass to 1Password 6.

As far as browser use, Enpass actually has the same type of usability and support across more browsers than 1Password does. I think what may be the telling tale of the tape is which one would get to, say, DuckDuckGo's desktop and mobile browser.

BL.

 

[deeddawg]

Actually, I'd argue the opposite here.

IIRC, the binary that works on Silicon is either a native binary to Silicon, or is a universal binary; either way, that binary will not require Rosetta 2 to run, so it can run for the lifetime of Silicon. Like how I am with 1Password 6 and how it will run and continue to run as long as my OS supports it, that native or universal binary of 1Password 7 you have will run for as long as your OS supports it.. and seeing that Apple will be using Silicon for a very long time (until they change the architecture on their own), 1Password 7 will continue to always work for you.

I was referring to the potential of a future macOS or Safari version changing APIs or some other change incompatible with 1Password v7. While such an event is likely not to occur for a number of years, it's probable that it will occur eventually -- even without a CPU architecture change.

As you mention, v6 is likely to have a shorter usable lifetime due to its dependence on Rosetta2.

I pulled the trigger on an Enpass perpetual license even so, partly just to be done with AgileBits and maybe partly to show Enpass that some people prefer that license model vs subscription software.

 

[Alwis]

Today I did some testing with importing test data from 1PW to the various password managers.

To make things short: Enpass worked best, all entries with all section titles and all attachments where imported. Bitwarden was OK, section titles and attachments where missing but could be added manually.

KeepassXC imported all data, but the section titles where added to the field names. So the data is not lost, but it makes it more confusing.

Worst was Strongbox, for some data not the names but only some UUIDs where imported.

The best UI, beside 1PW, has Enpass, it is nearly a copy of the 1PW interface. What I found really odd: I have an Enpass license, that I bought a few years ago via the app store (but decided to stick with 1PW back than). When I started Enpass it sowed a message "register to unlock all features". No, thank you, I do not want to register and provide my mail to you when I bought the app in the Apple App store. Sure, not a big deal, but password managers are all about trust and I am not sure if I like this.

The Bitwarden UI is OK, but lacks structure. Some colors and subdivisions would be helpfull.

All in all 1PW is still the best password manager, but abandoning local vaults is an absolute dealbreaker for me. Enpass is second, mainly because of the UI and the import. But I am nut sure if I want to trust this company with all of my passwords after the "register to unlock" message. If I had to switch today I would probably choose Bitwarden and host it myself with Vaultwarden, which I also tested.

As I have a 1PW 7 perpetual license I decided to stay with 1PW for the time beeing and see, what the future brings. Maybe they will offer a self hosting option, in this case I might accept the subscription, even if I do not like it. Or Bitwarden improves the UI and the import.

I just have to make sure to test 1PW with new major versions of iOS and macOS before upgrading.

 

[deeddawg]

What I found really odd: I have an Enpass license, that I bought a few years ago via the app store (but decided to stick with 1PW back than). When I started Enpass it sowed a message "register to unlock all features". No, thank you, I do not want to register and provide my mail to you when I bought the app in the Apple App store. Sure, not a big deal, but password managers are all about trust and I am not sure if I like this.

I don't know what version of the Enpass app was a paid app in the past, the current desktop version is fully functional and free. The licensing (subscription or perpetual) relates to the iOS app functionality.

When buying my perpetual license for Enpass I did have to provide an email - but it didn't have to be my primary address nor did it have to be the one associated with my AppleID. The email address is used to associate the iOS app with the registration / license. (While I use the term license, it is listed as "Enpass Lifetime Premium" and perhaps could be better considered as a lifetime subscription)

Contrast to 1Password which required I purchase a license for desktop app (v7 and v6 and before) - and they required I provide a registered name and an email address. Seems Enpass is asking for lesser info?

The email address was used to send one-time codes when associating my iPad and iPhone with the vault stored on iCloud, and also used to notify me of each new device being registered with Enpass. So there is utility in providing them with an address, even if it isn't primary.

 

[Alwis]

I don't know what version of the Enpass app was a paid app in the past, the current desktop version is fully functional and free. The licensing (subscription or perpetual) relates to the iOS app functionality.

To be honest, I do not remember, I first downloaded and tested the App arround the time 1PW 7 was released. But I could check my old App Store receipts.

The email address was used to send one-time codes when associating my iPad and iPhone with the vault stored on iCloud, and also used to notify me of each new device being registered with Enpass. So there is utility in providing them with an address, even if it isn't primary.

That was not mentioned in the note, would have made a better impression.

 

[MadeTheSwitch]

I'm not necessarily syncing their data. They are telling me it (read: over the phone). I'm inputting it into the password manager, and saving it. I sync that between my devices, back it up, and store that backup offsite. That way I have their data for what they need as a backup in case they lose it. In effect, I'm their disaster recovery.

Okay. Doesn’t that make YOU the single point of failure you were talking about? If anything happens to you, who is going to start receiving the phone calls and serving as a data entry clerk for everyone? Who is going to back up that data and then store if offsite somewhere?

 

[bradl]

Okay. Doesn’t that make YOU the single point of failure you were talking about? If anything happens to you, who is going to start receiving the phone calls and serving as a data entry clerk for everyone? Who is going to back up that data and then store if offsite somewhere?

That's always the question, n'est-ce pas?

I mean, everyone seems to forget that every person is a single point of failure. If you have data, say, on your phone or in your iCloud account and something happens to you, there goes the access to that data because it requires a password that only you would know. Apple just thought about that with the legacy contact features the just added to iOS.

In my case, what I have done is make sure that I am not the only one with access to that data, and that those that need access to that vault in case something happens to me has a way to get to the master password for that vault and only that vault. That's the main reason why I separated them not only by vault, but by application as well. That way, they couldn't use the same password to access a different vault in a different application.

So in my mother's case, on an encrypted USB stick, I have the vault, the portable binary for the password manager, and instructions on how to use it. In case they have any disaster, they can pull from that, or I reseed their info. If something happens to me, they have access to their info. At that point, they would be on their own.

Wash/rinse/repeat for my father, as well as my family. For my family, I'm considering the legacy contact info in iOS 15, but I'm wanting to see how that pans out as well as the entire CSAM issue before jumping to it from iOS 14.8.

BL.

 

[MadeTheSwitch]

This thread has been rather hostile towards AgileBits from the beginning

Uh....The entire thread is based on not being happy with AB and looking for alternatives. Kind of the whole point here. Obviously such a thread is not going to be a love fest for the thing people are actively looking to move away from and are critical of.

That's always the question, n'est-ce pas?

I mean, everyone seems to forget that every person is a single point of failure. If you have data, say, on your phone or in your iCloud account and something happens to you, there goes the access to that data because it requires a password that only you would know. Apple just thought about that with the legacy contact features the just added to iOS.

In my case, what I have done is make sure that I am not the only one with access to that data, and that those that need access to that vault in case something happens to me has a way to get to the master password for that vault and only that vault. That's the main reason why I separated them not only by vault, but by application as well. That way, they couldn't use the same password to access a different vault in a different application.

So in my mother's case, on an encrypted USB stick, I have the vault, the portable binary for the password manager, and instructions on how to use it. In case they have any disaster, they can pull from that, or I reseed their info. If something happens to me, they have access to their info. At that point, they would be on their own.

Wash/rinse/repeat for my father, as well as my family. For my family, I'm considering the legacy contact info in iOS 15, but I'm wanting to see how that pans out as well as the entire CSAM issue before jumping to it from iOS 14.8.

BL.

Oh yeah, I understood all of that from your earlier explanation (which was quite interesting!). My question was who will do all the data entry for each half of the family and who will do all the offsite backup if something happened to you? If you are doing all of this for everyone currently, I assume that must mean you are more tech savvy than all of them. So is there someone else who would step in and fill that role like you did? Particularly the regular offsite backups?

 

[bradl]

Oh yeah, I understood all of that from your earlier explanation (which was quite interesting!). My question was who will do all the data entry for each half of the family and who will do all the offsite backup if something happened to you? If you are doing all of this for everyone currently, I assume that must mean you are more tech savvy than all of them. So is there someone else who would step in and fill that role like you did? Particularly the regular offsite backups?

Oh, that question!

Well, if it came down to that, that won't be any of my concern! I'll have bigger issues to deal with! ?

Seriously though, I have an uncle who worked for the Bells (Northwestern Bell/Southwestern Bell), ATT, Sprint, and is on a government contract now, dealing with networking. He can definitely pick up that slack should anything happen. For my father's side of the family, they'll be on their own, because all of the credentials I have mainly pertain to my father and no-one else. That will come down to my family, where my wife and children are pretty savvy, with the children learning more and more each day.

This is one of those times where one has to start early in getting things prepared for what we leave behind and how that will affect them and their children for the next few hundred years. But on the other side of that, I plan on living forever, Mai Tai in hand, sitting in a cabana chair, while watching the ocean waves and playing with my Transformers, being more retired than retired can retire! ?

I'll get them spun up and knowing what they have to do. But if anything, this should be a wake-up call to everyone to get affairs in order: Living Trusts, Power of Attorney, the entire lot; for the last thing anyone wants to deal with is what James Brown's and B.B. King's children have done, which is argue for years in probate court over what each one thinks they deserve.

BL.

 

[einsteinbqat]

LastPass hacked again, just so you guys know…

At least, LP doesn’t seem to be on anyone’s radar as a 1P replacement.

 

[MadeTheSwitch]

LastPass hacked again, just so you guys know…

At least, LP doesn’t seem to be on anyone’s radar as a 1P replacement.

They are claiming they weren’t hacked again and it’s just some old data from a previous hack (I guess) circulating around. But still, it is a reminder that LastPass should be avoided.

 

[toasted ICT]

"some users were using completely unique passwords on LastPass (which is obviously good practice) and that some are seeing their accounts accessed and blocked again even after changing their Master Password" see https://9to5google.com/2021/12/28/s...ly-seeing-their-master-passwords-compromised/

putting your authentication data on a developers server with thousands of others authentication data ...what could go wrong. Its only a matter of time.