1Password migrants thread

[maflynn]

In my opinion, it would be absurd to agree to such a condition of use.

Seems many (most?) password managers have some level of imdenification. Above me is @toasted ICT post regarding 1Password.
Here's Bitwarden's

J. Release and Indemnification​

Short version: You are responsible for your use of the service.

You agree to indemnify us, defend us, and hold us harmless from and against any and all claims, liabilities, and expenses, including attorneys' fees, arising out of your use of the Website and the Service, including but not limited to your violation of this Agreement, provided that Bitwarden (1) promptly gives you written notice of the claim, demand, suit or proceeding; (2) gives you sole control of the defense and settlement of the claim, demand, suit or proceeding (provided that you may not settle any claim, demand, suit or proceeding unless the settlement unconditionally releases Bitwarden of all liability); and (3) provides to you all reasonable assistance, at your expense.

I'm not justifying or dismissing the terms of service but rather pointing out it seems that they don't want to be held liable to any loses or damages.

 

[MacBH928]

Interesting to note:

If one wanted to get this (especially the free version), you have to:

1. create an account,
2. supply credit card info, then
3. check out.

Supply credit card info for the free version? 🤨

BL.

I do not see the concern here. Proton is very reputable unless you are very careful with using your CC online. I think it must be tied to how their payment system works. For people who have no credit cards I am not sure how that works.

When I set up my Proton a long time ago I didn't supply any CC until I switched to the paid version.

I’m not impressed at all. It’s missing a lot and like the video said, it can’t compete with other password managers alone. I don’t use Proton mail much anymore, because they lack features and slow to roll them out. This has to be the most underwhelming password manager, ever.
Honestly, it Apple Keychain had a standalone app, it would probably have the same functionality and features as this.

You are absolutely correct but it just something to keep in mind and look for in the future. I have been with Proton since the beginning and all their services flourished with time.

What features are you missing from Protonmail and what are you using an alternative. The only downside to it is that it doesn't work with 3rd party mail apps but that is because of the encryption.

 

[MacBH928]

5. Indemnification​

You agree that the Company, and any parents, subsidiaries, officers, directors, employees, agents, or third-party contractors (the "Indemnified Parties") cannot be held responsible for any third-party claim, demand, or damages, including reasonable attorneys’ fees, arising out of your use of your Account or the Services. You agree that the Indemnified Parties will have no liability in connection with any such third-party claim, demand, or damages, and you agree to indemnify any and all resulting loss, damages, judgments, awards, costs, expenses, and attorneys’ fees and litigation expenses of the Indemnified Parties in connection therewith. You will also indemnify and hold the Indemnified Parties harmless from and against any third-party claims, demands, or damages arising out of your use of your Account or the Services.

Terms of Service | Proton

Terms of Service for using the proton.me website and your Proton Account, including Proton Mail, Proton Contacts, Proton Calendar, and Proton Drive.

proton.me

In my opinion, it would be absurd to agree to such a condition of use.

I think all companies do this kind of thing to protect themselves from being sued. I do not like it but I am not writing my own software either.

I think even the open source stuff has something saying "use at your own risk" kind of thing.

 

[maflynn]

I do not see the concern here. Proton is very reputable unless you are very careful with using your CC online. I think it must be tied to how their payment system works. For people who have no credit cards I am not sure how that works.

I do see @bradl point. There's a free tier for this service, and for a privacy minded company why store my credit card info that in theory they'll never use. Don't get me wrong, I use Proton mail and vpn, and I pay for the service, so I'm not anti-proton

 

[bradl]

I do not see the concern here. Proton is very reputable unless you are very careful with using your CC online. I think it must be tied to how their payment system works. For people who have no credit cards I am not sure how that works.

When I set up my Proton a long time ago I didn't supply any CC until I switched to the paid version.

I guess what I am trying to understand here is why one would need to give a company their CC info simply for downloading a free application. Creating an account/login with them, I understand completely.. but CC info?

BL.

 

[MacBH928]

I guess what I am trying to understand here is why one would need to give a company their CC info simply for downloading a free application. Creating an account/login with them, I understand completely.. but CC info?

BL.

You are right and I hate those companies that ask for CC for your "free" tier but in the case of Proton I am giving them a pass. They give out satisfactory email and VPN services for free out of the believe that everyone should have the right to privacy so I do not think any thing is malicious going on here.

 

[eltoslightfoot]

5. Indemnification​

You agree that the Company, and any parents, subsidiaries, officers, directors, employees, agents, or third-party contractors (the "Indemnified Parties") cannot be held responsible for any third-party claim, demand, or damages, including reasonable attorneys’ fees, arising out of your use of your Account or the Services. You agree that the Indemnified Parties will have no liability in connection with any such third-party claim, demand, or damages, and you agree to indemnify any and all resulting loss, damages, judgments, awards, costs, expenses, and attorneys’ fees and litigation expenses of the Indemnified Parties in connection therewith. You will also indemnify and hold the Indemnified Parties harmless from and against any third-party claims, demands, or damages arising out of your use of your Account or the Services.

Terms of Service | Proton

Terms of Service for using the proton.me website and your Proton Account, including Proton Mail, Proton Contacts, Proton Calendar, and Proton Drive.

proton.me

In my opinion, it would be absurd to agree to such a condition of use.

I bet every single piece of software you own has a terms and conditions that says this…

 

[toasted ICT]

I bet every single piece of software you own has a terms and conditions that says this…

I guess the point is that what these companies say and promise are 100 percent at odds with what the legal statements say.
Your data is safe blah blah blah ... not its not and you sure cannot hold the company to account.

 

[eltoslightfoot]

I guess the point is that what these companies say and promise are 100 percent at odds with what the legal statements say.
Your data is safe blah blah blah ... not its not and you sure cannot hold the company to account.

I completely agree with that. All of them do it.

Now where I have noticed a difference that can be important is in ownership of created works. That is one to check. Some actually say they own anything created in the app/software in some sort of “joint” fashion with the user of said app/software.

 

[workerbee]

Not sure if I should post here or in the other, «back-to-1Password» thread...
When I looked for an alternative to 1PW a while back (maybe 2 years), I found Elpass, which works exactly the way I want – it's fast, unobtrusive, and well-integrated into macOS and iOS. I also like that it automatically does backups.

What I never was keen about is that I literally have no idea whatsoever who is behind the app, they're completely anonymous, which I find not necessarily trust-enhancing.

About a week ago the app started acting up – for no reason I can think of, unlocking via Touch ID is only possible when starting the app, not when its open and needs to re-authenticate, which to me is exactly the opposite of how it should work.

As we want to have a family password repository again anyway, I started looking at alternatives to the alternative.

I theory I like what Paolo Andrade does with Secrets 4 (again: uncomplicated, not many bells and whistles). Unfortunately, like a few years ago, its still unable to handle large-ish sets of passwords. I've been able to import my ~1100 passwords using tricks, but its somewhere between unstable and unusable, clearly not optimized at all for this number of passwords.

In theory Strongbox looks interesting, but the UI made me delete it very quickly (also importing an Safari-formatted CVS file was impossible, I actually had to use a 1PW formatted export file).

I probably should look into Enpass, but on a whim I downloaded 1Password 8, and after mucking around with all these alternatives I have to admit to myself that it's very slick and friendly to use. I wouldn't mind the price, but am not keen at all for all the data they want to use to keep track of me (why would they need location data?).

Also, I'm disappointed that despite their many employees and loads of money, a silly bug made it from beta into apparently all desktop versions of their app, creating two undeleteable, unsyncable «Offline Items» passwords in my case, and this hideous notification on any change to any password.


If I want undeleteable password entries, I can just as well use iCloud keychain, which is a master at this.

So, in the end: still no idea what solution to use, they all seem to have drawbacks.

Edit: downloaded Enpass, wanted to create an iCloud-synced vault (despite the vaguely Windows-ish or Unixy-looking interface), was redirected to some weird page I have never seen before in my years of using MobileMe and iCloud. The address is cdn.apple-cloudkit.com/ck-auth/(…). Not a good start.

 

[gregmac19]

If I want undeleteable password entried, I can just as well use iCloud keychain, which is a master at this.

I had a problem with a password that wouldn’t stay deleted despite numerous attempts to get rid of it using my iPhone, iPad, and via Passwords in System Preferences on my Mac. I solved the issue by launching Keychain Access in Utilities on my Mac, searching for the password in the iCloud Keychain, and then deleting the entries I found. I hope this works for you! Good luck!


Edit:
I should have stated originally, that I used this process for a password that immediately came back after exiting and reentering “Passwords”. There are other passwords that come back from time to time, like how workerbee describes below, and I have no idea what causes this, or what can be done to fix it.

Apple should be embarrassed about their half-hearted effort with Keychain.

 

[workerbee]

I had a problem with a password that wouldn’t stay deleted despite numerous attempts to get rid of it using my iPhone, iPad, and via Passwords in System Preferences on my Mac. I solved the issue by launching Keychain Access in Utilities on my Mac, searching for the password in the iCloud Keychain, and then deleting the entries I found. I hope this works for you! Good luck!

Thanks for the tip – I had already tried this, but all the entries magically popped back up, like an odd mixture between «It just works» and «The Living Dead».

 

[MacBH928]

Not sure if I should post here or in the other, «back-to-1Password» thread...
When I looked for an alternative to 1PW a while back (maybe 2 years), I found Elpass, which works exactly the way I want – it's fast, unobtrusive, and well-integrated into macOS and iOS. I also like that it automatically does backups.
View attachment 2228189
What I never was keen about is that I literally have no idea whatsoever who is behind the app, they're completely anonymous, which I find not necessarily trust-enhancing.

About a week ago the app started acting up – for no reason I can think of, unlocking via Touch ID is only possible when starting the app, not when its open and needs to re-authenticate, which to me is exactly the opposite of how it should work.

As we want to have a family password repository again anyway, I started looking at alternatives to the alternative.

I theory I like what Paolo Andrade does with Secrets 4 (again: uncomplicated, not many bells and whistles). Unfortunately, like a few years ago, its still unable to handle large-ish sets of passwords. I've been able to import my ~1100 passwords using tricks, but its somewhere between unstable and unusable, clearly not optimized at all for this number of passwords.

In theory Strongbox looks interesting, but the UI made me delete it very quickly (also importing an Safari-formatted CVS file was impossible, I actually had to use a 1PW formatted export file).

I probably should look into Enpass, but on a whim I downloaded 1Password 8, and after mucking around with all these alternatives I have to admit to myself that it's very slick and friendly to use. I wouldn't mind the price, but am not keen at all for all the data they want to use to keep track of me (why would they need location data?).

Also, I'm disappointed that despite their many employees and loads of money, a silly bug made it from beta into apparently all desktop versions of their app, creating two undeleteable, unsyncable «Offline Items» passwords in my case, and this hideous notification on any change to any password.
View attachment 2228197

If I want undeleteable password entries, I can just as well use iCloud keychain, which is a master at this.

So, in the end: still no idea what solution to use, they all seem to have drawbacks.

Edit: downloaded Enpass, wanted to create an iCloud-synced vault (despite the vaguely Windows-ish or Unixy-looking interface), was redirected to some weird page I have never seen before in my years of using MobileMe and iCloud. The address is cdn.apple-cloudkit.com/ck-auth/(…). Not a good start.
View attachment 2228214

1-They are not well known I think they are very small group of developers but they are very active on their forums

2-Any issues you have you can contact them and the team will reply to you on the forums

Enpass Discussion Forum

discussion.enpass.io

I am sorry to say that 1Password is the best overall password manager if you do not mind subscription and your data stored on their cloud. I do not know why no one makes a replica that is license and has assistant app. That is what Enpass is but Enpass needs lots of polishing and their autofill is as dumb as a log.

I use enpass for their assistant app and Bitwarden in the browser. Bitwarden autofill is superior imo.

 

[workerbee]

1-They are not well known I think they are very small group of developers but they are very active on their forums
2-Any issues you have you can contact them and the team will reply to you on the forums

Enpass Discussion Forum

discussion.enpass.io

It'd be nice, but unfortunately (for me) this is Enpass, while I'm using Elpass, from «Surge Technologies»: https://elpass.app/
As I said: it's a nice app and it does exactly what I want it to, but now that we're starting to look around for sharing passwords in the family, I wouldn't even know how or where to contact them other than submitting a request on Zendesk.

 

[gregmac19]

I thought the following might be of interest: https://www.macworld.com/article/19...steals-passwords-crypto-credit-card-data.html

 

[gregmac19]

It'd be nice, but unfortunately (for me) this is Enpass, while I'm using Elpass, from «Surge Technologies»: https://elpass.app/
As I said: it's a nice app and it does exactly what I want it to, but now that we're starting to look around for sharing passwords in the family, I wouldn't even know how or where to contact them other than submitting a request on Zendesk.

There is no way I would ever use Elpass, as it isn't at all clear who is behind it!

 

[MacBH928]

It'd be nice, but unfortunately (for me) this is Enpass, while I'm using Elpass, from «Surge Technologies»: https://elpass.app/
As I said: it's a nice app and it does exactly what I want it to, but now that we're starting to look around for sharing passwords in the family, I wouldn't even know how or where to contact them other than submitting a request on Zendesk.

there is 0 reason to use ElPass. I never heard of it before and seems very obscure. The GUI is nice but being subscription, the extra $10/year is so much worth it going with 1password route.

 

[MacBH928]

macOS Sonoma Brings Apple Password Manager to Third-Party Browsers

The macOS Sonoma update that is in testing allows Mac owners who opt to use Google Chrome, Microsoft Edge, or another browser to use Apple's...

www.macrumors.com

For Apple ecosystems die hards, there is even less reason to use 1password or any password manager if you were happy with Keychain in the first place. It seems the implementation is via a browser extension.

I wonder if this benefits Codebook users.

 

[workerbee]

macOS Sonoma Brings Apple Password Manager to Third-Party Browsers

The macOS Sonoma update that is in testing allows Mac owners who opt to use Google Chrome, Microsoft Edge, or another browser to use Apple's...

www.macrumors.com

For Apple ecosystems die hards, there is even less reason to use 1password or any password manager if you were happy with Keychain in the first place. It seems the implementation is via a browser extension.

I wonder if this benefits Codebook users.

Had seen this on Mastodon as well and made a quick test.
Unfortunately having multiple usenames/password for the same URL (e.g. multiple clients hosting control panels on the same server) is still not fluent, as KeyChain only shows a single option and needs me to go dig for the right one.

Looks like I'll soon be back on 1Password. However

there is 0 reason to use ElPass.

isn't quite right, since it's not the pricing of 1Password that bothers me, it's in which direction they as a company seem to be going (read: big bucks + accompanying greed) as well as being forced to use their servers. I'd be much more comfortable with encrypted vaults on my end-to-end encrypted iCloud – like Elpass or Minimalist do it, or even better like Secrets 4 does it (with shared vaults).

 

[workerbee]

What might well make me not switch (back) to 1Password is their Autofill. It thinks it's oh-so-smart and is proposing to fill almost any and all form fields in sight with... something.

Also, payment (credit card) fields tend to reload multiple times when autofill is enabled, I guess the integration is somewhat heavy-handed.

And lastly, why does Safari Browser Integration need to be a seperate app, what is the advantage of this?

 

[gregmac19]

And lastly, why does Safari Browser Integration need to be a seperate app, what is the advantage of this?

I’m not a 1Password user, but I found this description in the Mac App Store for “1Password in Safari”:

“You can now use 1Password in Safari without installing the desktop app! 1Password for Safari is a completely independent extension that provides full access to 1Password’s capabilities:”

 

[MacBH928]

Unfortunately having multiple usenames/password for the same URL (e.g. multiple clients hosting control panels on the same server) is still not fluent, as KeyChain only shows a single option and needs me to go dig for the right one.

How do you manage multiple usernames? you pick from a drop down list? which password manager you are using?

I have this problem with Bitwarden where I have to hit the autofill-shortcut multiple times until the right username shows up

I’m not a 1Password user, but I found this description in the Mac App Store for “1Password in Safari”:

“You can now use 1Password in Safari without installing the desktop app! 1Password for Safari is a completely independent extension that provides full access to 1Password’s capabilities:”

This is old news I believe. They had it since they were still selling license. I think it was called 1Password X and it was (I believe) used to ease in the idea of a "subscription" model for the user before going full subscription.

 

[workerbee]

This is old news I believe. They had it since they were still selling license. I think it was called 1Password X and it was (I believe) used to ease in the idea of a "subscription" model for the user before going full subscription.

Seems quite probable that this is more or less how and especially why it's set up like this.
Not quite convinced its the most efficient way, TBH.

 

[gregmac19]

Seems quite probable that this is more or less how and especially why it's set up like this.
Not quite convinced its the most efficient way, TBH.
View attachment 2233266

Quite a contrast.

 

[Mr. Heckles]

This is old news I believe. They had it since they were still selling license. I think it was called 1Password X and it was (I believe) used to ease in the idea of a "subscription" model for the user before going full subscription.

1Password X is what became the extension for 1Password 8 and it’s been around since 2017. You always needed the subscription to use it. I was beta testing when it 1st came out and it’s great because I was able to 1Password on Linux at the time. Now on my Mac and Windows I do use it along side with the desktop app, on my work computer and my Linux computer, I use just the extension.