1Password migrants thread

[bradl]

I know it's only been a week but I'm wondering how this is going for you and if you'd still recommend it.

I have everything in 1Password, but Apple's password management stuff has become so good (and so aggressive) that I often find that I'm just trying to keep passwords updated in 1Password rather than having them filled from the program. I still have software license details and some other sensitive information in 1Password, but could theoretically do what you're doing and put it elsewhere...

Also hate software subscriptions and have mixed feelings about 1Password no longer prioritizing the Mac/Apple platform. I might still try 1Password 8 when 1Password 7 fully stops working... but don't have great feelings about the whole thing.

If you go 1PW 8, I believe everything is stored on their servers, while your local vault may be read only or only for recovery, plus is total subscription. So even if you are able to keep something locally on your devices, your main vault will be on their servers, and you are permanently stuck to their subscription model.

Your best bet is to stay with the permanent 1PW 7 license, especially if it is standalone, because that will always run; additionally, because 1PW 7 is a universal binary, it will continue to run after Apple drops all Intel support.

BL.

 

[MacBH928]

If you go 1PW 8, I believe everything is stored on their servers, while your local vault may be read only or only for recovery, plus is total subscription. So even if you are able to keep something locally on your devices, your main vault will be on their servers, and you are permanently stuck to their subscription model.

Your best bet is to stay with the permanent 1PW 7 license, especially if it is standalone, because that will always run; additionally, because 1PW 7 is a universal binary, it will continue to run after Apple drops all Intel support.

BL.

where does iCloud store the passwords?

 

[nylon]

I know it's only been a week but I'm wondering how this is going for you and if you'd still recommend it.

I have everything in 1Password, but Apple's password management stuff has become so good (and so aggressive) that I often find that I'm just trying to keep passwords updated in 1Password rather than having them filled from the program. I still have software license details and some other sensitive information in 1Password, but could theoretically do what you're doing and put it elsewhere...

Also hate software subscriptions and have mixed feelings about 1Password no longer prioritizing the Mac/Apple platform. I might still try 1Password 8 when 1Password 7 fully stops working... but don't have great feelings about the whole thing.

So far so good. No issues at all. As these iOS/iPadOS/MacOS upgrades roll out I keep on testing. Still have 1Password 7 installed incase I need to invoke it but I haven't had a reason to do so.

 

[svenmany]

I believe everything is stored on their servers, while your local vault may be read only or only for recovery,

No, 1Password works fine while offline. When you later connect to the internet, the changes you've made sync up.

 

[VineRider]

where does iCloud store the passwords?

iCloud (keychain) stores passwords on Apple iCloud servers. It is a cloud based solution like 1Password.

iCloud data security overview - Apple Support

iCloud uses strong security methods, employs strict policies to protect your information, and leads the industry in using privacy-preserving security technologies like end-to-end encryption for your data.

support.apple.com

Set up iCloud Keychain - Apple Support

With iCloud Keychain, you can keep your passwords (and other secure information) updated across your devices and shared with the people that you trust.

support.apple.com

 

[maflynn]

iCloud (keychain) stores passwords on Apple iCloud servers. It is a cloud based solution like 1Password

I think at this point most password managers are cloud based. What 1PW and Bitwarden have over iCloud is cross platform support

 

[VineRider]

I think at this point most password managers are cloud based. What 1PW and Bitwarden have over iCloud is cross platform support

Yes, agreed.

 

[MacBH928]

I think at this point most password managers are cloud based. What 1PW and Bitwarden have over iCloud is cross platform support

despite this fact, this doesn't mean a local storage option should not be an option at least from a competitive vendor.

I wonder if it could work like this: local storage (updates) -> sends update to cloud - > updates send to 2nd device -> 2nd device stores passwords locally.

like the cloud is a 3rd device in the chain, or maybe a temporary transit for the data. I am very wary of some hack one day, and I am not sure why password manager vendors are so confident of their security but I guess I can trust them.

Its been like maybe 10 years of online password storage so far no password leaks happened... at least not with the reputable vendors.

 

[maflynn]

this doesn't mean a local storage option should not be an option at least from a competitive vendor.

Perhaps, but it seems the general consensus is that competitive vendors are cloud only

I wonder if it could work like this: local storage (updates) -> sends update to cloud - > updates send to 2nd device -> 2nd device stores passwords locally.

Isn't that how the cloud based password managers work now? I mean they have a local copy, so you can access your passwords offline, then upload changes to the cloud so other devices can by synced up.

 

[Rivvvers]

…

 

[maflynn]

Moved to Strong Box pro about a year ago and it was the best decision, lifetime was pricey but caught it in a sale, but worth it in the end due to the security features

I was googling Strong Box (because I'm unfamiliar with them) and I stumbled on this reddit thread.

https://www.reddit.com/r/selfhosted/comments/t4lsx2

I wanted to highlight a couple of points regarding that thread

First its Apple only, though there may be a work around

Cons:

• Expensive: $60 for pro on mobile and $30 for desktop
• Only supports Apple devices and Safari's Autofill, so would need to use a separate app (like Keeweb) for Windows and Android and non-Safari browsers

Yet Another Update: I went over the security audit for Enpass again and was not pleased with how incomplete and poor they did. Strongbox hasn't been audited yet either.

It looks like the OP went with BW or at least leaning towards that. I'm pretty happy with 1PW at this point, followed closely by BW. I think for my needs cross platform integration is a must, which pushes StrongBox out of contention.

I have no agenda for or against other PW managers, but I do think that linked reddit thread is interesting to read

 

[Alwis]

What 1PW and Bitwarden have over iCloud is cross platform support

Yes, but Bitwarden has the option to self host the server component. Wich is exactly the reason I will switch to Bitwarden (I am still on a 1PW 7 perpetual license). I have tested this and it works for me.

If I had no issues with storing my password in the cloud I would keep using 1PW, subscription or not. But I will never ever store my passwords on a server outside of my house.

 

[svenmany]

But I will never ever store my passwords on a server outside of my house.

No offsite backup?

 

[Alwis]

No offsite backup?

I do offsite backups, but solely under my own control. And even with a cloud based solution for my password manager I would still have to do this for all my other data.

 

[svenmany]

I do offsite backups, but solely under my own control. And even with a cloud based solution for my password manager I would still have to do this for all my other data.

I don't really have a choice to not use the cloud for password and other document storage. I need redundancy in different geographical regions. There are too many natural disasters, especially in my area, to have a nearby location provide the needed redundancy. Also, it's too hard to transport weekly backups offsite; I suspect I would just procrastinate.

I suspect that many people who keep their passwords locally don't bother with offsite backup, or do it inadequately or insecurely. Anyone moving a backup disk to another location has to review the history of burglaries and other problems in that location to evaluate the risk. In my opinion, the casual user is shooting themselves in the foot when avoiding cloud storage of their passwords. I'm not suggesting any particular individual on this thread is a casual user.

There was a post by a security researcher that I've lost track of. He said that the basic assumption should be that your vaults will be distributed; your NAS could be stolen, your home network or computer could be compromised, your backup on Dropbox could be accessed, 1Password servers could be hacked, etc. The key, he said, is the quality of the vaults. He was very complimentary of 1Password and Bitwarden in that post. He knew the people working on the products and he knew the details of the implementations.

 

[gregmac19]

So far so good. No issues at all. As these iOS/iPadOS/MacOS upgrades roll out I keep on testing. Still have 1Password 7 installed incase I need to invoke it but I haven't had a reason to do so.

My experience with iCloud Password (hereafter, Password) hasn’t been that good. It was the only password manager I used on all my Apple devices, but about a year ago I switched to a password manager (Codebook) on my Mac that allows me to keep my vault off any server. As I don’t need most of my passwords on my iPhone or iPad, I don’t currently sync my Codebook passwords to my iOS devices. For the few non-critical passwords (e.g., AllTrails) that I want on my iOS devices, I’ve been continuing to use Password, but it can’t handle this simple task without giving me headaches. Some of the Password problems were mentioned in Posts 1910-1912 on this thread, but I’ll expound upon them and add to the list:

Problem 1: Sometimes if you delete a password, and then immediately exit and reenter Password, the password reappears. (I figured out a way to cure this problem (Ref: Post 1911).)

Problem 2: Regularly, passwords that where deleted months or more ago, suddenly reappear. For instance, when I had opened Password up Sunday night for the first time in more than four weeks, at least a dozen passwords that I deleted months ago were there. After carefully checking to make sure these entries didn’t contain needed passwords, I re-deleted them. The passwords are still gone on the writing of this post, but I am sure they will reappear in a week or two, just like what has happened before.

Problem 3: I need to have Apple AutoFill enabled to automatically fill fields when using Codebook with Safari. However, this means that Password will occasionally prompt me to save passwords when I have no desire to save them in Password. Even when I decline to save the passwords, it often creates an entry in Password and labels it “Never Saved.” So besides re-deleting reappearing password entries, I end up spending time deleting “Never Saved” entries.

The problem of reappearing passwords has caused me to lose confidence in Password. And I don’t like all the unnecessary maintenance on my Password vault. Thus, I plan to abandon Password and use a different password manager on my iOS devices.

EDIT (Aug. 16, 2024): I noticed that the last two times passwords have been “resurrected,” it was shortly after I installed a system update. I’ll post again if I get a solution from Apple about this issue.

 

[Alwis]

There was a post by a security researcher that I've lost track of. He said that the basic assumption should be that your vaults will be distributed; your NAS could be stolen, your home network or computer could be compromised, your backup on Dropbox could be accessed, 1Password servers could be hacked, etc. The key, he said, is the quality of the vaults. He was very complimentary of 1Password and Bitwarden in that post. He knew the people working on the products and he knew the details of the implementations.

Yes, you should encrypt every disk containing personal data. And in theory 1PW vauls are safe, as they are encrypted. But developers make mistakes (I am one myself, so I should know ). And these mistake could compromise your data. And a single location with passwords from millions of people is a very attractive target for attackers. The fact, that 1PW comes from one of the "five eyes" states is an other issue.

For my backups I use different targets. I have two NAS in my house, one in the cellar the other in the first floor (second for the US). Beside that I use two sets of backup disks stored in two locations in my home. Regulary on of these disks is replaced by a new one and the old one goes to a safe deposit box. And I have a server in my dads home, several hundred kilometers away, that I use for backups via VPN.

All disks are encrypted and I have paper backups of the keys in secure locations

 

[nylon]

My experience with iCloud Password (hereafter, Password) hasn’t been that good. It was the only password manager I used on all my Apple devices, but about a year ago I switched to a password manager (Codebook) on my Mac that allows me to keep my vault off any server. As I don’t need most of my passwords on my iPhone or iPad, I don’t currently sync my Codebook passwords to my iOS devices. For the few non-critical passwords (e.g., AllTrails) that I want on my iOS devices, I’ve been continuing to use Password, but it can’t handle this simple task without giving me headaches. Some of the Password problems were mentioned in Posts 1910-1912 on this thread, but I’ll expound upon them and add to the list:

Problem 1: Sometimes if you delete a password, and then immediately exit and reenter Password, the password reappears. (I figured out a way to cure this problem (Ref: Post 1911).)

Problem 2: Regularly, passwords that where deleted months or more ago, suddenly reappear. For instance, when I had opened Password up Sunday night for the first time in more than four weeks, at least a dozen passwords that I deleted months ago were there. After carefully checking to make sure these entries didn’t contain needed passwords, I re-deleted them. The passwords are still gone on the writing of this post, but I am sure they will reappear in a week or two, just like what has happened before.

Problem 3: I need to have Apple AutoFill enabled to automatically fill fields when using Codebook with Safari. However, this means that Password will occasionally prompt me to save passwords when I have no desire to save them in Password. Even when I decline to save the passwords, it often creates an entry in Password and labels it “Never Saved.” So besides re-deleting reappearing password entries, I end up spending time deleting “Never Saved” entries.

The problem of reappearing passwords has caused me to loss confidence in Password. And I don’t like all the unnecessary maintenance on my Password vault. Thus, I plan to abandon Password and use a different password manager on my iOS devices.

I never had syncing issues with 1Password 7 as I stored the vault in iCloud.

When native iCloud passwords was relatively new I briefly tried it and had constant sync issues. It seems native iCloud passwords has matured significantly when it comes to sync stability.

I also wish iCloud Passwords & 1Password (still) allowed you to store and sync your passwords locally off the cloud if you wished. Sadly that doesn't seem to be the case. I inherently trust Apple's security more than I trust 1Password's security. I have no scientific basis for this belief. However, I come across articles about database and server breaches with consumer/password data being leaked for this or that company/app constantly. I haven't seen that with Apple or iCloud as yet apart from the ones where people have fallen for a social engineering trap. I readily admit I may be wrong on this. Combined with the switch to subscription model I just thought I'd give iCloud passwords a try. So far so good.

 

[parameter]

I haven't visited this thread in a while, and still running 1PW 7.
Has anyone been running the Sonoma betas/PR or the final which comes out today along with 1PW 7? Does it still work and function the same as it does in Ventura?

That wouldn't be a very fun experience to upgrade to if v7 stops working for any number of reasons.

 

[svenmany]

Yes, you should encrypt every disk containing personal data. And in theory 1PW vauls are safe, as they are encrypted. But developers make mistakes (I am one myself, so I should know ). And these mistake could compromise your data. And a single location with passwords from millions of people is a very attractive target for attackers. The fact, that 1PW comes from one of the "five eyes" states is an other issue.

For my backups I use different targets. I have two NAS in my house, one in the cellar the other in the first floor (second for the US). Beside that I use two sets of backup disks stored in two locations in my home. Regulary on of these disks is replaced by a new one and the old one goes to a safe deposit box. And I have a server in my dads home, several hundred kilometers away, that I use for backups via VPN.

All disks are encrypted and I have paper backups of the keys in secure locations

You are one of the few people whom I would trust to not use cloud storage for offsite backup.

 

[Alwis]

I haven't visited this thread in a while, and still running 1PW 7.
Has anyone been running the Sonoma betas/PR or the final which comes out today along with 1PW 7? Does it still work and function the same as it does in Ventura?

A while ago someone posted in the „supported apps“ thread, that 1PW worked fine in one of the betas.

 

[NDPTAL85]

That’s an insane number of employees, for what their (relatively simple) flagship product actually does. I can only imagine that they get a ton of support calls from customers, and have a huge team to deal with that. Then they’ll have a sales team, an HR team, a payroll team, a legal team… that’s where your subscription money is going.

Most large Password Managers make WAY more money supporting large corporations via Single Sign On and Passwordless Authentication then they do from individuals who made up their original customer base.

 

[NDPTAL85]

I have been following this thread for quite a while and find it very interesting as everyone tests out these products. Password security is very important and its interesting to learn what others value in a password manager. As a LastPass user for years, I've not tried any of these competing products. I've used Apple Keychain and Microsoft password synch solutions, but once I locked in on LastPass I've stayed with this product.

I do see the value in choosing where your vaults are (local versus cloud) etc. but for me personally, the main feature I am concerned about is encryption. All of these solutions offer industry grade encryption and I feel at the end of the day, no matter where you store your passwords, encryption is the most important factor.

My post is not to try and change anyone's mind or persuade them to try LastPass, but I just got this email from LastPass so thought I'd share as information that some might find interesting.

LastPass Investing Even More in Your Password Security in 2022 - The LastPass Blog

A new era for LastPass is about to begin. Today, were excited to announce our intent to establish

blog.lastpass.com

Keep up the great testing - I really do enjoy reading about everyone's experience and who knows, I might get persuaded to try a different solution

Hoo boy this did not age well. Turns out LastPass has been hacked 7 times in the last 10 years.

 

[VineRider]

Hoo boy this did not age well. Turns out LastPass has been hacked 7 times in the last 10 years.

You are not kidding. I moved off of them over a year ago. The way they handled that breach last August was absolutely unacceptable. I moved off of that product and went through the exercise of resetting all of my passwords.

 

[bradl]

I haven't visited this thread in a while, and still running 1PW 7.
Has anyone been running the Sonoma betas/PR or the final which comes out today along with 1PW 7? Does it still work and function the same as it does in Ventura?

That wouldn't be a very fun experience to upgrade to if v7 stops working for any number of reasons.

1PW 7 will work on Sonoma, and any future version of MacOS. 1PW 7 is a universal binary, meaning that it was compiled for both the AS and Intel architectures, so when Apple drops Intel Support, 1PW 7 will still work. As you have that on a lifetime license, you're in the sweet spot until your Mac stops running. By comparison, I still have my mid-2011 13" MBA running 1PW 6 on Big Sur. As long as that Mac runs, 1PW 6 will run.

BL.