Enough of 1Password

You’re supposed to use different, strong, unique, passwords for each website. But it’s practically impossible for you to remember all of them. Enter password managers. I think they’re pretty much required tools nowadays. I’ve been quite happy with 1Password, that is, until recently. It has become somewhat less functional for me in recent times.

AgileBits, the company behind 1Password, moved from a perpetual-licence model to a cloud subscription model. While they still offered the old perpetual-license model, it’s very clear where they are headed, both in terms of where you see new features are available, and how they are presented on their website.

I don’t mind that so much. That’s always something we had to consider. A perpetual license is only the promise that you can use what you have, right now, forever, and not that you are also entitled to all future versions forever. Considering the cost one had to pay for the perpetual license in the old days, this move is sure to upset customers like me. But hey, as long as everything just works, it’s not too bad. I know I may be missing a bunch of nice new features, but I paid for the perpetual license without those features anyway.

What upsets me is that, one of the chief reasons I liked about 1Password, has now become something that AgileBits doesn’t seem at all interested to support. I loved the fact that in 1Password, all your secrets are stored locally. There is no dependency on a a central service. If I wanted to sync my secrets, I can do that myself. Sure, 1Password provides convenient sync through DropBox and iCloud, as well as their new 1Password.com cloud service, but I can also use a filesystem folder that 1Password leaves me to figure out the sync myself.

That’s between computers. To sync with Android, there was the option of a local WLAN Server to sync between my Mac and my Android smartphone. Exactly what I want. No dependency on any cloud service. My secrets never go to the cloud.

I know, the 1Password vaults are strongly encrypted, they are safe, and their contents are still safe even if they are synced through a cloud service. The folks at 1Password themselves have no way of getting at the contents. I know, I agree. But I believe in defence-in-depth. Wouldn’t it be better if the vaults never even left my controlled network environment?

I’m miffed that 1Password broke the WLAN Server sync with Android, at least from Oreo version 8.0. I have two Android Oreo devices, and both don’t work with the WLAN Server anymore.

I thought I had a backup strategy. The 1Password Android app can sync with local storage. Well, I finally gave up on WLAN Server and decided to setup the local storage. Then, I found out that the 1Password Android app doesn’t work with the new OPVault format. For some strange reasons, it will support that same format when using Dropbox, but not on local storage. AgileBits developed the OPVault format in 2012, which they themselves describe as a stronger data format, provides authenticated encryption, and many other improvements.

This new format, however, is not supported when you try to sync with local storage, forcing you to go back to the old AgileKeychain vault format.

Others are as peeved as I am. I wouldn’t have to be concerned about a deprecated format, let alone the cloud subscription, had AgileBits simply made sure WLAN Server works. But they seem pretty disinterested. Look at the language on their support page:

The WLAN server in 1Password is complex and depends on many factors, including your network environment and software configuration. This article is a collection of all known solutions for connection problems.

We’re unable to troubleshoot issues with the WLAN server beyond the scope of this article. If you’ve tried everything in the article and are still unable to connect, switch to a more reliable sync method.

The WLAN Server is complex? Really, all I needed to do in the past was to turn it on, and it just worked. Alright, there was some secret I had to enter on my Android device. But WLAN Server was simple, and it worked perfectly.

AgileBits staff members on the company’s community forum are mostly just echoing the their preference for you to go to their cloud subscription service. They’re saying their priority is with variety of features, mostly related to their cloud subscription. The old-time customers like myself have been abandoned.

So now I’ve to look for another password manager. I’ve exploring Enpass now. It’s admittedly not as polished as 1Password, though their UI is surprisingly similar. But at least, out of the box, Enpass supports syncing to a filesystem folder, or cloud services like Dropbox, iCloud, Google Drive, One Drive, Box, and ownCloud/WebDAV. The last one, WebDAV, is basically very open, allowing you to sync to any WebDAV server.

One Response to Enough of 1Password

  1. … why not Keypass? ( https://keepass.info/ )

Leave a Reply

Your email address will not be published. Required fields are marked *