Feature Requst: Sync with private cloud (e.g. via WebDAV)

stlei

Dear Agilebits team,

I like the ease of syncing 1password between different Mac and iOS device via Dropbox or iCloud.

Nevertheless I feel quiet uncomfortable in respect the security issues. For other applications and sensitve material I am running my own cloud infrastructure based on a NAS.

So I would prefer to sync 1password via WebDAV or any other approbriate protocoll with my own cloud infrastructure. Maybe you can take this into account for upcoming releases.

Thanks and regards

Megan

Hi @stlei,

Thanks so much for letting me know that you're interested in this. I am so glad you are thinking strongly about the security of your data - thats what we like to see!

Please note that the security of your 1Password data does not depend on the security of your cloud sync. Your data file is encrypted with an exceedingly secure encryption algorithm called AES. Even if someone were to acquire a copy of your 1Password data file, it would be extremely difficult (approaching impossible in a human lifetime) for them to actually gain access to your passwords without your Master Password. In short, we believe it is just as secure as having the data on your laptop. To learn more about cloud data security, have a read through the following article.

http://help.agilebits.com/1Password3/cloud_storage_security.html

And you can see the thoughts behind our data format's design here.

http://learn.agilebits.com/1Password4/Security/keychain-design.html

Also, you can check out our blog for many more articles that go into the nitty gritty math behind what makes 1Password so secure.

http://blog.agilebits.com/tag/cryptography_/

That being said, we have been hearing a lot about alternative sync solutions recently, and our developers are listening. More options are coming soon!

icke

Hello , please support WebDAV... With my synology diskStation...

without this Future, I will not buy a password Manager...

;-(

Greeting ...

Jasper

HI @icke,

Thanks for the feedback!

However, last time we tried, it turned out that the speed and reliability of WebDAV file systems weren't up to the demands that were needed for the structure of the Agile Keychain Format. Once we started testing it in practical use, it just failed miserably.

But I'll certainly let our developers know that you're interested in WebDAV sync. :)

MikeT

Hi guys,

There is a way to use 1Password without using the cloud services. It is a bit more work but it'd work.

On Macs, there is the Wi-Fi sync that you can perform between your iOS devices and the Macs, and on Macs, you can use Folder Sync to place a copy of your data on the NAS/WebDAV. 1Password on Mac will sync between its internal database and the folder you've stored on WebDAV and then perform the sync to your iOS devices via the Wi-Fi network.

Justin Klein

+1 more for WebDAV. I've evaluated numerous password managers, and would have gone with 1Password if only it supported this feature.

I believe this guy said it best: https://discussions.agilebits.com/discussion/14604/please-no-more-excuses-implement-webdav

(It appears that you've been avoiding it for some years, which is really a shame. If you do ever decide to add it, please let me know and I'll probably become a customer - I say "probably" just because due to your reluctance, I've had to find another solution in the interim).

Jasper

Thanks for the feedback, Justin.

littlebobbytables

@JasperP Can I ask, when was the last time it was tested? I'm wondering if it has been tested with the newer cloud file or if it's only the older format that has been tested. I only ask as I'm sure I read somewhere on these forums that the newer format was more efficient (as well as encrypting more information than the older sync format). Is it possible that performance issues may be lessened with the newer format?

ds82

iCloud and Dropbox are not the most reliable sync services, either.

I'm using 1password for some time now and I think it's a great software. But the missing support for webdav sync on iOS really starts to annoy me. 1password is the only reason I'm still using dropbox. I moved all of my other files & sync's to owncloud.

I'm considering switching to another password manager in the near future if 1password keeps forcing me to use dropbox to get convenient sync. Yes, there are other ways to sync with my mac, I read it. But as I said - dropbox (and icloud) are the only convenient one's even my GF can handle. If we learned something in the last year then that we should care more than ever where our data is stored - even if it is said to be securely encrypted.

Megan

Hi @littlebobbytables‌ and @ds82,

Is it possible that performance issues may be lessened with the newer format?

With our new data format come new opportunities, that's for sure! There has been a renewed exploration of WebDAV with the move to cloud keychain, but I don't have anything more concrete to offer at this time.

I would like to draw your attention to something that @MikeT said in another thread:

We do plan to provide additional sync solutions to 1Password in the future, as to which one, we don't have that information yet. It all depends on the services' ability to allow iOS and/or Android apps to access the data via its API securely and quickly. Many don't have that option yet.

Additional local sync options such as Wi-Fi sync, WebDAV/SFTP to NAS, and so on, are included in the same plan as well. These options are a little bit more difficult to support than cloud-based solutions but we are aware of all the benefits they provide over the cloud solutions.

For now, I hope that his suggestion above to use a combination of Folder and Wi-Fi sync helps!

spitf1r3

I have been using ownCloud with 1Password for Mac and Windows, and I really see no reason, why it shouldn't be supported on iOS devices.
I want to own my data (especially sensitive), and even though I know algorithms used in 1Password keychain are strong, nothing is unbreakable.
Syncing data between devices is very convenient, but I really don't want to keep my passwords on Dropbox, company that seems to be hostile to privacy.

Basti

+1 more for Webdav.
As mentioned in this thread, we'd love to have additional options apart from Dropbox and iCloud. ownCloud has been mentioned already, Spideroak would also be a worthwhile alternative.

As to WebDAV. I'm using OmniFocus, a task manager for the Mac and iOS. They offer a sync service via their own server or WebDAV. By offering WebDAV you might also be able to sell more licences to enterprise customers who aren't allowed to use sync services such as Dropbox.

jrozelle

+1 for Webdav support. You're selling security software, increase that security by allowing private cloud !

MikeT

Hi guys,

Thanks for your votes. I've added them to our list.

@spitf1r3‌:

I really see no reason, why it shouldn't be supported on iOS device

The iOS platform does not have a user-accessible file system and does not have a WebDAV protocol built in. In order for 1Password to access your own local server, we must write our own client code to access the server, and this is true for every sync service, including both local and cloud services. The protocol must be secure, quick, reliable, and flexible to accommodate changes in both ways.

We've tried WebDAV in the past and it wasn't flexible enough for our data structure, we ran into too many issues with it, and we had to kill it. With the upcoming OPVault format, it might just be enough to support on WebDAV but we won't know until we test it again.

Berni Steiner

I would like to emphasize the need for a sync mechanism for a NAS/private cloud solution!

Everybody who is data sensitive (and THIS are your 1password users by nature!) hates putting passwords from his/her complete internet life on Dropbox or iCloud. This is not a matter of breakability of RSA but a well-known principle of security: take care about all layers involved, especially the lowest layers like data storage and data transmission.

If WebDAV is not reliable enough, please please think about a suitable alternative for synology/private clouds.

Thanks a lot for considering it - I am sure this would be another great value-add that would distinct you from competing password solutions.

Lukas Stabe

I, too, would like to see support for additional syncing options. With the new document provider extensions in iOS 8, couldn't you implement sync in a way that is independent of actual protocol used?

Programie

I also would love to have a private cloud syncing option in the iOS app. Owncloud would be really cool. :smile:

Currently I'm syncing my 1Password vault with Dropbox, but I think using a non-private cloud service to sync the vault is not the best thing.

I know 1Password uses strong encryption methods, but encryption is not the only thing to think about. Ever thought about brute-forcing the master password? Early or later an attacker would get the master password and has access to all my passwords...

oliverr

+1 more for Webdav and for possible other privat clouds (owncloud) and for spideroak

[Deleted User]

I came here searching for exactly that. As I refrain from using any cloud that's not my own, I'd love to have the ability to sync via my WebDav server.

DomT4

I can't seem to keep a track of this thread without commenting, so I'll just add my vote to the idea of more-secure syncing options here. Something like Wuala, Spideroak, or OwnCloud would be particularly great.

mcschust

+1 for WebDAV

jelveh

Also +1 for webdav storage! That would allow me to use 1password on my iphone.

nschmuck

Yes, please add WebDAV support for syncing. This would also allow to use Protonet server via ProtoSync very elegantly, see thread: https://support.protonet.info/?qa=774/1password-synchronisation-zwischen-mehreren-geraten

ALE1

+1 I would like to make use of my own private cloud to. Dropbox or iCould are not controlled by me and I don't like that. Sync with e.g. a Synology NAS would be absolute great. I hope to see this RfE very soon implemented in your software.
Thank you.

linuxprofessor

+1 for this!

asmagill

Consider this another request for webdav, specificaly ownCloud (as I understand it, ownCloud has it's own API, but also supports straight webdav)...

Fredrik Alm

Webdav would be okay, but I'd much rather have SFTP sync with support for rsa key (for some reason, certain developers make incomplete ssh/sftp implementations in their apps by only supporting password logins. totally crazy imo!). That would solve so many issues :+1:

atomic

+1
There are tons of mature libraries available for IOS, e.g. DZWebDAVClient (based on AFNetworking you also use), AFDAVKit, and many more.
So when you Mike, talk about the "client" in #14 it obviously doesn't mean WebDAV itself, but any sort of sync client on top of that.

torben

+1 for private cloud storage (WebDAV, SFTP, whatever), the reasons (best regards to NSA and GHCQ) should be pretty clear. a) Even if AES is - to the best of our knowledge - difficult to break, this may change in the future. b) The safety of a password file in Dropbox is only depending on the complexity and secrecy of the passphrase. c) One has to assume, that the password files now stored in Dropbox and iCloud are essentially publicly available. Oh, and while you're doing a pretty amazing job with 1password, d) no software is bug free (ask the OpenSSL guys if you don't know what I mean).

Moving the storage to a private cloud increases control of the data, especially if secured by PFS-style encryption, and thus decreases the risk of compromising it.