1Password + iCloud Drive for Windows

Byron Polley

I have been another user patiently waiting for OneDrive integration for the 1Password keychain. This would essentially allow Windows, Mac and mobile devices to access it.

However last night when using iCloud Drive it got me thinking. If you could make the 1Password keychain accessible via the storage service and not a discrete feature syncing in the hidden sector of iCloud then Windows users could essentially sync across all devices with minimal implementation from AgileBits. This is assuming that it is possible or feasible to allow access through the physical storage of iCloud Drive.

Scanner Pro by Readdle has implemented this feature and all my scans appear in my iCloud Drive once taken off my iPhone.

A feature like this would be a cheeky workaround ;) Just an idea.

Drew_AG

Hi Byron,

Thanks for your feedback about this! As you can probably imagine, we've received other similar questions about using the folder sync feature of iCloud Drive to sync 1Password data between Windows, Mac, and iOS. This has been discussed in some other threads, but to summarize:

The keychain folder that contains your 1Password data on Windows is actually a folder bundle on a Mac. Right now, iCloud Drive has trouble detecting changes to Mac's bundle files. (I don't believe it works with bundle files on iOS, either.) So unfortunately it won't currently work as a folder sync option for 1Password. This is one of the reasons we're using Apple's CloudKit technology in 1Password 5 for iOS (and soon in the Mac version). The drawback is that CloudKit isn't supported on Windows.

We do receive a lot of requests to add support for other cloud sync services, and our developers have certainly been exploring options. It's a little more complicated than it may seem, but hopefully we'll have more options for you in the future.

Aside from that, I hope you're enjoying 1Password!

DBrown

Nice summary, @Drew_AG‌. I have trouble keeping the *cloud* craziness straight. :/

Sean Logue

Drew, thanks for the detailed and clear response. I mean that. I manage a team of developers for a large software company, and I totally respect what you are doing here, and how much time it takes.

I like dropbox, but I strongly dislike relying on them for 1Password. I'm paying for extra storage on iCloud, and I feel confident that it will be around for quite a while (albeit in various forms), and that I have someone who I can yell at if it doesn't work. Dropbox is a company that should have been acquired, but wasn't. They are also free, which means consumers have no leverage whatsoever. Yes, it works. But, I have zero confidence that will continue, and if the teenagers running the company decide to turn off their servers tomorrow, there won't be anything anyone do about it.

I have moved to all Apple systems at home. I have multiple iPads, iPhones, and a high-end iMac. My daughter uses a Macbook Air. But, I spend many hours on a Windows laptop for work, so syncing between them all is essential. I'm not alone.

I strongly urge you to figure out the intricacies of Apple's iCloud, and make your software work with it. Even if it means storing things in a different way. You should be absolutely terrified right now that Dropbox could announce tomorrow that they are shutting down, or moving to an all paid subscription model. That would be disastrous for your company.

I feel invested in your product, and I want it to succeed. And, I'm very concerned that you are making a basic mistake that is exposing you to a high-level of risk.

Please take what I've said seriously. Copy it and forward it up the chain. You have my permission to do so. Just don't ignore it. Please.

Sean

svondutch

I strongly urge you to figure out the intricacies of Apple's iCloud, and make your software work with it.

I'm afraid it is not that simple. iCloud for iOS8 (CloudKit) is NOT compatible with iCloud for OS X Mavericks (iCloud Documents & Data) is NOT compatible with iCloud for Windows (iCloud Drive).

If you do not like Dropbox, then there are always alternatives. OneDrive, for example. You can use OneDrive as a sync service on Mac and Windows, and then sync 1Password to your iPhone via Wi-Fi Sync.

Sean Logue

Okay, that makes sense. Thanks for the quick response.

Will it be possible to make this work after Yosemite comes out? Or will there still be a compatibility issue between platforms?

svondutch

Will it be possible to make this work after Yosemite comes out?

Probably not. 1Password for iOS8 and Yosemite are using CloudKit (not iCloud Drive). CloudKit does not exist on Windows.

caparomula

I, like Sean, am uneasy about dropbox. I loved 1Password when I used Apple devices pretty much exclusively, but now that I use Windows more, and having closed my dropbox account, I find myself using 1Password less. I don't imagine I will pay for any new version unless it solves this problem. I understand that iCloud and dropbox both provide services that facilitate synchronizing, but I wonder if using those APIs actually makes the process more complicated than it would be if you just rolled your own, using trustworthy cloud storage like Amazon S3 or some such under the hood.

Anyways, I suggest that your business would benefit by handling the synchronization for your clients transparently. I don't doubt that many potential customers turn away when they discover that your product depends upon their deciding upon and then configuring a third party service. Let your customers simply sign in with an existing account (google, facebook, etc.) and you handle the rest.

DBrown

That's a very interesting idea, @caparomula‌!

Don't forget that your 1Password data is extremely well protected, even if your Dropbox account were somehow to be hacked.

As far as I know, the only potential path into your 1Password data that's related to Dropbox is the following:

1. Someone gets your Dropbox password and gains access to your Dropbox account.
2. He replaces the 1Password.html file with one that sends him your master password.
3. You actually open 1Password.html and enter your master password.

In other words, if you don't use 1PasswordAnywhere, your 1Password data is as secure as your master password is strong, even if you know your Dropbox account has been broken into by someone with the skill to re-code the HTML file and replace your copy.

I'm afraid I don't understand the comment about "handling the synchronization for your clients transparently." We're very clear about the sync options available to you.

RichardPayne

What makes you think that Amazon S3 is any more or less secure than Dropbox?

DBrown

Oh, I don't think that at all. :)

Lots of people seem to, though.

RichardPayne

I wasn't talking to you @DBrown. :stuck_out_tongue:

DBrown

Thanks!

ktech

Hello,

Just to give my input here - I think it would be a great idea for Agile Bits to develop their own back-end storage solution based on possibly an Amazon solution (there are many other Amazon products available). Amazon's NoSql solution DynamoDB would be a great option to explore along with S3 or possibly even a MongoDB implementation on Amazon. These are just two of many solutions that I do not have time to list here...

As for security - you will not loose ANY security going UP from an Amazon solution like S3 or NoSql to DropBox... From your explanation (and no research to verify on my behalf - because I'm currently typing this at my work - as a software engineer - where my company makes me use Windows), DropBox has an HTML file that you would have to modify to gain access or something, after (logging-in / intruding) on somebody else's DropBox account.. But the industry standard right now is Amazon S3, or like I said above, many other options available from or on Amazon Web Services (Or even Google App Platform!).

I love 1Password, and Agile Bits is a great company - but NOT offering a cross-platform storage sync solution for 1password app data is just bad.. very bad.. From experience, you can develop a back-end storage solution that would work just fine cross-platform. Many other companies have done it, including mine. And the notion that any data storage solution you should choose, can only work on Windows, Mac or Linux, in this day and age is very archaic and frankly incorrect. This is what happens when you stick primarily to a platform like iCloud API Storage or DropBox and build upon solutions that are not meant for your needs. The iCloud API and Dropbox solutions should be used (at most) to COMPLIMENT a real data sync solution developed in-house or on top of Amazon's web services.

In general - the language your software is developed-in, should be the most limiting factor in portability - but clearly you have developed a cross platform solution... Not sure why any notion of developing an in-house storage solution back-end for 1password would be any harder (or even considered, not possible!!?!?) :)

As for @Sean Logue

"Yes, it works. But, I have zero confidence that will continue, and if the teenagers running the company decide to turn off their servers tomorrow, there won't be anything anyone do about it."

DropBox is not going anywhere... And I did not know it was written by teenagers... :-) .. It was actually written by 2 frat-boys that are worth millions now - and DropBox has become a preferred industry standard. But it is NOT the correct solution for what 1password needs for their primary data sync storage solution.

A while back when 1Password was initially created, these may have been viable solutions, but they have both long out-grown their use and there are many better alternatives out there.

Keep fighting the good fight @DBrown / Agile Bits,
Vas

RichardPayne

and DropBox has become a preferred industry standard. But it is NOT the correct solution for what 1password needs for their primary data sync storage solution.

Why?

AlexHoffmann

I'm interested in this, too @ktech

Yes, an in-house data synchronsiation solution has a lot of advantages but it can also be a bag of hurt with a multitude of potential drawbacks, not to mention that building a robust syncing solution is not an easy task. Just ask the makers of Simplenote or Things.

That being said, what you proposed—if I understood it correctly—isn't much different from what we're already doing with Dropbox across platforms and iCloud between Apple devices and what our users can do with pretty much any synchronisation service they like between OS X and Windows:

You encrypt a database on one device > transfer the encrypted data via the servers of a third party > then receive and decrypt the data on the second device.

The beauty of this method is that you as a user and we as a company only have to care about encryption and not about authentication to keep your data safe.

ktech

@AlexHoffman I completely understand the hurdles - at work we have written plenty of custom data synchronization solutions / functionality for our product(s). These features allows users to modify a local copy of their database (not a traditional database with a traditional API), then commit changes to a central repository that needs to have sync and locking / data integrity mechanisms in place. It's a pain.

I love 1Password, but I feel that it's data storage and synchronization solutions (currently DropBox and iCloud) are not good nor adequate for 1Password. And a lot of Mac users agree with me - usually once they have to Switch from iCloud to Dropbox on their Macs once they have to add a Windows computer to the sync group.

For example, I do not like DropBox and I don't want to have to install it on any of my computers (because I do not use it). So why should I have to install 1 Password client on all my computers (Home and Work), just to use 1Password synchronization capabilities when not on the same WiFi.

I think 1Password should have their own data sync service; it should just have a simple synchronization feature service that does everything in the background, and all the user has to do is setup their Agile Bits account in the preference panel of each 1Password.

Why?

Let's say for the sake of the argument - because I don't want to install third party software like Dropbox; I believe that 1Password is a mature enough product, to where it should have a simple and good cross-platform sync option available.

In Summation: I really love 1Password on my Mac and iPhone but I think it should include an in-house sync option, because I don't want to have to install DropBox on my all my Macs, just so I can sync with my Work computer (Windows).

AlexHoffmann

That is perfectly understandable @ktech, thanks for elaborating. I can tell you that in the team we have similar discussions and it's something we've been considering more than once.

RichardPayne

Personally I don't think it's understandable. Is installing Dropbox really such a hassle?

That said, I do think that Agilebits' reliance on Dropbox as the only supported cross platform service is a problem.

MikeT

Hi guys,

Thanks for your feedback.

@RichardPayne we are planning to add more services over time and I know we've been saying that for a few years now. It's just that many of the popular services doesn't have all of the APIs we need and want. The companies have heard our feedback and I know the previous API updates for OneDrive and Google Drive has made a few steps in the right direction.

We're working on OneDrive already for the 1Password for Modern alpha app, hopefully, it will turn out well.

As for our own in-house sync solution, that's something we really would love to do. Who wouldn't want a complete control of their own stack and it would be nice to simplify the overall process to simply log into the 1Password account and bam, everything is all managed for you in the background. It would definitely make debugging the sync issues much easier without having to depend on the sync vendors.

This has always been on our mind for a very long time and the good news is that as cloud services continue to mature, they're also making it easier for companies like us to build a service on top of them. After all, Dropbox is based mostly on Amazon's S3, Apple's iCloud/CloudKit is on Azure, S3, and so on. Will we do it, we don't know, we want to but we'll just have to wait and see how the future turns out.

ktech

@MikeT @AlexHoffmann ^ This is why people love 1Password, it has always been improving on what I think has always been a great product :)

@RichardPayne Yes I don't want to have to install third party apps and register for third party services (IE: Dropbox, to use the third party apps) just to use 1Password's basic cross-platform sync functionality. I believe most would agree as this has become a principal for most good software.

:+1:

MikeT

Hi @ktech,

I believe most would agree as this has become a principal for most good software.

At the very least, mature software with a sustainable business model. As you already stated early, it is a lot of hurdles especially for most apps that has a small development team behind it and doesn't have a lot of resources to build one. There are many companies that've spent half a decade coming up with a proper sync solution for their own products and such a task could easily run a small team out of business, especially in today's app world of cheap apps.

I think you might notice that most apps will start out using a third party sync service and slowly graduate to their own in-house sync. By using a third party sync service, they can spend 100% of their time focusing on making the best application and once they're at that stage, they can focus on building the best sync solution. That alone is a tough task and would equal to building one or two separate applications in addition to iterating on their original product.

The other thing is, you pay once for Dropbox account to sync all data. Each app having their own annual or monthly prices just for the sync can be expensive for many users.

At least 1Password has Auto-Type to help you fill in the account credentials for many apps with their in-house sync solutions. :P

ktech

@MikeT Oh I completely agree!

From experience, on a small development team, nobody likes to go back on a solution / decision made that had a lot of time (money) invested in it. Like you said, it could easily run a company out of business!

From a business aspect it looks like a bad decision.

BUT from the engineers point of view, it could be the "smart" thing to do because developers hate having to write hacks when a solution (IE: a third party storage solution) has long outlived it's use. This is not necessarily the case with 1Pass and Dropbox, but parallels can be concluded between the two examples.

All things considered, from a development / BA's perspective, Dropbox seems like it is an acceptable storage solution as long as the API's line up (which you mentioned above, they do, better than any of the other alternatives) - and that would be the main reason no to change it.

:+1:

ktech

And also - you guys have spent the time and gotten the product right. 1Password is great.

AGAlumB

The other thing is, you pay once for Dropbox account to sync all data. Each app having their own annual or monthly prices just for the sync can be expensive for many users.

This, which MikeT mentioned, is my favorite part of Dropbox -- never mind that it somehow has always managed to not screw up my data even when I do. And for users that don't need a lot of storage, the price can't be beat. ;)

All things considered, from a development / BA's perspective, Dropbox seems like it is an acceptable storage solution as long as the API's line up (which you mentioned above, they do, better than any of the other alternatives) - and that would be the main reason no to change it.

@ktech: Agreed. If a time comes where Dropbox changes in some way which makes good business sense for them but makes it less suitable for 1Password -- or 1Password 'outgrows' Dropbox and needs something more elaborate, per se -- then we will have to reevaluate. In the mean time, it's a great fit. And while it isn't to everyone's taste, this is why we offer other options. :+1:

And also - you guys have spent the time and gotten the product right. 1Password is great.

This means so much. Thank you! We really love making 1Password better, both for you, for ourselves, and for the rest of our awesome customers. Keep pushing us to improve, and we will always strive to do our very best to deserve you! :chuffed:

bschneider

I've found Owncloud to be a pretty good substitute. I have a dedicated server that I run it on, so I understand it's not for everyone. I guess I'm just throwing a +1 into the ring for iCloud over Dropbox. I hope they expose the functionality for you guys sooner then later.

AGAlumB

@bschneider: Thanks for the feedback! We'll definitely take that into consideration as we evaluate all of the various options going forward. :)