To protect your privacy: email us with billing or account questions instead of posting here.

What happens if I have a subscription and your servers go down? How do I get my passwords then?

jcminnesota
jcminnesota
Community Member
edited January 2018 in Memberships

I have a "standalone" 1P app purchased through the Apple Store. I just discovered 1Password.com and see that you are offering a subscription version for single or families. I think I am reading that if I go with the subscription version my vault with all my passwords and encryption keys are removed from my devices and maintained on your cloud servers. What if your servers go down? How would I access any of my applications? Please do not tell us that could never happen.....with such things as terrorists, Electro Magnetic Pulse Bombs.....and simple hackers.....that could threaten our electronic infrastructure.

If I delete my Vault is there a way to save a backup locally so I could restore it if your servers were out of commission?

Also a second question: Will you continue to support my PAID standalone version and update it?

Thanks. I really like using 1P but am concerned that this is a step backward from a security standpoint. I can understand you want to establish a better revenue stream for your Company and I support that since you have ongoing costs. I also have no great problem (grrrrrr) paying a subscription fee to keep you in business but there should be GREAT value added.

John


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:What happens if I have a subscription and your servers go down? How do I get my passwords then?

Comments

  • lark
    lark
    Community Member

    I, too, would like to know the answer to John's questions. Please consider also: my internet connection could be down, but that doesn't I don't need access to the data stored in my vault. Does that leave me up the proverbial creek?

  • Lars
    Lars
    1Password Alumni
    edited January 2018

    Welcome to the forum, @jcminnesota! Thanks for being a standalone 1Password customer. :)

    If you're thinking of trying out a 1password.com account, there's no risk to your or your data. We have a full 30 days free, so anyone can kick the tires for a nice extended period before having to commit to a subscription fee (monthly or annual). And no, your data are not removed from your device, if you've been using 1Password in standalone mode. For one thing, you'll retain all of your backups right up through the moment you create your account. But beyond that, you can create your account at the main 1Password sign-up page, set everything up, and then just add your account right into the app you already use. You can move your data over from your Primary vault into your 1password.com account, or you can copy it just to play with as a test. But your local vaults don't go poof in any event. If you decide to move forward with 1password.com, you can then choose to remove your local vaults and go full 1password.com.

    Most of us here at AgileBits went "full 1password.com" a while back, and we don't worry because if the AgileBits servers go down, we've got a cached copy of our data within every 1Password app where we're signed into our account. In fact, the scenario you're envisioning isn't functionally any different from one in which you as a user lose internet connectivity briefly due to a power outage or maybe because you drove out range of your wireless provider. In such circumstances, if your 1password.com account didn't have locally cached data, you wouldn't be able to access your data at all if you couldn't connect to the internet. Not something we want our users to have to experience. But during that brief time, everyone in such circumstances is using their local cache, so things move along without disruption. In fact, you might not even notice that your 1password.com vaults hadn't synced because as soon as you were back online, you would begin syncing with the server again. In the (unlikely) event that Amazon AWS (our host, currently the best in the business) went completely down, all you'd lose is the online functionality of 1password.com, but not access to your data.

    You can't currently make local backups of your 1Password.com account directly within 1Password apps at this point (though that's something we're looking into for the future, because we keep getting requests for it). Up until now, that's mostly because the locally cached data setup I just mentioned means most users wouldn't NEED to -- and also because the 1password.com server keeps iterative backups of your data for you, without any intervention on your part. However, we are looking into making local backups a reality in the future -- but for now, don't worry. :)

    Will you continue to support my PAID standalone version and update it?

    That depends a bit on what you mean. Your paid standalone version remains valid forever. That means the license you purchased will allow you to download, install and license the version you paid for, for as long as you continue to have hardware and legacy OSes on which it will run. It doesn't grant you free upgrades to new versions in perpetuity, and it doesn't mean that we'll continue to develop older versions of 1Password from years ago, long after their successors have been released. But since we launched 1password.com, whether you use standalone data and a license, or a 1password.com account, you use the same 1Password native app(s); there aren't two separate versions, one for local and one for standalone. Just different ways of paying for and using 1Password. So yes, again, in that sense, 1Password apps will continue to be developed -- and we've committed to continuing to sell standalone licenses for the upcoming 1Password 7.

    I can understand you want to establish a better revenue stream for your Company...

    Thank you, sincerely -- but you'll have to take my word for it when I say it really isn't about that. We created 1password.com primarily because there were so many cool ideas we had for new features that could not - and still cannot - be done with local vaults and 3rd party sync APIs. We love Dropbox and iCloud, but the reality is that these sync services are (by their nature of having to sync EVERYTHING) much more generic and limited than what we knew we could do if we built our own data hosting and sync engine dedicated solely to 1Password data, where we control both ends of the sync equation.

    So we did: we built that thing, and the result is 1password.com. If you're looking for a short list of the advantages of a 1Password membership (account), we’ve got one right here. 1password.com accounts are really superior if you have multiple people in a family or business who all want protection but also want to securely share data in virtually unlimited configurations --- but an account is also great for the solo 1Password user who wants their most-depended-upon software to (in Apple's language) "just work."

    Thanks for the question, and for letting me stretch out a bit to explain.

    ref: ZLG-48559-545

  • Lars
    Lars
    1Password Alumni

    @lark - see my reply to @jcminnesota, above. I think I hit all the points you might've been interested in as well. But if not, don't hesitate to ask anything that's still on your mind. :)

  • jcminnesota
    jcminnesota
    Community Member

    MANY thanks Lars for the detailed response. While some of the technical explanation went over my head, I understand that if your servers go down (unlikely I know...) the password data is somehow kept (cached?) on our devices and is somehow usable. But any changes made after the server went down would not take place across our devices until the server was operational. Did I get that right? And I also understand that we can continue to use our current standalone versions if we don't want to change to 1Password.com.

    As for the "revenue stream" I truely do understand and support the need for the 1P company to have a predictible source of income to keep experts like you employed...and happy! I and many others love 1P and want to see it supported and developing a subscription approach makes sense to me so you can predictably budget salaries, infrastructure and expenses.

    But at this point I am not personally seeing the benefit of switching to 1Password.com. I am also still concerned about not being able to have a local backup when your server might go down or the internet connection fails. With over 150 passwords that are encouraged to be complicated it would be very problematic to not have immediate access to them. Passwords, Credit card info, safe deposit box codes, etc can not be trusted soley to a distant server. Unfortunately to feel secure I would have to print out our passwords and put them in the file drawer----which we would not want to do and was the main reason to go to 1P in the first place.

    As a suggestion perhaps you could charge standalone accounts a "subscription fee" to qualify for future updates! that would provide a predictible revenue stream and pay the cost for development of updates as OS changed. I would gladly pay $3-5 a month to be able to continue to use 1P and see it updated to work with future MAC OS changes. I get that there is a large internal cost for 1P to code new versions as Apple (and Microsoft) change their OS and I (and I suspect others) are concerned that you will cease to support updates to the standalone version because of these costs. But if that is inevitable at least please give us a way to put a readable backup on our devices, or on a thumb drive so we can sleep at night! Again, thanks for your taking the time to respond in detail Lars..

  • AGAlumB
    AGAlumB
    1Password Alumni

    @jcminnesota: Thanks for the suggestions! Personally, having actually lost data in the past, it's worth it to me for the peace of mind alone: always having an offsite backup, and not having to stress out about remembering to backup my 1Password data regularly. I can tell you from personal experience that it's far more likely that some terrible fate will befall my own personal equipment than all of AWS going down in flames with my data stored in my 1Password.com account. You may have better equipment and failsafes than I do, but it's hard for me to imagine it being affordable to outdo Amazon. And if there's some temporary downtime (though my home internet goes out much more frequently), my data is available locally across several devices. Add to that all the other benefits of a 1Password.com membership and that's just icing on the peace of mind cake for me. Just something to consider.

  • jcminnesota
    jcminnesota
    Community Member

    Thanks Brenty. One more post from me. Maybe my concerns are based on ignorance! Seriously. I guess I don't fully understand how the 1Password.com will work with my devices. Syncing is handled by the remote server, right? My vault is removed and maintained on your server in the sky somewhere, right? Actually its not your server, but Amazons, right? And my passwords in the vault in the sky are maintained on my local devices, somehow, someway, right?. Not in the form of a local backup but in a "cache", right? What is a "cache" and is it accessible by the apps even if the server is not available? Are all of my 1P passwords in the "cache" or only those that were used recently?

    IF I can clearly understand that my passwords are still on my devices and able to be accessed by the 1P apps even if the AWS servers go down, I will feel better!!! Lars comment above is confusing because he mentions a local "cache" but also says: "However, we are looking into making local backups a reality in the future -- but for now, don't worry."

    As another suggestion for worry warts like me you might do a FAQ that explains in some technical detail how 1Password.com works differently from local standalone apps, but in "peter rabbit" language aimed at less technical user audience. If that makes sense. Don't worry just doesn't do it for me and probably many others.

  • AlwaysSortaCurious
    AlwaysSortaCurious
    Community Member

    Where you see the word cache, think ‘copy’ it’s a local copy of the data. If the connection is interrupted with the cloud, you still have your local copy. If you make changes or edits, it is stored in your local copy and the data sync back to the cloud once the issue gets resolved. For me, the 1P account is worth it since one subscription covers the app for all my devices and they sync without my help.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks Brenty. One more post from me. Maybe my concerns are based on ignorance! Seriously.

    @jcminnesota: If you're confused about anything, I'm sure it's our fault, so no worries about asking for clarification. :blush:

    I guess I don't fully understand how the 1Password.com will work with my devices. Syncing is handled by the remote server, right?

    Correct!

    My vault is removed and maintained on your server in the sky somewhere, right?

    Hmm. I wouldn't say it's removed. I think AlwaysSortaCurious 's (glad I don't have to try to say that ten times fast!) comments are a helpful way of thinking about it:

    Where you see the word cache, think ‘copy’ it’s a local copy of the data. If the connection is interrupted with the cloud, you still have your local copy. If you make changes or edits, it is stored in your local copy and the data sync back to the cloud once the issue gets resolved. For me, the 1P account is worth it since one subscription covers the app for all my devices and they sync without my help.

    To us, it's a "cache" because we know that the "real" data lives on the server: that's the "canonical" database. There are a lot of technical reasons why this matters, but to users it shouldn't. So I'm sorry if me being pedantic caused unnecessary confusion.

    Actually its not your server, but Amazons, right?

    Well, for all intents and purposes, we're just renting equipment and backspace from them. What's running on the server is developed and managed by us though.

    And my passwords in the vault in the sky are maintained on my local devices, somehow, someway, right?.

    I think it's important to note that your passwords are never sent to us, only encrypted blobs...but that may just be me being pedantic again. However, when it comes to security, we do want to dot our is and cross our ts. :sunglasses:

    Not in the form of a local backup but in a "cache", right? What is a "cache" and is it accessible by the apps even if the server is not available? Are all of my 1P passwords in the "cache" or only those that were used recently?

    Essentially 1Password for Mac and iOS have worked this way for a long time already anyway: the app keeps an internal database with all of the vaults and items you've saved in it, even when you're using local vaults, and even if you sync the data externally to iCloud or Dropbox. In that case, everything is stored on your device at all times.

    1Password.com accounts work the same, otherwise you'd have to be connected to the internet and download all of your vaults every time you opened the app. 1Password.com is very efficient, but that would be incredibly wasteful and would take some time to have to wait for that every time. So when you open and unlock 1Password, it only syncs changes from the server if you've changed things on other devices. The one exception to all of this is that Documents are not always stored locally on the device, only the ones you've downloaded there, since people can (and do) store some pretty large files in their accounts.

    IF I can clearly understand that my passwords are still on my devices and able to be accessed by the 1P apps even if the AWS servers go down, I will feel better!!! Lars comment above is confusing because he mentions a local "cache" but also says: "However, we are looking into making local backups a reality in the future -- but for now, don't worry."

    Some users have requested that we support local backups for 1Password.com data too, presumably because they want to backup the data themselves using an external hard drive or cloud backup service. This is not supported currently because there's no way to tell the server "delete all of your data and backups, I want to restore everything from a local backup", so what's on the device would be overwritten by what's on the server, since that's the most up to date.

    And a good practical example of "if the AWS servers go down" is that we took 1Password.com down ourselves for a bit yesterday for maintenance to do an upgrade. Anyone (including me) who already had the app setup on their devices could still use 1Password there normally, and only access to the website and syncing were affected temporarily until maintenance was completed. I actually was pretty busy using 1Password during that time and didn't realize this was happening until I saw an email notification that maintenance was finished.

    As another suggestion for worry warts like me you might do a FAQ that explains in some technical detail how 1Password.com works differently from local standalone apps, but in "peter rabbit" language aimed at less technical user audience. If that makes sense. Don't worry just doesn't do it for me and probably many others.

    The problem is that those two things are sort of at odds with each other, and in fact using 1Password.com doesn't make the apps work differently for you. I think it's just because you've been using 1Password previously that you're trying to to draw a distinction that doesn't exist for you as a user, as the main difference is added and streamlined features, rather than a whole new way to use 1Password. Hopefully this helps, but I'm happy to answer any questions you can throw at me! :)

  • jcminnesota
    jcminnesota
    Community Member

    Brenty....thank you and Lars for the detailed responses. I understand 1P.com better now and can see some benefits without the fears I have had. I expect this string will help others such as myself. I am very very impressed with the responsiveness shown by this interchange. That is in itself worth alot in terms of trust. Folks that use password programs may be more attuned to security issues than others and need more information before embarking on a new way of doing business. (Comfort Food for WorryWarts)

  • AGAlumB
    AGAlumB
    1Password Alumni

    Ha! You're welcome. And that's an excellent point. Let's not forget the nerds either! Those of us who are both need all the help we can get! :lol:

    Anyway, it's been a pleasure. Happy to help any time now or in the future! :chuffed:

  • ComradeHaz
    ComradeHaz
    Community Member

    As JC says. your replies (Lars & Brenty) have gone a long way in terms of instilling confidence in me that 1P is a sound product so thanks for taking the time to reply so comprehensively.
    -T

  • AGAlumB
    AGAlumB
    1Password Alumni

    Wow. Thank you for the kind words! One thing I love about the forum is that answers that help one person can potentially help others as well. Thanks for taking the time to read our long replies, and (as I'm sure you can tell) we're happy to answer any other questions you might have. Cheers! :chuffed:

This discussion has been closed.