On WLAN Sync in 1Password 7

1910111315

Comments

  • Thresh
    Thresh
    Community Member

    I use the 1Password on Windows , Android and iOS, so on 1Password 7 the folder sync can't help the sync between Windows and iOS. but in my place the visit for Dropbox is illegal, and on the Cloud the ISP will help some devision to crack our Valut, so the only choice is the Wlan. and in the 1password 4 it work very well between my devices, so please let come back for the safety net~~

  • frame
    frame
    Community Member
    edited April 2019

    We do not have any plans to add additional sync options

    @Ben, you don't need to add additional sync options. We already had a working Wireless Sync in our Windows 4 clients. It was perfect for those who used it. You actively removed it or rather didn't want to port it.

    This is what's so frustrating. We already had it. Then you took it and told us that the new ways of uploading data to a remote locations would be more secure. But as mentioned so many times before, legally not everyone can store this type of data outside the company. It is what is it.

    I'm currently using Folder Sync between my Mac and PC and let me tell you, this is an absolutely horrible experience. I'm counting the days until you also castrate the Mac Client and remove the Wifi sync there.

  • Searchlight
    Searchlight
    Community Member

    If a company or an ISP are breaking SSL encryption, inspect the content and then re-encrypt the data using a self provided certificate on devices that are under their control and trust the providing CA then for my understanding third persons are able to read the traffic and access the passwords that I am accessing using the browser or the X plugin.

    In this (widely becoming familiar) situation it would be a security benefit if I would be able to sync my data using another way e.g. local sync. How can I protect and sync my data across devices because the master password does not help.

  • kermit4karate
    kermit4karate
    Community Member
    edited April 2019

    If a company or an ISP are breaking SSL encryption, inspect the content and then re-encrypt the data using a self provided certificate on devices that are under their control and trust the providing CA then for my understanding third persons are able to read the traffic and access the passwords that I am accessing using the browser or the X plugin.>

    Phishing and DNS cache poisoning/spoofing are legitimate concerns where passwords are being entered into a web form. I think to their credit 1Password supports 2fa without supporting the almost laughably insecure text message-based 2fa. Sadly, they don't require 2fa. They should. To get the level of security the company claims to deliver -- to even come close -- customers who use 1Password on the web really should be enabling 2fa for their account.

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @Thresh!
    Thanks for your comments and your "vote" for WLAN sync. As dteare mentioned in his March 19 post, we doubt this will ever be returning at this point, but we definitely are glad to hear your views on the subject. I did have one thought to share with you while reading your post:

    ...and on the Cloud the ISP will help some devision to crack our Valut...

    Obviously, I don't know the ins-and-outs of your specific situation, so I won't try to comment on that specifically. But 1Password has always been designed from the expectation that hostile adversaries (whether governments or simply thieves/hackers) have already been able to obtain a copy of your encrypted data. 1Password wouldn't be very secure at all if we only planned and designed around the idea that no user's data ever fell into unfriendly hands. In fact, from a security standpoint anyway, that's probably the #1 reason people use 1Password: because it offers protection even in the worst of conditions.

    That's not to say other security measures aren't a good idea; they are. But unless your ISP or your country has managed to crack AES256 or you use a particularly weak Master Password, your 1Password data will be protected even if some combination of ISP/government agency manages to acquire a copy of your data. If you'd like to know how 1Password keeps your data safe when you use a 3rd party sync service, this is a good overview, or, more generally, the 1Password security model. If you absolutely must have WLAN sync between Windows and iOS, right now, then I suspect 1Password 7 for Windows won't be a good solution for you, since we have no plans currently to add it back. Hope that helps! :) :+1:

  • Lars
    Lars
    1Password Alumni

    Hey, @frame! :)

    We already had a working Wireless Sync in our Windows 4 clients.

    Yup. When work began on 1Password 4 for Windows five years ago in early 2014, the landscape was very different than it is today: the computer you use was different, the security landscape was different, the makeup of our user-base was very different. Not much at all has remained constant and unchanging over those years.

    You actively removed it or rather didn't want to port it.

    It's certainly not the case that we "actively removed it." As dteare mentions in his March 19 post on the previous page, 1Password 4 for Windows was written in an entirely different codebase (Delphi), which, for various reasons, could not be simply "upgraded" to include all the changes to both 1Password and to supporting technologies. In short 1Password 7 for Windows represents a complete re-write of nearly all of the code. It may look and feel similar (and that's of course intentional), but "under the hood," it is almost completely a different animal: everything had to be re-assessed as to whether it was a good idea to prioritize writing new code to re-create that particular feature/functionality. As far as 'didn't want to "port" it', we had a lot of priorities to address and a lot of work to do, and WLAN just didn't make the cut for the initial release. Because we weren't certain how much overall interest there was in WLAN sync, we asked right here for people to sign up for the WLAN newsletter, to gauge interest. A year later, around 530 have (I haven't checked the stats today for exact numbers). That's out of millions of users, and it means - as we suspected - that WLAN-to-iOS sync remains (for lack of a better word) somewhat of an edge case. Every other sort of device-to-device, local sync can be effected through other means (computer-to-computer can be done via Folder Sync, as can PC-to-Android). And of course, PC-to-iOS sync can be achieved, quite effectively, using either Dropbox or the much better 1password.com option.

    I'm currently using Folder Sync between my Mac and PC and let me tell you, this is an absolutely horrible experience.

    Indeed, this is one of the reasons why WLAN sync isn't getting built; because, at its best, it was difficult to properly configure (when compared to the relative ease of even 3rd party cloud sync solutions, let alone 1password.com accounts). These DIY/local sync methods tend to be plagued by all sorts of issues outside of our ability to control, including but not limited to network connectivity/firewall/filtering software, and many more. It was - and remains - our most fragile means of sync. How many times have users (myself included) simply forgotten to turn on the other computer so folder sync can actually occur, or forgotten to open 1Password for iOS on our phones/iPads while the PC on which we'd made a bunch of additions/changes to 1Password data was unlocked? Then we leave the house or office, thinking we're synced, get to another location where we need this data, only to discover that, nope, that didn't happen and now can't because we're no longer on our own local network?

    That's a mostly-rhetorical question, but the larger point is that our user-base now is way less technically proficient than it was in 2010 or even 2014. Password management has gone mainstream, and that means your mom - or your granddad - are now much closer to the profile of our "average user" (if such a thing even exists) than you are, in all likelihood. They're new to what we do, and if we offer WLAN sync to them, some number of them will choose it just because it's available, while others may read somewhere that "the cloud is to be avoided," so they'll choose WLAN sync thinking it will give them greater security, and expecting it will "just work"...and then wind up discovering only the hard way that's not so much the case. Having any of our users winding up with configuration or sync issues that could potentially even lead to data loss is just not a situation we're comfortable with, especially if WE offered them the options they chose as just another user preference/option.

    So, when the majority of our support issues for years has been from manual sync issues, it's not lost on us that those results were with our early, more-technically-savvy user-base, and it's made us wonder how much worse that might be with our newer user-base that skews less and less technical? Our goal isn't - and has never been - to provide the maximum number of options for users to choose from. It's to provide good security, and we're pretty confident we do that. We're not suggesting there aren't other means of providing good security, or that our way is The Only Way™. But we definitely believe that everyone (not just the technorati) deserves good security, and that good security shouldn't require a steep learning curve or a "pro" app with dozens or hundreds of options users must learn to navigate themselves to determine what's best for their own situation.

  • Lars
    Lars
    1Password Alumni

    @Searchlight - while tampering with TLS is certainly a real issue, what you suggested isn't particularly accurate. It's beyond the scope (and probably, the character limit of our forum software! ;) ) for me to go into too much detail here about how/why -- but fortunately, that's already been done very well by our Chief Defender Against the Dark Arts, jpgoldberg, in the 1password.com security white paper. Start on page 45 ("Transport Security") for the most-relevant overview, but the entire thing is definitely worth a read, to get a better sense of not just what exists to keep your data safe in 1password.com accounts, but the depth of thinking that went into designing the system.

  • Thresh
    Thresh
    Community Member

    @Lars Thanks for your replay, I have had read that **dteare ** said in when it comited. so that's why I still use the 1Password4 for a longtime, but the Chrome had change the cert, so I have to try 1P7 . (I know maybe the 1P cloud is a way,but I don't want a copy of my Vault out of my control,I had read some paper that had some quirkey way to part to attack it.maybe some day the data copy will crack by the develop of the tech. and second in my place the ISP will steal the privncy and to broken website randomly,I can't sure what day the 1P7 will block by them )

    so anyway if let Windows version add a Wlan server will simplify to add a filesync on iOS or not ?(We know under the iOS sandbox it's not easy.)
    or could you think about to add a filesync on iOS,so I can manuel sync the Vault ?

    Thanks

  • Lars
    Lars
    1Password Alumni

    @Thresh

    I know maybe the 1P cloud is a way,but I don't want a copy of my Vault out of my control,I had read some paper that had some quirkey way to part to attack it.

    If you're curious about 1password.com security specifically, we've got a very comprehensive white paper on exactly how we keep your data safe on (and traveling to/from) the 1password.com servers. It includes things like your Secret Key, as well as technologies we didn't invent but customized for 1password.com such as Secure Remote Password (SRP). If you're a security-minded person or just generally skeptical about how data can be kept safe "in the cloud," I'd urge you to read our white paper - it's the best resource there is for users to go through on their own.

    And we're always happy to answer questions, should you have any. I can't speak to the paper you might have read with the "quirky way to attack it," but if you can find it and show us the parts that concerned you, we'd be happy to address it. We may already have addressed it, in fact, since I'm aware of no existing viable attack on 1Password.com that we haven't already addressed and I suspect that, were there one, we'd have heard more about it. Let us know if you can remember what/where you saw something that you'd like us to address.

    ...could you think about to add a filesync on iOS,so I can manuel sync the Vault ?

    This one is probably a non-starter. iOS provides us no really reliable way to do this in the way that Android does. Even if they did, at this point, we're not likely to be adding further manual, local sync options to 1Password for Windows (or Mac). We're glad to continue to provide support for existing sync methods of this type, but we have no plans to spend developer time creating new ones, because our goal is what it's always been: to provide users a reliable and secure method of storing your most important data, not to provide them with the greatest range of options of varying ease of use and security. And, with 1password.com, we've done that better than we've ever been able to do it previously; that's going to be the way forward.

  • Thresh
    Thresh
    Community Member

    @Lars So is any to export the Valut from 1password7 back to 1password4 ,I don't find any way which could export an 1PIF file. if couldn't maybe I'd just consid to give up the 1password, I don't want to manuly to trans the Valut any more. feel so sad for it

  • Lars
    Lars
    1Password Alumni

    @Thresh - you should be able to use OPVault sync to switch relatively easily back to 1Password 4 for Windows if that's what you want to do. .1pif is an unencrypted format that we do NOT recommend be used for general backup or anything else. It's explicitly designed for migrating your data to another device or another solution. In 1Password 7 for Windows, your export choices are CSV or .txt. If you want to transfer to another solution or version of 1Password, you'll want the CSV option. But, as I said, I'm not sure why you wouldn't just use OPVault.

  • Smat1001
    Smat1001
    Community Member

    It's frustrating to hear that WLAN sync is unlikely to be coming back to 1password for Windows. One of the original reasons I chose 1password was WLAN sync as it was the easiest way to use a password manager while still complying with my work's BYOD rules. It sounds like the only way to maintain WLAN sync is have both v7 and v4 on my computer and move the vault from 7 to 4 when I need to sync. I'm hoping AgileBits will reconsider WLAN sync in 1password7 as I was unaware of its disappearance until I had to upgrade because of the Chrome Cert issue.

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @Smat1001! Thanks for taking the time to drop by and share your use-case with us.

    It sounds like the only way to maintain WLAN sync is have both v7 and v4 on my computer and move the vault from 7 to 4 when I need to sync.

    I wouldn't recommend this approach. 1Password 4 for Windows has been in legacy mode for some time now, and won't be receiving further updates for compatibility. That means, as time progresses, the chances for having changes in the underlying data format will probably increase the likelihood of unexpected and unpredictable errors. I'd hate to see you losing or duplicating or otherwise mangling data out of an attempt to maintain a setup that used to work for you, once upon a time.

    You didn't say whether you're still at the same job, nor why the rules prevent you from using a more-current and less-fragile method of data storage/sync, but 1password.com accounts are definitely going to be the way forward, especially if you need to sync between iOS and Windows. Let us know if you have any questions.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Phishing and DNS cache poisoning/spoofing are legitimate concerns where passwords are being entered into a web form. I think to their credit 1Password supports 2fa without supporting the almost laughably insecure text message-based 2fa. Sadly, they don't require 2fa. They should. To get the level of security the company claims to deliver -- to even come close -- customers who use 1Password on the web really should be enabling 2fa for their account.

    @kermit4karate: Given that 1Password memberships are already using more layers of security than local vaults and that people locking themselves out of their accounts is a much bigger problem as a result (e.g. getting a new device and not setting up the authenticator there before getting rid of the old one) I'm not sure it is reasonable to have two-factor authentication on for everyone by default. But more importantly two-factor authentication is not possible at all with WLAN Server and local vaults in general anyway, so it's not relevant in this context.

  • kermit4karate
    kermit4karate
    Community Member

    But more importantly two-factor authentication is not possible at all with WLAN Server and local vaults in general anyway, so it's not relevant in this context.

    I think you're joking so I won't take that too seriously. If we're talking about a strictly local vault, who cares about two-factor?

  • AGAlumB
    AGAlumB
    1Password Alumni

    That was my point exactly. ;) Which is why it isn't relevant to this discussion: "On WLAN Sync in 1Password 7".

  • Thresh
    Thresh
    Community Member

    @Lars Thanks for the notice,I've always think the OPVault is just work with 1P7, becaus the trial install it to tell me need to convert the Valut to OPVault,so I recongnized it just fit for the new generation , Thanks goddess ,I can use it back to my 1P4 to sync.

    So maybe the only way to consider Transform to 1P7 for me just use the VMware to keep an 1P4 in my PC to keep it forever~~ ;)

  • Lars
    Lars
    1Password Alumni

    @Thresh - I really wouldn't recommend that; so many things to potentially go wrong. Yes, it's possible. No, we don't recommend it.

  • kermit4karate
    kermit4karate
    Community Member
    edited May 2019

    That was my point exactly. ;) Which is why it isn't relevant to this discussion: "On WLAN Sync in 1Password 7".

    @brenty Is it though? We're talking about security as it relates to why some users (like me) prefer a WLAN sync or other local solution to 1password.com. It's just not cool to dismiss those concerns so casually. What happens if a bad actor clones the clean and elegantly simple 1password.com signin page and uses it to phish user passwords and secret keys? Seriously, how hard is that to do?? It would take like 10 minutes of work. Sure, the onus is always on the user to employ safe practices online in everything they do, but you can't deny there's a huge use case there for why some people absolutely do not want to use 1password.com, and many of those same people don't want to use the Web at all for something as important as a password vault.

    Just please stop dismissing the security concerns over why some users can't/won't use 1password.com. The business decisions are one thing and I get that. The company is basically saying that it can't afford the to support WLAN sync. At least that's a rational position. But there are ALSO valid security concerns involved. If one of your admins gets phished on a spoofed 1password site, what would someone get who has access to their vault?

  • If one of your admins gets phished on a spoofed 1password site, what would someone get who has access to their vault?

    Not any of our customers' 1Password data. Also, we use 1Password, which has anti-phishing measures built-in. It won't fill on a site that isn't 1password.com.

    In any case, we don't have any plans to implement WLAN sync in 1Password 7 for Windows. We also don't agree that it is/would be inherently more secure than any of the other sync options we offer.

    Ben

  • Lars
    Lars
    1Password Alumni
    edited May 2019

    @kermit4karate

    It's just not cool to dismiss those concerns so casually.

    How casually woud that be? We’re thirteen pages and a full year deep into this one thread alone on the topic of WLAN sync in 1Password 7 for Windows. I don’t think that qualifies as “casual dismissal” by any reasonable evaluation. It is true that what hasn’t happened in all that time is us saying: “OK, you were right and we were wrong; we’ll implement WLAN sync in 1Password 7 for Windows as a priority." But I hardly think not agreeing that WLAN sync is inherently more secure and choosing not to implement it qualifies by itself as "dismissal," and certainly not "casual."

    We absolutely understand that some users especially in work/business environments may be constrained in what software solutions they can use by corporate policies that can't be ignored -- but we can't make our own design decisions around what some small minority of users' situations might be. As for the people who have no such hard-and-fast rules but who won't use 1password.com? Well, that's why this thread has stretched out for thirteen pages and more than a year among a small group of passionate users (and us): listening to our users, and explaining our own thinking on the subject. At this point, though, I think the ground's been (more than) pretty well covered.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @kermit4karate: I'm dismissing your off-topic commentary and insults. If you actually are interested in talking about another security topic, create a new discussion for that and stop spamming this one please. :)

  • alexhrx
    alexhrx
    Community Member
    edited May 2019

    I have been a 1Password user for years and have always recommend it to family and friends. I had to spend 2 hours to figure out why WLAN Sycn is no longer supported the only reason I used & recommend 1Password to begin with. You have your reasons, I have my reasons, at the end of the day I cannot justifying paying for a version 7 license if the only feature I was ever interested in is no longer supported. Spending the time to research this then having to register on a forum to make a one time comment should be indication enough how much I cared for 1Password. Thank you for all the years but sadly I'll have to switch/find another solution.

  • We definitely appreciate that everyone who takes the time to post here is passionate about 1Password, @alexhrx. I've swapped between apps and services many a time myself due to one change or another (or even just wanting to try something new) and it's rare I take the time to tell anyone why. When I do take the time to connect with developers it is near universally because I don't want change and am really truly hoping my feedback will result in updates that mean I don't have to. Thank you for your support and taking the time to share. In this case, taking the time and resources to make the change you're looking for simply isn't practical in big picture terms, but your feedback is still valuable and always appreciated. :chuffed:

  • wirthcons
    wirthcons
    Community Member

    Hi I have been a long time user of 1Password. However, I just purchased 1Password 7 (upgrading from v4) and found out after setting it up there is no longer a wi-fi sync option for Windows? This was how I was syncing with my iOS devices. I am extremely disappointed. Is there any resolution of this issue in sight?

    The only reason I upgraded to start with is because Password 4 doesn't work in Chrome any longer.

    And just to confirm, no, I don't want a subscription with passwords syncing to your servers.


    1Password Version: 7
    Extension Version: Not Provided
    OS Version: Windows 10
    Sync Type: WiFi

  • AGAlumB
    AGAlumB
    1Password Alumni

    @wirthcons: Thanks for getting in touch. I've merged your post with the existing discussion. You can read more background on that in Goldberg's earlier comments, but as Dave mentioned above, we aren't planning to add WLAN Server to the new Windows app. If you've purchased 1Password 7 within the past 30 days and wish you hadn't because it does not have that particular feature, we can give you a refund if you shoot us an email at sales@1password.com

  • frame
    frame
    Community Member

    Hi @Ben

    Indeed, this is one of the reasons why WLAN sync isn't getting built; because, at its best, it was difficult to properly configure (when compared to the relative ease of even 3rd party cloud sync solutions, let alone 1password.com accounts).

    WLAN Sync was not difficult to setup. I still use it on macOS all the time and it's 100% fine. Zero issues. And the horrible folder sync is what you force me to use because of the stripped Wifi Sync on Windows... (I don't get why the macOS client tries to access the selected folder over and over and shows a million error dialogues when the folder is not mounted. How about giving up after attempt #1 or maybe not show an error message at all that interrupts the user?).

    Thanks for your lengthy reply, however you ignored my main argument: There are real situations where users are not permitted to hand over credentials to 3rd parties. It's a real world legal requirement, not a "false sense of security" opinion. You should see the European Data Protection contacts contractors need to fill out. There's rarely wiggle room and I will not bet my company (liability!) over your stance on hosted data. You cannot argue against this requirement by repeating over and over and your system is super secure. You can only chose to ignore it. The Wifi sync was (and still is on macOS) a way to solve this problem, but there's no other solution in sight.

    I must say that 500+ people who want this feature to come back is quite a lot. Oh, at least I feel better now, knowing that I'm not alone. :) I wonder how many more people would take notice when you strip this from the macOS client?

  • WLAN Sync was not difficult to setup. I still use it on macOS all the time and it's 100% fine. Zero issues.

    Great. I'm glad to hear it works for you. That is certainly not universally the case.

    There are real situations where users are not permitted to hand over credentials to 3rd parties.

    Fortunately under no circumstances are the credentials you store in 1Password ever handed over to a 3rd party unless you explicitly share data with them using one of our sharing features. That requires that you invite the 3rd party to join your membership, they create an account within your membership, you approve them, and then you share a vault with them.

    Ben

  • frame
    frame
    Community Member

    @Ben

    Fortunately under no circumstances are the credentials you store in 1Password ever handed over to a 3rd party

    I'm not sure if you're pulling my leg here. YOU are the 3rd party. I'm stunned that you don't get this. If a client hands me credentials or data I'm not allowed to store them anywhere except where approved: In most cases my office where I documented how I store them (GDPR basics).

    Now, I can declare that I store it in the cloud somewhere, but as mentioned before, there's often very little wiggle room for contract changes, esp when it comes to super hard clients, and in all cases my company vouches for my 3rd parties, which is you.

  • Lars
    Lars
    1Password Alumni

    @frame

    There are real situations where users are not permitted to hand over credentials to 3rd parties.

    Neither you nor clients would be "handing over credentials" to us, only encrypted blobs of data that we don't possess either the decryption keys to read, nor the secrets with which to derive those keys (your Master Password and Secret Key, which are never transmitted to us).

    It's a real world legal requirement, not a "false sense of security" opinion. You should see the European Data Protection contacts contractors need to fill out.

    Our 1Password.eu instance is located in AWS's Frankfurt data center, and we've got users - both individual and enterprise - from all over Europe, including companies in Germany and many of the other stricter data protection countries. This is made possible - and happening currently - because we're fully compliant with GDPR in both the .ca and .eu instances of 1Password accounts. We're aware that there may still be some companies whose internal restrictions are even more stringent than this, but that's a use-case we're seeing less and less of, as companies overall tend to get over the knee-jerk "cloud=bad" reactions that were more common three or four years ago.

    However, it feels as if we're getting a little far afield from the topic of this thread, WLAN Sync in 1Password 7 for Windows. For many of the reasons already given in this thread, we've no plans currently to spend time re-creating WLAN Sync code in the fully-rewritten 1Password 7 for Windows. I'm not sure how much more clearly we can be saying this. We DO hear your points, but if these are deal-breakers for you, then I'd urge you to explore other options for password management that may be a better fit for you. There are many solutions in this space, and while we believe we produce the best of them, we're quite aware that we can't be all things to all people -- so if you're one of the people with use-cases for which a different solution fits your needs better, then as long as you're not having clients using sticky notes on their monitors to remember passwords or an Excel spreadsheet, we'll be happy with whatever you choose. :smiley:

This discussion has been closed.