On WLAN Sync in 1Password 7

191011121315»

Comments

  • Lars
    Lars
    1Password Alumni

    @distant - I would discourage you from continuing to use 1Password 4 for Windows. It was a great product in its day, but it was first introduced six years ago in 2014 and received its last meaningful update in late 2016. It hasn't and won't receive any further development attention, short of critical security fixes, should that be necessary. 1Password for Android has never had licenses; it's sold via the Google Play store. Hope that helps.

  • distant
    distant
    Community Member

    yeah it's a tough situation. current google play store only has the latest version. i will look into other alternatives. thank you for the replies, and no thanks to agile as a company, a betrayal of its own so called integrity.

  • Eriala
    Eriala
    Community Member
    edited May 2020

    I just use folder sync and installed Syncthing on both Mac (installed Syncthing via homebrew) and Windows (installed as package from Syncthing directly) to handle this. Syncthing keeps the folder up to date and that seems to work. Even if I have 1Password 7 open on both systems, any updates on the vault will live update on the other system within a few seconds.

    You can pair this with software like Zerotier or Tailscale to have it work easily over the internet as well.

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @Eriala! Thanks for weighing in. I'm always intrigued and often impressed by the individual setups some of our more-adept users come up with. Thanks for sharing yours. However, I want to stress to anyone reading this thread at this late date that while we've never claimed such setups don't work, we definitely will continue to remind people that they're uncharted territory and unsupported. They also require a considerable amount of DIY knowledge and may break with any future updates of either your chosen suite of sync/mirroring software, 1Password, or even the OSes on which you run. Each person must of course choose the security setup that seems best to them, but given the sensitivity and value of the information most people store in 1Password, we can't recommend such a setup to anyone, even the most hardy do-it-yourselfers out there.

  • Eriala
    Eriala
    Community Member

    Lars, thanks for the response and welcome. I have to lean in the opposite direction and encourage that people look towards using open source distributed systems on hardware they control for their most sensitive data.

    Addressing the point of whether this functionality may break on 1Password in the future: I acknowledge and respect that your team’s time and energy are valuable and you see the need to constrain the wildcards which might increase your support burden. Still, I would actually rather see the opposite stance from you. That is, a reassurance that atomic filesystem level operations are expected to behave sensibly and your clients will continue live-updating from filesystem changes and your team will go out of their way to assure this functions properly going forward.

    Saying, “Yes, we understand the merits of a defense in depth strategy which requires a fully self hosted cross platform sync solution,” will do nothing but improve your reputation and credibility as a premiere secure auth vault provider. This seems like a good compromise between the extremes of being a self-hosted sync provider and abandoning the notion that one is necessary for a robust defense in depth strategy.

    So I’d rather you say, “Hey, we don’t support Syncthing, but our team is aware of it and has done some testing to assure that our software shouldn’t blow up and corrupt your vault if you use a Syncthing-synced folder to store your vault.” I would be even more impressed if an engineer did a blog post looking at the way Syncthing handles syncing and the way 1Password is designed to gracefully handle external updates to opened vault files. Even potential caveats to the approach from a technical perspective (e.g., the implications of multiple people sharing a vault like this and the race conditions which might be encountered that way).

    No need to implement new features, no need to support them, but a nod to show that you care about being a robust provider for your most security conscious users.

    P.S. Mega-beaucoup-ne-plus-ultra bonus points if your team took up the charge to offer an open source packaged cross platform GUI wrapper to Syncthing as a way of reimplementing self-hosted cross-platform vault sync support and championing easy defense in depth for the masses. Maybe a good marketing opportunity!

  • Lars
    Lars
    1Password Alumni

    @Eriala - thanks for the feedback and ideas. :)

This discussion has been closed.