On WLAN Sync in 1Password 7

1235714

Comments

  • brentybrenty

    Team Member

    @ohreally: As I mentioned in the other discussion where you asked, it's not something we're working on. We're busy getting version 7 ready for release. :)

  • Security is not the only reason for WLAN sync.

    I use Windows desktops but iPhones. This means syncing via iCloud is not an option. I also do not use DropBox (i use OneDrive) WHICH YOU STILL REFUSE TO SUPPORT. So that means I HAVE to use WLAN sync to get data to my phone.

    And no I am not signing up for your online service. Your track record is not there. Service is to new for me to trust it. And after the LastPass hack I am reluctant to store a massive database of passwords on servers that are a HUGE target and I do not control.

  • without WLAN sync 1Password wont be an option for me anymore:

    • i dont want to store all my passwords on ANY cloud service (neither dropbox nor 1password or whatever)
    • without cross device syncing there is no more need
      it is really a pity you guys dont listen to your customers here. i saw a lot of news recently about the new 1Password 7 for windows, but in many comments to those news i saw people disppointed about the loss of WLAN sync.
      wheter 1Password cloud is more secure i dont want to discuss. i simply dont want ALL my PW data on a foreign server.
      And i think i am not alone with that. I think you want to push people towards your subscription plan and thats the only reason why you are leaving WLAN sync behind.
      pity.
      :(
  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    Thanks for your response, @crkinard. You are correct that we "refuse to support" OneDrive. As I said at the beginning of this discussion, we are trying to reduce the number of synchronization methods. So the chances of us adding another file based sync service is very small, and you should make your choices with that knowledge.

    You mentioned the (one of the) LastPass sever compromises. At the risk of repeating myself, our use of 2SKD (your Secret Key) means that if data were acquired from our servers, you would still be fully protected. We are not claiming that our servers could never be compromised. While we do what we can to prevent server compromise, we have designed 1Password so that such a compromise would do minimal damage.

    I fear that I am repeating myself and that if what I've said so far has failed to persuade, repetition isn't going to help. I hope that as things progress, you will come round; but if not, I hope that whether with 1Password or not you find a solution that works for you.

  • MikeTMikeT Agile Samurai

    Team Member

    Just a heads-up, we've moved this thread to our general Windows forums as we're getting close to our first stable release soon.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    edited May 2018

    Just a heads-up, we've moved this thread to our general Windows forums as we're getting close to our first stable release soon.

    Thanks for that. I've updated the original posting to mention the move.

    We will have a lot of new people joining this discussion, and so ...

    Newcomers to this discussion

    Please read my initial posting. Nobody can be expected to read the entire discussion, but it is useful all have a starting point.

    Register your interest in WLAN sync for 1Password for Windows 7 and let us know why it is valuable to you.

  • It might just be me, but this new product seems very marketed towards your cloud monthly fee service. Almost along the lines of forcing users to use the more secure 1P Cloud service or use other cloud services that are very low in security for syncing purposes (to phones and such). As a 1P user, i refuse to use the cloud to store my encrypted password banks, this is fairly dumb in my opinion when quantum computing is right around the corner. Quantum computing will be able to break this encryption fairly quickly, but thats 4-5 years out. Here's an idea, since you are suggesting its a 'nightmare to support' WLAN local network Syncing, develop the WLAN local network and offer it as an addon to the ver7 software. Add a costs (don't go crazy) for the add on and then you will only support those who add this feature which will most likely be the ones who already know how to fully use it and figure out issues on their own anyways. I don't know your development costs nor your business model, but if you start dropping features that customers like, you will end up with negative feedback that could multiply very easily. That would not be fair to 1Password as it is a great product, minus this decision of taking away a feature you designed into the product to begin with.

  • oinodinoinodin
    edited May 2018

    .. I start to write a really angry post ... but calm down ... but my future use of 1pass dependent on this one question ...
    will you implement WLAN sync/server (whatever you want to call it) ???
    if yes when if no how I can ask for a refund of my money which I spend on new license

  • AgileBits Team,

    Congrats on getting this version of your Windows product out the door, I know it's been a lot of work and a long time coming. Some of you (and readers here) are possibly familiar with my disappointment that I can't recommend the product to a family member, who is not prepared to have her password data leave her house; I won't rehash all that today.

    I will say, though, that I hope delivering this milestone will enable AgileBits to give additional consideration to implementing this feature before long. Then I can get on with the business of recommending your product wholeheartedly, to all comers.

    Todd

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    Hi @oinodin,

    I can't give a definitive answer to your very reasonable question:

    will you implement WLAN sync/server (whatever you want to call it)

    We are not committing to doing so, and we are not declaring that we won't.

    if yes when if no how I can ask for a refund of my money which I spend on new license

    You should make your decisions based on what is in the product today instead of promises of what we will do. Even the most sincere and best intentioned promises of some software feature can go unfulfilled1. If WLAN synching really is essential for you, then you should write into support to get your refund. I do hope that you will read over some of the earlier discussion about the security benefits (or not) of WLAN before you make that decision, but it is yours to make.

    Also, if you have not already done so, please have yourself counted as someone seeking WLAN sync. And again, please read through some of the prior discussion to see if WLAN sync really is necessary for you.


    1. Anyone remember our Webdav promise seven or eight years ago? We had that 95% done when we made that promise, but the following six months work on the remaining 5% still left us with something too unreliable to release. We try very hard to not be in the vaporware business, and you should not purchase vaporware. ↩︎

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    That's an interesting idea, @dieseldawg. And a paid add-on also helps address the problem of people selecting the method without due consideration. It helps ensure that only advanced users who really want this would do it.

    It's really messy to deal with the licensing and payments for paid add-ons, so that whole infrastructure would need to go into the cost. But if there are enough people who would pay real money, it might support a developer. I suspect that there wouldn't be enough people to who would be willing to pay for such an add-on to make this viable, but that is only a suspicion.

    I will not hold you to this, but can you give me an idea of how much extra you would be willing to pay?

  • brentybrenty

    Team Member
    edited May 2018

    @ftwilson: Thanks for the kind words, Todd. It's been a long road, getting from there to here, and it's great to finally be able to share the new app with everyone. I'm sorry that it doesn't have everything you want though, and WLAN Server is something we'll continue to evaluate carefully.

    Back when we originally created "Wi-Fi Sync", it was the only way to sync 1Password data between devices. So while today it may seem like "why not?", in reality if other options had come along sooner we wouldn't have bothered. I know that some people prefer this, and that it feels bad to no longer have the option, but it's one of those things where it wouldn't be missed if it had — just due to how things played out — never existed in the first place. Ironically, the vast majority of 1Password users today don't miss it, some because they never used it, others, pointedly, because they did and are glad to have other options now that are not only easier to use bu also more secure.

    And that's sort of where we're at with this: apart from the realities of development and support costs, we also don't like being in the position of presenting users with an option that can be misconstrued as offering security properties it does not, and not only give them a bad experience with 1Password but also put their data at risk. Those are bold claims, so I know I have to back them up...but you wouldn't be wrong if you thought to yourself that I'm talking about something other than WLAN Server right now. And you'd be half right: the same applies to two-factor authentication. Give me a few minutes, and I'll tie it all together.

    One of the more popular feature requests we've had in recent year has been two-factor authentication. This isn't possible with local vaults at all, since 1Password uses encryption and not authentication to secure the data; there's simply no authentication component involved — nothing at all to authenticate with. But of course with 1Password.com that is not the case: while the security model is still built on encryption, there is an authentication component with the 1Password.com server, so it's something we could technically add. After resisting for a long time, we did.

    So why did we fight it? Because overwhelmingly when we asked people why they want "2FA", we were told that this would allow them to use 1Password safely on any computer, even public ones, or on their own if it was infected with malware. This simply isn't the case, so every time we heard something like that, it set off more alarm bells and made us even more resistant to adding it. To be clear, two-factor authentication does offer a security benefit that can help with some types of attacks, especially replay; but the last thing we want to do is for people to be less secure because they believe that a feature we offer protects them in a way it does not. In the end, we added this feature because many businesses told us that this is a requirement for them to be able to use 1Password, often for regulatory or compliance reasons.

    And that brings us to WLAN Server. Why not implement that as well, since there's interest? So far, it hasn't been requested nearly to the extent that two-factor authentication was, yet it raises similar concerns:

    • It's difficult for most people to use: many people over the years that I've personally helped have had trouble getting it to work due to networking issues, and it is putting a lot of burden on the user to manage it — you have to preemptively think to sync before you need the data, or you won't have it.
    • It's much easier to hose your data: even more technical folks run into issues because they try to use it in clever ways it isn't designed to work; using a mobile device as a "mule" to sync between computers comes to mind, and a lot of people have lost data as a result of things like that, or simply devices being out of sync time-wise, and newer data being overwritten by old as a result. So, you also have to remember to back everything up preemptively. Not everyone does that (I'd wager most).
    • It's easy for it to be misconstrued as a security feature: it isn't; as Goldberg mentioned already, some people will on their own or due to advice from others perceive syncing locally as safer, but 1Password simply doesn't depend on the sync service to protect your data. That's the encryption again. And when people use it because of that belief, they run into the other difficulties.

    Now, I'm fairly confident in saying that these concerns may not apply to you, or many others in this discussion. But the problem is that if we put it out there, other people will use it too — people for whom WLAN Server is not suitable. Nevertheless, us offering it at all is a tacit endorsement, and frankly we're the ones responsible for supporting it. We can't give those people their time back when they have to troubleshoot, or their data if they have conflicts. Yet at the same time not offering it is an impediment for some people using 1Password. So it's not a decision we will make lightly one way or the other.

  • Thank you for the reply @jpgoldberg, and here are my thoughts on pricing and i don't mean to sound out of touch here with costs as i know everyone will feel differently about this. You should make this a percentage of the costs of version 7, so if version 7 is 70$ i say you make the add on no more than 20-30% of the product. So my thoughts are a 15-20$ add on costs. As for will there be enough people to pay for this, well you need to find out your development costs, then divide out what your going to charge and find your cut even point. Then start another forum group topic with this as topic or a link for people to sign up that they would pay for it using their email as first commitment. This way you don't have any development costs until you decided if you have enough people to justify the development. But from my view you should do this even if you only have 50 people because your doing this for your customers and not completely for the company itself. However, I understand we all have bottom lines to meet.

  • @brenty Thank you for the reply, and I have read this reply many times now so I know your a little exhausted repeating it also. But I will say this, your points of justification away from WLAN Local Network Sync are completely bias to your views and the path 1Password is trying to push their customers to. I will explain by diving into your points below:

     1) First point you make: _"It's difficult for most people to use: many people over the years that I've personally helped have had trouble getting it to work due to networking issues, and it is putting a lot of burden on the user to manage it — you have to preemptively think to sync before you need the data, or you won't have it."_
    

    Your assumption here is based off of experience with non "techie" users i would assume. Do not throw all users into this bucket, for those like me who have a deep understanding of tech have 'never' contacted you for help with this tool. So please don't assume that from your experience with certain users that all users have this problem. Again reference my earlier statement about a paid for add on mutes your point here.

    2) Second point you make: _"It's much easier to hose your data: even more technical folks run into issues because they try to use it in clever ways it isn't designed to work; using a mobile device as a "mule" to sync between computers comes to mind, and a lot of people have lost data as a result of things like that, or simply devices being out of sync time-wise, and newer data being overwritten by old as a result. So, you also have to remember to back everything up preemptively. Not everyone does that (I'd wager most)."_
    

    Again, i will make the same point as i did above, your throwing everyone into a bucket here and not recognizing all the customers who never called you for help and were completely satisfied with the tool. Sure some techie people tried different things with your product, that's kudos to them for trying to advance your setup. Although it backfired on them, i bet they never did it again. You cant use the "creative" thinkers as an excuse why not to develop a tool.

    3) Last point you make: ___"It's easy for it to be misconstrued as a security feature: it isn't; as Goldberg mentioned already, some people will on their own or due to advice from others perceive syncing locally as safer, but 1Password simply doesn't depend on the sync service to protect your data. That's the encryption again. And when people use it because of that belief, they run into the other difficulties." ___
    This is a valid point, but NOT completely applicable to this WLAN sync. Why do i say that, because i beg the differ to your point with emphasis on a database that's NOT in the cloud is safer than one that is. Whether that's 1Passwords or DropBox, it doesn't matter, no matter how many Hashing attempts you run, secondary keys, or 2FA, and so on, the very valuable customer database now sits in the cloud with a target on it. You are a much bigger target to a hacker than I am. I know your product is very safe and i don't doubt you do everything possible to make it safer, but at the end of the day were only 4-5 years from Quantum computing which will smash all current day encryption. So for those who use your product like i do, there's no safer way of keeping this data except Offline. Again, this is my view but i stand on it strongly. I use your product by storing the database on an encrypted USB drive, i back this drive up to other USB's i have and store them in a safe. I load your program from the drive and sync my phones to this. My database is obviously encrypted on the software side, and my USB is encrypted on the hardware side. My view is a database that contains the most important data to you should never be kept online. So the safest data is data that's OFFLINE. No one can even attempt to hack or break into something they don't have. So by taking away WLAN Local Net Sync, you basically push me back to ver4 which I wont be on long.

    A lot of your points above only make me believe 1P is trying their hardest to get everyone on a monthly subscription which makes them the most money. Everything's about the capital, sadly to say. I know I am not like most of your customers, but there are probably a lot like me, particularly ones that know how to hack. I make my points above because i am tired of seeing excuses for why your not doing this WLAN Local Sync, the only legitimate excuse in my book that your delivering is development costs and i gave a solution to that already. This push by all companies everywhere to the cloud is getting out of hand. Sure its very convenient but privacy is dropping majorly. 1P i would think stands for protection of their customers data, so don't force your customers into your business model of making more money. Again, these are my views and at no point am i upset or hollering. :)

  • @brenty Thanks for your info above and points. I have read these points before earlier in this discussion so I know you’re probably tired of making them over and over. Although I believe, they are bias to 1Passwords business model of getting everyone to a paid monthly subscription. Why do I say that, let’s look at your points:
    _ • "It's difficult for most people to use: many people over the years that I've personally helped have had trouble getting it to work due to networking issues, and it is putting a lot of burden on the user to manage it — you have to preemptively think to sync before you need the data, or you won't have it."_
    o Do not put every customer into one bucket here, a lot of users are techie like me and do not have any issues with this tool. We have never called you for support. Also, my earlier idea of a paid for version nulls this point I believe.
    _ • "It's much easier to hose your data: even more technical folks run into issues because they try to use it in clever ways it isn't designed to work; using a mobile device as a "mule" to sync between computers comes to mind, and a lot of people have lost data as a result of things like that, or simply devices being out of sync time-wise, and newer data being overwritten by old as a result. So, you also have to remember to back everything up preemptively. Not everyone does that (I'd wager most)."_
    o Again, you are grouping people into a bucket here based off your experience, and you are challenging those “creative thinkers” who have tried to use your product for different purposes. Yes, they failed or lost data but I bet they did not do it again and I also bet if the solution they found was great, you would have used it. All of my data is backed up and stored in a safe, this way I always have a hard and soft backup.
    _ • "It's easy for it to be misconstrued as a security feature: it isn't; as Goldberg mentioned already, some people will on their own or due to advice from others perceive syncing locally as safer, but 1Password simply doesn't depend on the sync service to protect your data. That's the encryption again. And when people use it because of that belief, they run into the other difficulties."_
    o Yes, you have some valid points but take a step back and ask yourself, is it safer to leave your data in the cloud or locally. Who will a hacker target more, the company with a lot of data or a single user with small amounts of data and no proof they even have a password database. Yes, you make things very secure with extra keys, hashing, etc, but at the end of the day, it is always safer to keep what data you can offline rather always online. This does not make sense to me to store any very valuable data to the cloud, as it could be backed up without your knowledge thus even if you delete your data, it could still be somewhere. Therefore, in 4-5 years when Quantum computing starts taking its strides, encryption today will be defeated very easily. This is why I use 1P by storing my database on a hardware encrypted USB. I have three layers of protection, 1st is the USB’s Hardware encryption, then I have an VeraCrypt drive on the USB, and lastly is the 1P database. Now I know most probably do not use your product as I do, unless you know a little something about hacking.

    Currently I am forced to go back to ver4 to get synchronizing to work, as I refuse to store any of my data in cloud. If 1P will not consider adding this tool as an option, or even consider the option I suggested about the extra fee, then I will have no choice but to continue using ver4 and start looking for another vendor.

    1P is a security product that I believe is concerned about their customer’s privacy. So therefore, why do you push everyone away from a tool that makes your product safer to them? I understand bottom lines and having to make money to continue a product, but where do you draw the line when it comes to “risks”.

  • LarsLars Junior Member

    Team Member
    edited May 2018

    @dieseldawg

    ...take a step back and ask yourself, is it safer to leave your data in the cloud or locally.

    If you've been reading through this thread, you already know our answer to this question: any competent attacker who targets you will be looking to access your data directly. We would never suggest that our servers are unbreachable, or even that a breach will never happen. We take substantial measures to ensure this doesn't happen, but in fact, 1Password has always been designed with the assumption that an attacker has already managed to find a way to obtain your 1Password data. Whether that's because you left your phone in the coffee shop and they have direct access to the device itself, or because they managed to worm their way into one of our AWS instances and bypass enough of our security to obtain it.

    In the former case (your device is actually stolen), your data are secured by your Master Password. That's why we spend so much effort on teaching people how (and why) to choose a good Master Password; it's your primary line of defense. But in the latter case (your data is stolen from our servers), you have the additional protection of 2-Secret Key Derivation which adds another layer of protection against just such an occurrence. Your Secret Key is generated randomly and locally on your own device when you first create your account, and is never transmitted to our servers. That means someone in possession of your data only would not be able to decrypt it locally or on our servers without the Secret Key, even if they did have your Master Password.

    For more of our reasoning about whether "the cloud" or your own local network is a safer place for your 1Password data, please see Jeff Goldberg's first post in this thread, specifically the section on Security of WLAN versus 1Password accounts.

    1P is a security product that I believe is concerned about their customer’s privacy.

    Yes.

    So therefore, why do you push everyone away from a tool that makes your product safer to them?

    We don't. We genuinely believe that 1password.com memberships are not only easier to use and present most users a far smaller range of options for getting into trouble with their data through simple error, but are also more secure than standalone local setups in the majority of cases, and no less than equal in security in a small handful of cases.

    I understand bottom lines and having to make money to continue a product...

    The fact that we're continuing to offer standalone licensing for both 1Password for Mac and 1Password for Windows should serve to show that this isn't about money. Sure, everyone likes getting paid for their work and we're no different. But we didn't build 1password.com as a moneymaking tool. We built it because of the potential (which we're realizing) to increase 1Password's usability and security.

    ...but where do you draw the line when it comes to “risks”.

    I believe between Jeff Goldberg's original post in this thread and what I've written above, I've addressed that question, so I won't repeat myself here. But I will take a moment to stop and say that if you believe we are actively working to lower our users' security for money or any other reason, then you should stop using 1Password and find another tool to accomplish your purposes. You're obviously someone who gives a great deal of consideration to all aspects of your own security, from the technical to the strategic; I can't imagine why you'd want to knowingly continue to use a tool developed by people who you've concluded are intentionally lowering your security for any reason.

  • @Lars

    Good points but we will stand on different sides of the table concerning which is safer, cloud or local.

    Concerning your points of making standalone products as to why its not all about money, I will have to trust your statement here as i don't know your financials. Although comments were made by your teammates that development costs are the reason why this tool hasn't been created, therefore at some point it has to be about money.

    The Risks comment i made was more about the users your going lose because of one tool that wont be developed, notice the comment i made about "product safer to them". "Them", being the individuals in this forum that are complaining about the loss of the tool. Not all users, as some users obviously are very happy with storing their data on the cloud. I should have emphasized more on the point of who them was, so my apologies. Although, you ran with this assumption and took to the next level with your ending statement of "I can't imagine why you'd want to knowingly continue to use a tool developed by people who you've concluded are intentionally lowering your security for any reason.". I am using your tool because I really like your product and hate to see great functionalities lost. You made a large assumption here and now ended the convo with a very ill statement. Thanks for your time though.

  • brentybrenty

    Team Member

    Do not put every customer into one bucket here, a lot of users are techie like me and do not have any issues with this tool.

    @dieseldawg: I don't blame you if you got bored and missed this at the end of my reply to ftwilson, but I did acknowledge this:

    Now, I'm fairly confident in saying that these concerns may not apply to you, or many others in this discussion. But the problem is that if we put it out there, other people will use it too — people for whom WLAN Server is not suitable. Nevertheless, us offering it at all is a tacit endorsement, and frankly we're the ones responsible for supporting it. We can't give those people their time back when they have to troubleshoot, or their data if they have conflicts. Yet at the same time not offering it is an impediment for some people using 1Password. So it's not a decision we will make lightly one way or the other.

    You also mentioned,

    Again, you are grouping people into a bucket here based off your experience, and you are challenging those “creative thinkers” who have tried to use your product for different purposes. Yes, they failed or lost data but I bet they did not do it again and I also bet if the solution they found was great, you would have used it. All of my data is backed up and stored in a safe, this way I always have a hard and soft backup.

    Hey, I wish it were true that everyone else backed up. Saying "they failed or lost data but I bet they did not do it again" is easy for you and I — I've lost data when I failed to backup — to say when it affects only us, but at AgileBits we have to consider millions of other 1Password users when we make decisions like this. I can say "lesson learned" when it's my data lost (still, easier said than done), but that's not acceptable when it's our customers'.

    I think it should go without saying that while my experience may not be representative of the entire 1Password user base, it's much wider than yours will be. That's not a knock against you; it's just the reality. I've helped many technical users (the sorts that like to debate the relative merits of our implementation which relies on Bonjour to some extent for network discovery) as well as those less-technical. WLAN Server skews much more toward the former though, so we hear from them a lot too. You can't have it both ways. :)

  • @brenty Thanks for the reply and i did not miss your ending statement, i just felt your statements were somewhat generalized. Either way this turns out, thanks for the professional reply.

  • I was about to purchase 1Password 7 for Windows (it is a huge step forward usability wise!), but decided to check for support of WLAN sync at the very last moment - it's a shame you don't support it anymore, even though the license cost went up significantly. It means no 1Password 7 for me now and quite likely no 1Password at all going forward. That's really unfortunate. It was a feature that made the application to stand out. Hope you change your mind.

  • LarsLars Junior Member

    Team Member

    @dieseldawg

    I am using your tool because I really like your product and hate to see great functionalities lost. You made a large assumption here and now ended the convo with a very ill statement.

    I'm sorry for the misunderstanding! I'm not quite sure what you meant by "ill," but while it's never my intention to treat people on this forum antagonistically, there are some perspectives people express that I will confess I find it difficult to engage with because they assume a level of distrust or bad faith on our part that simply isn't there.

    In general, I stand by the statement that if people think we're actively working to lower their security or force them onto a path of lower security either to line our own pockets or because it's too much work for us to be bothered with anything else, there just isn't much room for further discussion along those lines. We can repeat "that's not what we're doing," and "here are the reasons for the decisions/choices we did make," but if someone's already ascribed that level of ill-will to our intentions with respect to product development choices, they're not likely to be persuaded by us just repeating ourselves. And I do wonder why anyone who assumes that level of bad faith on the part of any company (not just us, but yes, especially a company to whose products you entrust your most sensitive/valuable information) would continue to use their product(s).

    If that's not you, then I apologize for the misunderstanding. 1Password has evolved quite a ways from the days of even 1Password 3 for Mac, let alone from the very beginning. The overall idea is still the same (password management), but portions of what constitutes good practice - both for us, and for users - have shifted over time as the threat model/landscape has shifted. Security is a moving target: there's no way to ensure that what worked yesterday will still be good tomorrow, which is what drives the vast majority of the changes we make. And yes, those changes include not just adding or upgrading features to keep pace with new technology and emerging threats, but also occasionally removing things that have become obsolete or compromised or otherwise less useful than they once were. As Jeff Goldberg mentioned in his initial post in this thread, we're currently evaluating how much need for/interest in a WLAN solution that is needed for the specific use-case of Windows/iPhone users (Android users can already use Folder Sync to achieve a local sync solution). If you haven't already, the best way to register your support for continuing this feature is by signing up for the WLAN-sync newsletter. Thanks for the conversation and your passion for 1Password!

  • @Lars Thanks for the professional reply and statements. I look forward to a decision being made at some point on whether this gets implemented or not.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    At the risk of contradicting my friend and colleague, @lars, I take the opposite view. People should make security decisions with a view toward "what if the vendor turns or is evil". (Yes, I know that is not what @dieseldawg was saying, but I will deliberately read it this way so that I can make a few points.)

    Although we are good guys, and it does hurt when the people attribute the worst of motives to our actions, we have to build and deliver a system that is trustworthy even if we are not. We design 1Password to keep customer data safe even in the face of a insider attack. It's not that we expect insider attacks, but if we can defend against those, then we can also defend against our systems being compromised.

    So I am asking people not to trust me or to trust us, but to look at the design and implementation of 1Password, much of which is independently verifiable, and decide whether you trust the system against the plausible threats.

    What has frustrated me in this discussion is that I'm an encountering a "I will never put anything in the cloud" as an absolute dogma instead of thinking about the actual threats and looking at our design with respect to those threats.
    So while we listen to many of you express why WLAN sync is so important to you, I would like you to examine our system and see what we have done to protect against the threats to having such data in the cloud.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    Thanks @dieseldawg for your answer about add on charges. I'm guessing that it wouldn't pay for itself, but that isn't a reason to reject the idea. We often put development effort into things that don't pay for themselves. Much of the work we do with security falls into that category.

    We lose customers because of the added complexity of the Secret Key in our key derivation. It makes enrollment harder and it puts a burden on users to manage a kind of secret that unlike any they have ever encountered before. It makes lots of things we do more complicated for us and for users. It is doubtful that most users fully grasp the security purpose of the Secret Key. So it is hardly a selling point for any but a few people. We have not found an effective way of turning this into a selling point.

    We've been in sales meetings with potential customers in which they've said to us explicitly, "we don't care how much more secure you are compared to your competitors. We figure you are all good enough." For people people reading this discussion, our security and privacy design does sell, but in general it is a costly feature that we do not make up for in sales. We do it because it is the right thing to do.

    I've also said that WLAN is costly to maintain and leads to user confusion. But what makes the Secret Key different is that the Secret Key offers a very strong defense for (almost) everyone against an otherwise very substantial threat. It protects people if data is stolen from our servers. Now obviously WLAN sync protects against the same thing. If everyone were using WLAN sync, then we wouldn't need the Secret Key. There is no reason to do both. And indeed, if you are using local vaults only, you don't have a Secret Key.

    But because there are other advantages to using the service than WLAN sync, it makes sense for us (and I would hope you) to prefer the service with the Secret Key over WLAN. But we are willing to spend money to protect you from the consequences of a breach of our servers.

    So while I find your suggestion of an add-on fee, I see its primary value as not a way to cover costs (I don't think it would), but as a way to limit WLAN sync to those who really, really want it. And requesting the add-on would give us another opportunity to try to explain why we think it does not server users privacy and security interests as much as they may initially believe.

  • If AgileBits declines to update 1Password 7 for Windows to allow WLAN sync, or something similar, as I outlined in another thread here, I will reluctantly stop using the product and encourage everyone I've recommended it to specifically because of WLAN sync to stop using it too.

    The reason is because, despite the fact that I do completely trust the company's intentions, there are too many examples out there of companies that convincingly assured the public beforehand that they were doing things correctly, handling security properly, and yet were still breached. I simply don't want my vault stored in the cloud.

    As for whether my local setup is as secure as AgileBits', I don't know. I do know that I've never had my personal information compromised because of my home setup, whereas it has been compromised because of Adobe, Experian, Target, etc.

  • Also, I've read company representatives repeatedly mention in this thread that they don't know how many of their customers actually want WLAN sync; hence this thread.

    Really? If you were to do a SurveyMonkey survey and send it out to your newsletter subscribers with questions like, "Would you be willing to pay extra for a new version of 1Password for Windows with WLAN sync?" and "How much would you be willing to pay for this feature?" -- you could get a clear answer more easily than you will through this thread.

    You should probably also be able to gauge the overall interest this way and could then make an informed business decision as to whether supporting WLAN sync is financially worth it.

    I'm just saying. Are you really interested in finding out how many people want Windows WLAN local syncing and how much they're willing to pay for it, or is this just lip service because you've already made up your minds?

  • Thanks @jpgoldberg for the replies and comments! At then end of the day, we have some very passionate users of the WLAN Local Net sync. So it comes down to when will the company have time to revisit this and will there be a decision anytime soon. Just curious if anyone knows that? I know its been said earlier in the thread that the concentration is right now on getting the ver7 out of beta and into users laps. But hopefully there will be an window of opportunity at some point soon to really pitch this "addon" idea or something similar to get this added into ver7? Thanks for everyone's time and thoughts.

  • LarsLars Junior Member

    Team Member

    @dieseldawg - thank YOU for your comments! We spend the amount of time we do on this forum because YOU all do, and we're enormously grateful to have such an engaged and thoughtful user community. Much of what you see in 1Password today has come about at least in part from suggestions from and conversations with our users. You guys rock. :)

    So it comes down to when will the company have time to revisit this and will there be a decision anytime soon. Just curious if anyone knows that?

    I'm going to be as transparent as possible here: "I dunno." Really, I don't. The comments about getting both 1Password 7 for Mac AND 1Password 7 for Windows out the door, into users' hands and making any changes/bug-fixes we need to make, remains paramount for us for now. I don't like being vague with you, but to attempt a more-specific guess would be just that: a guess, and probably wrong, to boot, and I'd rather risk looking lame but be honest in saying I don't know than try to look prepared and wind up misleading you. I know that's probably not what you were hoping for, but it's all I've got right now.

  • edited May 2018

    @Lars Thank you for responding, but I hope the theme of this engaged user community forum thread doesn't get lost on the company. The dozens of engaged users on this thread are engaged because of one thing: not having WLAN sync for 1Password for Windows anymore and how absolutely disappointed and upset they are about it.

  • LarsLars Junior Member

    Team Member

    @kermit4karate - we'd be sorry to see you go, but you're obviously a security-conscious user who would choose another solution, which is the main thing we're interested in. No one solution or product fits everyone's needs/tastes, and we're well aware that the decisions we make have the potential both to attract users and discourage others. As @jpgoldberg alluded to above, that's not the prime reason we make many of our decisions. Heck, if we did, it'd be a lot easier: just figure out what the most popular approach is among users to any question, and do that.

    As for whether my local setup is as secure as AgileBits', I don't know. I do know that I've never had my personal information compromised because of my home setup, whereas it has been compromised because of Adobe, Experian, Target, etc.

    We would never presume to judge the security of your own setup, not least because we aren't familiar with it. But something we have in common with you to perhaps consider: in the years since our founding, we also have never had a breach of users' encrypted data -- at least none that have been reported to us. And although you've been a scrupulous user of WLAN sync, that statistic spans many years when quite a number of our users were happily using either Dropbox or iCloud...or even, sometimes, their own unsupported "DIY" solutions involving cloud providers. The point being: if your objection is to "the cloud," well, there's already data on that. Just some food for thought.

    Regarding user interest in WLAN sync, I'll refer to comments @jpgoldgerg made above: we frequently make decisions that aren't exactly moneymaking bonanzas -- the entire concept of the Secret Key isn't something that generates revenue for us. So it isn't the case that we're attempting to figure out whether we can monetize WLAN sync. But building support for WLAN Sync into 1Password 7 IS a significant amount of work, which is why we've released version 7 in the way we have: to gauge what level of real user interest there is in it. Users like yourself, for whom WLAN sync is a must-have will find their way either here or to our email inboxes, and you'll sign up for the WLAN sync newsletter and also share with us your reasoning for wanting WLAN sync.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file