Request 1Password plug-in for Cliqz (at least for macOS...)

Hi,

Cliqz is a browser based on the Mozilla open source project. Currently 1Password for Mac unfortunately is not available as a plug-in for Cliqz and therefore I would kindly ask for providing 1Password plug-in for Cliqz. Thanks a lot.

I'm looking forward hearing for you soon.

BR, MrBroccoli


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: >= 10.13
Sync Type: Not Provided

Comments

  • brentybrenty

    AgileBits Team Member
    edited May 16

    @MrBroccoli: Thanks for reaching out! Last I saw, they do not allow installation of 3rd party extensions, and I'm having trouble finding otherwise on their website currently. Am I missing something?

  • brenty, I talked to them directly just a view minutes ago. They discussed already with AgileBits to implement a plug-in. But - as they told me - AgileBits is (currently) not interested due to the very small user base of Cliqz...

    Cliqz has implemented up to now two plug-ins: LastPass and Ghostery.

    BR

  • Additional information can be found here:
    https://cliqz.com/en/support

  • brentybrenty

    AgileBits Team Member

    @MrBroccoli: Ah, I see it now in the FAQ, under "add-ons" (I was looking for "extensions"). Right. Nothing has changed. They don't allow you to install extensions. Indeed, we've discussed it in the past, but we'd have to cede control of our own software to them and it isn't something we have plans for at this time. It can be rough enough dealing with App Store limitations, and that's a very large user base. It's something we'll continue to evaluate though, especially if they decide to support the open WebExtensions standard in the future, as both Chrome and Firefox do already. Cheers! :)

  • elisa_kelisa_k
    edited May 17

    Hi MrBroccoli, hi Brenty,

    Thanks for starting this discussion in the Forum.

    Indeed, Cliqz does not allow add-on installations.
    In order to provide our users with comprehensive privacy, Cliqz only supports third-party browser extensions that we have audited. Therefore, only those add-ons that we consider safe can be installed in our browser. So far, we integrated Ghostery, HTTPS Everywhere and LastPass.

    We have been in touch with AgileBits and were informed that it is not possible to integrate 1password into Cliqz because Cliqz is not in the hardcoded list of 1Password's trusted browsers. At the moment there is no formal processes in place for the addition of new browsers to the supported list.
    We however got the recommendation to use 1PasswordX and as we take the wishes of our users seriously we will check if an integration of 1PasswordX would be possible.

    We do our best to make sure this takes place soon to give our users the possibility to continue using 1password and Cliqz.

    All the best,
    The Cliqz Team

  • brentybrenty

    AgileBits Team Member
    edited May 18

    Hi MrBroccoli, hi Brenty, Thanks for starting this discussion in the Forum.

    @elisa_k: Likewise, thanks for chiming in, Elisa! Welcome to the forum. :)

    Indeed, Cliqz does not allow add-on installations. In order to provide our users with comprehensive privacy, Cliqz only supports third-party browser extensions that we have audited. Therefore, only those add-ons that we consider safe can be installed in our browser. So far, we integrated Ghostery, HTTPS Everywhere and LastPass.
    We have been in touch with AgileBits and were informed that it is not possible to integrate 1password into Cliqz because Cliqz is not in the hardcoded list of 1Password's trusted browsers. At the moment there is no formal processes in place for the addition of new browsers to the supported list.

    Indeed, it's tricky because our customers download the native 1Password apps directly from us (or from the App Store) and can verify their legitimacy that way, and, in turn, the app verifies the identity of the browser, whose code signature we recognize as one we've vetted. This allows us to establish a chain of trust where we know from 1Password until the moment it's entered into a website (which 1Password also checks to avoid phishing scams), we can know that the data is secure. So we only trust browsers that have been heavily vetted. Nothing against you guys of course, and I think we're on the same page here because you're doing the same thing with extensions. We all want what's best for our users, and "trust but verify" is crucial, even if it does present come challenges. The problem with disabling code verification (which, as noted earlier, is no longer an option) was that people would turn it off and this left a big security hole where any app — benign or malicious (posing as a browser) — could connect to 1Password. The only way to ensure that this doesn't happen is whitelisting, which is where we're at today.

    We however got the recommendation to use 1PasswordX and as we take the wishes of our users seriously we will check if an integration of 1PasswordX would be possible. We do our best to make sure this takes place soon to give our users the possibility to continue using 1password and Cliqz.

    I do think that's the best way to proceed for now. 1Password X is fully self-contained and sandboxed in the browser, so there is no risk of it facilitating the compromise of a user's system. Looking forward to exploring this further!

    All the best,
    The Cliqz Team

    Cheers! :chuffed:

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file