Secure note attachments not syncing

andrewstrauss
andrewstrauss
Community Member
edited October 2015 in 1Password 4 for Windows

I am trying to sync my secure notes from my PC to my iphone / ipad using WiFi sync. The attachments show up on the pc, but not on the iPhone / ipad. How can I get them to show up on my iPhone?

Running latest versions (4.6.0.586 on the PC under Win 8.1, 6.0.1 on iPhone 6 / iPad Air with iOS 9.0.2 with Pro features unlocked)


1Password Version: 4.6.0.586 on the PC under Win 8.1, 6.0.1 on iPhone
Extension Version: Not Provided
OS Version: Win 8.1, iOS 9.02
Sync Type: WiFi

«1

Comments

  • Hi @andrewstrauss

    Thanks for taking the time to write in. I'm sorry to hear about the trouble. The problem is likely that you're using our legacy keychain format, Agile Keychain, instead of the newer format, OPVault. 1Password for Windows does not sync attachments via WiFi when using Agile Keychain. You can learn about switching here:

    https://discussions.agilebits.com/discussion/comment/222384/#win

    Alternatively you can sync via Dropbox, which would not necessitate the switch to OPVault:

    https://support.1password.com/guides/ios/syncing.html

    Thanks!

    Ben

  • Ben
    Ben
    edited October 2015

    Hi @andrewstrauss,

    You make some fair points, and I sincerely apologize that the transition from LastPass to 1Password has not been more smooth. I'll try to answer each of your concerns, here:

    I have to say that the transition to 1password has been VERY frustrating, as MANY features don't work on certain platforms, or with certain sync methods

    Feature parity is definitely a goal of ours that we haven't yet hit. 1Password started out as a Mac only product, and was developed that way for years. When iOS gained the ability to have native apps, we jumped on it, and created 1Password for iOS. It was only after that that we started developing for Windows and Android. As such they have a bit of catching up to do. We're working hard on that, but being that Mac has many years head start and iOS a few... It isn't something that can happen overnight.

    So far, I have found that I can't sync multiple vaults from windows over WiFi sync, that I can't sync my secure note attachments, and that is just after a short use period (just over a week). I have no idea what other hidden incompatibilities I am going to find.

    You're absolutely right. I just looked through our iOS WiFi sync guide and it doesn't mention either of these:

    https://support.1password.com/guides/ios/sync-over-wifi.html

    The "sync options" page in our Windows guide does mention the fact that only the currently open vault will sync, but does not mention the attachment issue:

    https://guides.agilebits.com/1password-windows/4/en/topic/sync-options

    Ideally we'd "simply" add the ability to sync attachments over WiFi. The multiple vaults bit requires a huge amount of work under the hood, and so that is not at all a simple change. But I would agree that certainly our documentation could be more up front about the capabilities and limitations of WiFi sync (and other sync methods).

    With LastPass, everything just worked. I didn't have to worry that the default keychain format option would be a "legacy keychain format" as you call it.

    There is a huge fundamental difference between 1Password and LastPass, and that is the control of your data. With LastPass you have none. They hold your data and it is stored however they feel it should be stored. With 1Password you hold your data, and have some choice in how it is stored. You have the choice of if, and how, to sync. Some folks prefer their methods, others prefer ours. Both have their strengths and weaknesses.

    What data won't get transferred to the new keychain format?

    That is an excellent question and I am trying to find that answer for you (and have also filed a bug with our documentation team to make sure if that statement is still accurate that further explanation is added).

    Here is an idea......make your DEFAULT NEW VAULT FORMAT the current best choice, and not some legacy outdated one that won't work with a bunch of features!!!!!!!!

    I think the "best choice" could be argued either way -- OPVault is newer but as such is supported in less versions of 1Password (in part, as mentioned below). It is situational which is going to be "best" for each customer. We default to the one that works with the most versions of 1Password. One of the great things about 1Password is that you do have some choice in how your data is handled. If we made all of the choices for you, ... Well, we wouldn't be 1Password. We can agree that we can and should do a better job helping you make those choices.

    I don't know what features will stop working now if I change to the new format, as the document you linked to doesn't get into any specifics about the new format. It doesn't compare the two, and doesn't explain why I would want to use one format over the other. Just a completely vague document, typical of Agile Bits.

    That is my fault entirely. I should've also included these links, which explain the difference between the formats:

    OPVault Overview: https://support.1password.com/opvault-overview/
    OPVault Design (more technical): https://support.1password.com/opvault-design/
    Agile Keychain Design: https://support.1password.com/agile-keychain-design/

    DropBox doesn't use at-rest encryption for data

    No, but 1Password does. Agile Keychain encrypts all of your usernames and passwords, and OPVault takes steps beyond that encrypting metadata such as titles and URLs. Even when syncing with Dropbox they do not have access to your credentials:

    https://support.1password.com/how-safe-is-cloud-sync/

    If you told me up front that WiFi sync was a piece of junk not compatible with a lot of features

    The only feature it is not compatible with is that, on Windows, it cannot sync multiple vaults. On Mac, it can. Hopefully that is something that we'll be able to address in the future.

    Again I apologize that the transition has been a struggle. Please let me know if you have any further questions or concerns that I can address.

    Ben

  • Guess that means if I switch to OPVault, I won't ever be able to use Android. Another great "feature" or your product.

    1Password for Android does currently work with OPVault over WiFi. It does not work with OPVault over Dropbox (doh!). Again, we're working to bring feature parity across all of the platforms we support, but I don't know when that might be accomplished.

  • DBrown
    DBrown
    1Password Alumni
    edited October 2015

    @andrewstrauss wrote:

    On this page:
    https://guides.agilebits.com/1password-windows/4/en/topic/the-first-time-you-run-1password

    It states,
    "By default, 1Password will name the vault 1Password.agilekeychain and store it in a new 1Password folder it creates in your Documents folder. We recommend you accept this arrangement.
    Note: Be sure the vault you create ends with the .agilekeychain extension; otherwise, 1Password won’t recognize it as a valid vault."

    So.....changing the vault to OPVault instead of ".agilekeychain" means I won't be able to use the windows client anymore.....great....really good suggestion!

    As I recall, at the time that article was written, only AgileKeychain was recognized by 1Password for Windows.

    That is no longer the case, and the article should be updated. We apologize for the confusion!

    1Password for Windows can certainly use OPVault-format vaults, and it's not a difficult process to export all items to 1PIF, create a new vault using the OPVault format, and import the 1PIF file into the new OPVault.

  • Ben
    Ben
    edited October 2015

    @andrewstrauss

    Before I get into some detailed specifics, I just wanted to thank you guys for the prompt replies.

    You're very welcome.

    That is one of the things I like most about 1password, is how easy it is to communicate with someone at the company, and how you work hard to get customers answers. I wish the answers weren't so disappointing, but that is another issue all together. Thanks in advance.

    Thanks for the kind words, and feedback.

    It is of course difficult to take criticism of something you spend a good portion of your life working on, but we certainly appreciate the feedback, as it is one of the ways in which we can learn how we can improve. We've always been a company that has been driven by customer feedback. And so even when the feedback isn't all flowers and chocolate chip cookies, we really do appreciate it.

    Yes....this is what has been frustrating me the most. Certain features only work with some OSes, others only work with some versions, others only work with some sync methods, etc.

    And unfortunately that is likely the way things will be for the immediate future. We'll keep chipping away at it, and with each release we get closer to the goal, but it does take a fair bit of time to get things in sync, especially when working with as many different platforms and code bases as we are.

    What data won't get transferred to the new keychain format?

    If you could get me a concrete answer on where problems might occur during conversion to OPVault via 1PIF file

    I've just had a chat with our lead Windows developer on this. He indicated QA thoroughly tested this and found no evidence of the problem described. As such I have removed that text from the forum post in question. It may have been an issue at the time of the original post, or in some strange edge case that we could not re-create, but is not currently an issue.

    ref: OPW-364, OPW-410

    With the way you currently have it worded

    We can argue semantics but we already agree that this needs to be further clarified and our sync guides in general need to do a better job of outlining the advantages and disadvantages / features (or lack thereof) for each sync method.

    1. What current versions (platforms) of 1Password are NOT fully compatible with OPVault

    All current versions of 1Password except 1Password for Android fully support OPVault. Android only supports OPVault when synced via WiFi (not via Dropbox). Based on your stance regarding Dropbox, it would seem this is a non-issue.

    1. If I use current versions of 1Password, which sync methods are NOT fully compatible with OPVault

    WiFi sync and Dropbox sync are compatible, with the above noted exception regarding Android.
    As you're using Windows iCloud sync wouldn't be applicable, but for anyone else reading: iCloud sync uses the same security design as OPVault, but it does not rely on an .opvault file (we use the CloudKit API).

    1. What data might get lost in the conversion to OPVault

    Based on the above mentioned conversation with our lead Windows developer I'm not aware of any potential data loss. That said, it never hurts to make a backup before any change:

    https://support.1password.com/backup-faq/win.html
    (Backup > Back Up 1Password Vault…)

    That is one of the reasons I don't agree with your decision not to support 2FA.....but that is another discussion entirely, that I don't want to have here.

    Indeed. Much of which is already hashed out here:

    https://blog.agilebits.com/2011/09/23/two-factor-or-not-two-factor/
    https://support.1password.com/authentication-vs-encryption/

    Basically we don't do authentication so it wouldn't really be possible to do two factor authentication.

    Can we just focus on the issues at hand, and not discuss weather dropbox is a bad idea or not.

    Sure. I'll only refer anyone else reading and curious to the above mentioned link:

    https://support.1password.com/how-safe-is-cloud-sync/

    along with this one:

    https://support.1password.com/end-to-end-encryption/

    I think you are not correct here. WiFi sync is also not compatible with syncing attachments in Agile Keychain files, as you have indicated above.

    I think we may be arguing semantics here. The feature in question is "attachment syncing," and WiFi sync can do that*. There is an asterisk attached that on Windows in order to take advantage of that feature you must be using the OPVault keychain format, currently. If WiFi is your desired sync method, and you are using modern versions of 1Password, I can't think of any reason to not be using OPVault, so that doesn't seem like much of an asterisk.

    If that is the case, you should update https://support.1password.com/opvault-overview/ to reflect that OPVault does work on Android with WiFi sync!

    A fair point.

    My issue with this is that at https://discussions.agilebits.com/discussion/comment/222384/#win you state:

    Fixed. :) Fortunately forum posts are fairly easy to edit. Docs and user guides... Less so. Unfortunately those take a little more doing to get updated. But that is our problem, not yours, of course.

    I still don't even know why I wouldn't want to use OPVault if I use current versions of 1Password and don't need compatibility with old versions

    I can't think of a reason either. Fortunately it is somewhat easy to switch over. We're working on making it even easier, and it'll likely be the default in the not so distant future.

    Thank you for taking the time to provide us with this feedback, and for helping keep us honest. :)

    Ben

  • Ben
    Ben
    edited October 2015

    It was pointed out to me by one of our intrepid Community Moderators who was reading this thread that switching to OPVault precludes the use of 1PasswordAnywhere, and that in the interest of full disclosure suggested I mention it (thanks @danco ). 1PasswordAnywhere is exclusive to Agile Keychain and Dropbox*. It needs an extreme makeover to be up to our current standards. It was originally designed for 1Password 3 for Mac. We know a lot of users think this sort of feature is awesome (I happen to be one of them), and we’re looking at how we can best move forward.

    You'll still find some documentation for 1PasswordAnywhere around, but we haven't been touting it as of late due to the above mentioned reasons.

    As of right now I'm not aware of any plans to bring 1PasswordAnywhere to OPVault.

    (*as it needs to be run from a web server, preferably over HTTPS)

  • You're very welcome @andrewstrauss. :) Glad to hear these posts have been helpful.

  • MikeT
    edited October 2015

    Hi @andrewstrauss,

    This thread has just been moved to the Windows forum, so our Windows team can help.

    I do apologize, we did find a few issues:

    1. Multiple URLs are not displayed in the UI
    2. Custom icons are not displayed in the UI
    3. Older items that were created in previous 1Password versions (or other programs) and not modified in 1Password 4 for Windows will only show the title but not the content

    The data is there but the OPVault reader cannot read the older agilekeychain-based content, only the opvault-friendly content. We're working on a proper solution to convert these content but I don't have an ETA.

    If you see a few items that are missing all of its content, you can switch back to the agilekeychain vault, edit these item by adding something to the note field, save it, export them, and re-import them into the opvault vault, which will fix the issue.

    We'll update our Knowledge Base to warn folks on this.

  • MikeT
    edited October 2015

    Hi @andrewstrauss,

    3.....I have just started using 1Password, so not likely

    Sorry, I forgot to wrote or other programs in addition to previous 1Password versions, I've updated my post.

    The same issue can happen if you imported items from a different program into 1Password's agilekeychain and it was not modified by 1Password 4 for Windows since. As long as the content has not been modified and wasn't in OPVault first, it will trigger this bug. The key is that the content was created or imported as an agilekeychain item and has not been modified manually.

    However, we could be wrong here and we have a different bug. Do you still have the agilekeychain vault you can switch back to?

  • MikeT
    edited October 2015

    Here is how you can confirm if this is the same bug we're talking about:

    1. Find your item that is missing content in the UI (in OPVault format)
    2. Select it and go to the Help Menu > Advanced > Copy JSON
    3. Open Notepad and paste the content, do you see the raw content of your item that you expect to see? If yes, this is the bug we're working on. If not, it is something else.
    4. Close Notepad without saving and copy something else to clear the clipboard if you don't have 1Password configured to do this for you automatically.
  • Hi @andrewstrauss,

    The number of items imported is MUCH less than the number exported.

    When you imported the 1PIF file, did you get a second prompt asking if you want to replace items based on identical titles, like this:

    If you did say yes, that will result into less items being imported because it will overwrite the previously imported items with the same name.

    Beside this, we are not aware of any other reasons why there would be less items imported.

    Do you guys realize how hard your software is to use

    Yes, we are aware of this and we are working on it. We have plans to include an automatic tool to convert the Agile Keychain format to OPVault but the recent news has folks asking us to offer the option to switch right now and not later with a better and simpler solution that should avoid all of the current known issues with the export/import processes. Unfortunately, I do not have a timeframe on this.

  • MikeT
    edited October 2015

    Hi @andrewstrauss,

    I clicked no to all, like it said to do in the instructions

    You said you are missing 4 items, can you tell me if you've compared the item count per category on the sidebar and determine where the missing items could be? One thing you can do to make the comparison easy is to take a screenshot of the sidebar with all of the item counts and compare both.

    Hasn't OPVault been around for several **years **now? Did you not feel that providing a "simpler solution" was a priority until the bad press caused by the recent security issue forced your hand?

    We have it only available to the beta team for a few years to test and we started offering it first in the Windows program back in mid 2014 with the release of 1Password 4 for Windows for new vaults only and not by default.

    For other platforms, it's been available less than two years and we still do not have support for it on the Android platform. Each 1Password app has to be redeveloped to support the advanced security frameworks we're adding for OPVault.

    In addition, we were planning to support OPVault as a default format once all platforms support it first and then start offering an automatic upgrade to it. OPVault is our attempt to bring all apps up to match in consistency and feature parity.

    It has been a priority but as a small private team, it takes a lot of time to re-develop 4 major programs on different platforms at the same time. We do understand we failed to document this process with clarity it needs. We will update our Knowledge base soon to reflect this problem with import/export on Windows.

  • MikeT
    edited October 2015

    Hi @andrewstrauss,

    Did you check your Trash folder and count the folders as well?

    Let's try something else: please email us 1Password diagnostic report with this guide: https://support.1password.com/diagnostics/win.html

    The guide list the email address to send the report to. In the email, also include the link to this thread along with your forum username.

    Let us know here when you've sent it, so we can look for it, and confirm we got the email.

  • Hi @andrewstrauss,

    I understand if you don't want to share it. We do not collect personal information but it does contain information about your computer configurations along with 1Password and your browser's configuration and filenames.

    Let's try this without the report:

    1. Open the main 1Password program and go to the Backup Menu > Back up 1Password Vault...
    2. 1Password will prompt to ask if you want to open the backup folder, say yes.
    3. You should see the item count in the most recent backup of this opvault in the file name. Compare it to the item count of the agilekeychain vault backup, does it match?
This discussion has been closed.