Keeping 1Password 100% reliable

edited November 2015 in Lounge

One Questions and some story why:

Question:
Can I install a full copy of 1Password purchased from AgileBits on my Mac, with access to my vault on the Mac, while also using an Apple App Store version, with sync to iCloud and hence to IOS devices, on a day to day basis? (the AgileBits version would just be a local backup, in case the app store version fails)

Why:
The App store version allows sync with iCloud and (normally) easy background updates so I wanted to use this version and thats what I moved over too, and paid for, when Agile started selling on the App Store too.

I was unimpressed with the "glitch in the verification of App Store purchases because of the expiration of an Apple certificate"...
https://discussions.agilebits.com/discussion/52042/mac-app-store-app-damaged-prompted-for-apple-id#latest

I realise that this is not a common problem, but I don't want to have a situation where a problem with the shop that Apple runs to sell software can result in software, in particular 1 Password, (that I have paid for) ceasing to work.

Any other opinions / advice would be most appreciated.


1Password Version: 5.4
Extension Version: 4.4.3
OS Version: 10.11.1
Sync Type: iCloud

Comments

  • brentybrenty

    Team Member

    Can I install a full copy of 1Password purchased from AgileBits on my Mac, with access to my vault on the Mac, while also using an Apple App Store version, with sync to iCloud and hence to IOS devices, on a day to day basis?

    @toasted: Yes! The one caveat being that you may want to keep the 'backup' copy zipped until you need it, as OS X will sometimes launch the wrong version of 1Password mini if more than one is present. But if you end up with the wrong one running, ⌘ ⌥ Q is your friend. So, this is really something I'd only recommend for technically-minded folks.

    This may not be what you're looking for, so let me know what your thoughts are. But I like to be thorough.

    Often, people contact us regarding the inability of the AgileBits Store version of 1Password to use iCloud Sync. And occasionally, the question comes up: "Why don't you get rid of the AgileBits Store version and only offer 1Password in the Mac App Store to avoid iCloud confusion?"

    There a re a lot of answers to this, but the certificate issue this week highlights one in particular: the App Store is a single point of failure. The problem was relatively short-lived, but it was still a huge inconvenience for App Store customers of all apps that adhere to Apple's guidelines regarding verification: if the App Store is unavailable or there's some problem with the certificate chain, we're out of luck.

    But one little-known feature of the AgileBits Store version of 1Password can be a lifesaver in cases like this: the AgileBits Store version can read the App Store receipt and use it to register itself, no license or contact needs. This only requires that the App Store version was installed on the system at some point, which will save the receipt. That's the easiest option.

    The alternative is that AgileBits support is more than happy to issue a license of our own to Mac App Store customers. Generally this is needed for those who want to use older versions of 1Password on other Macs, but having a 'backup' license isn't a terrible idea either. So feel free to contact us at [email protected] with a copy of your Mac App Store receipt and we can hook you up!

    Of course, this means you'll need an internet connection (either to download the app, get a license, or both), but preparing in advance (just as you save backups of important data) is a good idea if you know you'll be without a reliable connection, or simply as a precaution.

    Now, the other concern is that you'll lose iCloud Sync when you switch to the AgileBits version, but that actually doesn't affect your data since 1Password stores the database locally as well. Changes will simply not be sync'd to iCloud for the duration.

    I'm glad you're thinking about this. I hope this helps! :)

  • Firstly, thanks for going to the trouble to write such a comprehensive response.

    I am going to have to give all this some thought.

    The fact that Mac App Store MAS applications on the Mac or iOS can stop functioning, even when no changes are made, even when the app has been legitimately "purchased" or "rented" doesn't seem too good to me.

    In trying to use 1P I was not keen to punch in my ID and password to some random dialog box that popped up....these days how do you know it's a legitimate dialog and not a corrupt malware app? Other apps said, incorrectly, they were corrupted, needed to be deleted and reinstalled. And what if your not connected to the Internet at the time, or connected by a slow Mobile service etc?

    So I contacted Apple Care.... They professed no knowledge of the problem I described to them and said I should just enter the id and password. Bit disappointing since the the cert. expired some 2 days earlier on Nov 11.... Why did they not know?

    I am pleased that I can run another copy of 1P without these hinderences so I can at least get access to my password vault should the issues arise again. Unless of course Apples kill switch extends to the OS itself.

    Sigh.

  • brentybrenty

    Team Member
    edited November 2015

    Firstly, thanks for going to the trouble to write such a comprehensive response. I am going to have to give all this some thought.

    @toasted: You're very welcome! And likewise. I really appreciate these kinds of discussions, and the thought that goes into them.

    The fact that Mac App Store MAS applications on the Mac or iOS can stop functioning, even when no changes are made, even when the app has been legitimately "purchased" or "rented" doesn't seem too good to me.

    I agree, but this is the world we live in. Virtually all of the security nowadays depends on the chain of trust, and we really, really want these things to have expirations and allow revocation. But that also means that mistakes can be made on both counts. And in this case, a small oversight (certificate expiration) poses a big problem for folks who unknowingly depend on it.

    I am pleased that I can run another copy of 1P without these hinderences so I can at least get access to my password vault should the issues arise again. Unless of course Apples kill switch extends to the OS itself.

    I think if Apple thought they could get away with it, they'd have done this back in 2011. And while it's easy to draw negative conclusions when something like this happens, I think it has more to do with security than anything else. Apple has been fortunate in that regard, getting to skate by a bit while Microsoft had a target on its back, but they are increasingly becoming a target themselves. So while I won't shed a tear, I don't envy them the task of securing a venerable OS designed without security in mind without driving everyone away from it by doing so. :dizzy:

    ref: BGB-49328-467

This discussion has been closed.