1Password for teams on Android

Hello @pjrobertson,

You're absolutely right; allowing the teams features to run on Android 4.1 would be great. Here's a mini-essay I wrote on the subject in a different thread:

We'd love to be able to support more devices with teams. We have a lot of customers that have not updated their devices past Android 4 yet and it would be awesome if we could support these as well.

We try to support the older versions of Android as much as possible. In fact, we have 3 separate requirements, depending on what you need:

1. 1Password 6 requires Android 4.1 for most features. Thankfully the libraries we depend upon for Material Design and most other features were made available to us in Jelly Bean.
2. 1Password for Teams requires Android 5 as it depends upon improvements made to the encryption library that were first shipped in Lollipop.
3. Fingerprint Unlock requires Android 6.0 as the fingerprint authentication API is currently only available in Marshmallow. We expect that this will be widely adopted across new and existing Android devices as Marshmallow support continues to grow and we may eventually see support back ported to older OS versions too.

You can see that this is pretty complicated in general, so I'd be super happy if we could support all features all the way back to Android 4.1. We don't have a lot of control over devices supporting the Marshmallow fingerprint API, but in theory we have some flexibility with Teams support. So let's dive into exactly why can't we support the teams features in Android 4.1.

The main issue with prior versions of Android stem from the fact that teams is using a different encryption format. You can see the 1Password for Teams White Paper for all the nitty gritty details, but suffice it to say we designed the new format to be even more secure-er than the previous one. 1Password for Teams faces a new set of threats and we therefore needed to design things slightly differently to build additional defences against these threats.

The new design depends upon some important goodies that Google built into 5.0. Google expanded the set of cryptography algorithms available within Android 5.0 and the performance of these algorithms in 5.0 is much faster. In theory we can use a third-party encryption library (for example, SpongyCastle looks promising), but it will require more time.

The thing is, time is our most precious resource. 1Password 6 for Android was a huge release and it already took us much longer than we anticipated, so we're certainly not going to delay 6.0 any further. We also already have a full schedule for the subsequent 6.1 release, and after pushing the team for faster, more frequent releases, I am hesitant to add anything more to that release either.

Once the dust settles over the next few months, we'll re-evaluate our priorities and see what we can do. With that said, please keep in mind that Android 4.4.2 will be 3 years old soon. In terms of phones, 3 years is not a long time (indeed I just updated my old iPhone 5 to the latest iOS and it works great), but in terms of software, 3 years is an incredibly long time. Quite frankly, I hope you upgrade to Android 5 first so we don't have to worry about this, but I understand that's sometimes easier said than done :)

Sorry for the essay but I thought you might enjoy the details :)

Take care,

++dave;

You're very welcome, @pjrobertson. I'm happy to hear you enjoyed the details and weren't looking for the Twitter version :)

Is age of an operating system really not an argument to consider? I dunno, I think it has to be. Google, Microsoft, and Apple are constantly adding new features to their latest OSes and we should make use of them. If we spend all our time making sure we support every previous version, we'd never move forward.

Fragmentation on Android is indeed pretty bad, and as such I know exactly where you are coming from. In many ways we are forced to support older versions more so than on other OSes, and we already do. But the line has to be drawn somewhere. I don't know exactly where the best place to draw that line is, but one has to be chosen.

To your point of nitpicking on the "almost 3 years" reference, I'm glad you brought that up as I did indeed miss the mark. It was a lazy copy and paste issue as your original post was talking about version 4.1 and the other thread was talking about 4.4. In fact we both should be talking about July 9, 2012 since that's when Google first released Jelly Bean. That was 1,313 days ago, or 3.59726 years ago. So we're really coming up on 4 years now. Of course, I'm certainly the one nitpicking now :)

I enjoy your comparison to iOS as it highlights the fact that we already supporting many more versions of Android than we ever have for iOS. For iOS we only support the latest version. This was true for iOS 7, iOS 8, and is true now for iOS 9. I'm pretty sure it was true for iOS 4 as well, but I can't remember that far back. If iOS 10 has too few goodies to make this worthwhile, then we'll leave support for iOS 9 available. But so far Apple hasn't failed to impress.

In any event, I'm not really arguing with you in the slightest. I don't like how we have 3 separate version requirements and I'd love to simplify that. If we can leverage SpongyCastle or something similar to bring teams support to Android 4 and have good performance, I'll be tickled pink. But if it ends up requiring a large investment of time, I'd rather focus on the future and add more features that will be useable by everyone.

Time will tell.

++dave;

Totally agree. It's certainly easier said than done and it will cost money to get a new device. But it's totally worth it.