Dropbox/Local Database Options & the Future of 1Password

@1TicketTerm: To be clear, we don't support 3rd party sync services, as we don't control them. 1Password has options to store data using some of these, but there is unfortunately little we can do to resolve an issue with another company's service. That's actually one of the many reasons we built 1Password.com in the first place: we can make sure the sync experience is easy and efficient...and if it breaks, we can fix it. I can't speak to whether these options will change in version 7 though, as it doesn't exist. But we only remove features if there's a good reason — usually related to security — so I can't say that it's likely that we'd go to the trouble to strip 1Password of these options when the work has already been done to add them. And either way, 1Password 6 will continue to have the same functionality, if you decide that a new app doesn't have the features you want for this or any other reason. I know I've been content to not spend more money in cases like that, but it's up to us to continue to make our products compelling enough for people to pay us for our work. Otherwise we won't be around anymore. ;)

Regarding the new Mac App Store version in particular, this doesn't actually change anything for you (or other existing users). If you've purchased it already, you can continue to use it and install it on your devices, using only local vaults if you wish. The only difference is that it's now possible to download 1Password from the Mac App Store for free (just like you always could from our website) and subscribe to the 1Password.com service from within the app; users with local vaults can still unlock the full version if they wish. I hope that helps clarify things. Let me know if you have any questions! :)

And 'disengenuous' is being kind.

@toasted: Not really at all. I guess it's easy to type things like that to someone you don't know on the internet, but if you knew me, you'd be ashamed.

Edited to correct misattribution of 1TicketTerm 's comments to toasted. Sorry, toasted! :(

"It sounded like you were asking if Dropbox support would be removed from 1Password. I told you it wouldn't."
"I can't speak to whether these options will change in version 7 though, as it doesn't exist."
That's slightly disingenuous:

@1TicketTerm: Not even a little. We have ideas that we'd like to implement in future versions of 1Password, but that could mean 6.7 (which you'd get for free) as easily as 7.0. Were very much focused on 1Password.com right now, not building a brand new app (with the exception of Windows, though we're building that because we need a 1Password.com client there). We've got enough on our plate already.

Both you and I are well aware that there is a product roadmap.

Actually, no. You don't know that. That's not quite how we do things.

It's not public, for many reasons, and I'm not asking that confidential information be exposed in this forum, but don't pretend that there is no version 7 branch in your version control repository. I'm not looking for specifics. I'm interested in seeing if AgileBits will offer a general commitment to the self-managed database option for the foreseeable future, because that looks to be highly in doubt at this point.

I don't have to pretend. We have a commitment to our current products and existing customers. It's really as simple as that. And it just isn't productive to make decisions or announcement based on what we imagine might happen in the future. We're very much focused on making 1Password the best it can be today.

The "account key" mechanism described by Rob above appears to be a weak form of 2FA, a feature I have wanted to see in 1Password for many years. [...] A fortiori, a useful form of 2FA could have been integrated into 1Password as a feature applicable to all users long ago.

It just isn't possible to offer any form of authentication with the product you're using, because there's no server to authenticate with. And since the Account Key isn't 2FA, it therefore doesn't run the risk of being intercepted, as it is never transmitted.

I'm not anti-cloud. There are many cloud services I use and enjoy. However, I have no interest in being FORCED into the cloud for this particular application.

I hear you. We've each got to determine what we need on a case-by-case basis. No one is forcing you to do anything though, nor can they. If you already have a setup that works for you and meets all of your requirements, it makes good sense to stick with it.

A technical miscalculation on your part could have a tremendous impact in the case of a cloud security breach.

Nope. 1Password.com is designed with the assumption that everyone's data needs to remain secure even in the event of a compromise of our servers. All of the data in 1Password.com users' vaults is encrypted before it ever leaves their devices, with the Account Key and Master Password, and since neither of these is ever transmitted, no one — including AgileBits — has the means to decrypt the data. You can read more details on how all of this works in the white paper that Rob referenced earlier.

I feel that in your roadmap are conditions that will remove my freedom in this respect, so unless you are prepared to assure me of self-destiny without attempting to wrest from me my legitimate concerns, I will have to find another password manager before version 6 ceases to run on my computer.

Unfortunately, given that this roadmap is something you've just imagined yourself, we don't have the freedom to change it. Only you have that power. It sounds like you're satisfied with your 1Password setup, so I'd hate for you to give that up. But if you're not willing to take anything else we say at face value, there's nothing that can be said to reassure you.