1Password Standalone Version

1) Is there any talk, within the company, to retire the standalone version of 1Password?

@DCIFRTHS: Knowp! Even for folks with a subscription to 1Password Families (and Teams), the app(s) are still absolutely crucial. We need to keep making the apps, and keep making them better anyway, and so long as we have customers for them, we're happy to sell licenses as well.

2) Is there any talk of not developing new versions of the standalone version of 1Password (thus leaving customers with legacy standalone applications)?

This sort of goes back to #1. There aren't magical apps that are only for one or the other. That would mean a lot of duplicated effort, and this way both license holders and subscribers can benefit from much of the work we do to improve 1Password. So I guess that would be another "knowp". :lol:

3) Any plans for further development / updates for Knox?

None at this time, but it's something we'd like to revisit in the future...once we have a little less on our plates. Cheers! :)

Hi @DCIFRTHS,

I wasn't aware that the cloud version required the full desktop software.

A 1Password account and the 1Password apps we make for Mac, Windows, iOS, and Android go hand in hand with each other - they each offer certain features capabilities the other doesn't have. If you have a 1Password account, you aren't required to use the desktop software, but you'd be missing out on tons of great features that you probably use everyday! Plus, you can still use the 1Password apps & your data when you don't have an internet connection (something which - by its nature - isn't possible with the web app).

I want to be clear that I would never use a cloud password manager. Never. I would use an encrypted spreadsheet before I used the cloud storage method. A stand alone client is critical for me

You're not alone! Many others feel the same way, and we're fully aware of that. In fact, many of our existing customers started using 1Password largely because of it. Our new subscription service is not meant to replace standalone licenses. If we stopped selling standalone licenses, we'd be cutting of a huge portion of our existing/potential customer base, so it just wouldn't make sense for us to do that - there's no reason we can't sell both! We're happy to be offering a choice for new and existing customers.

As you know, they have a ridiculous requirement that the master key be uploaded to their server.

Just to be clear, regardless of whether you have a standalone license or a 1Password.com account, your master password is never sent to us - we don't have it and we don't want it! In fact, your master password isn't stored in 1Password and is never sent anywhere at all - unless you've recorded it elsewhere, it exists only in your head. Even if you signed up for a 1Password.com account and had your data hosted on our (secure) servers, we never know/have your master password or your Account Key. So in the (very unlikely) event that someone were to break into our servers and get your data, they'd never be able to decrypt it.

I know you're not interested in a 1Password subscription/account, but since you're obviously very interested in security, you might also be interested in reading our information here: https://1password.com/security/ (there's a link at the bottom for our Security Design white paper)

I just want to express that I am willing to pay for the stand alone client for as long as you continue to make it. I hope that others feel the same way, and continue to support the stand alone version by buying it.

Awesome! We certainly plan to keep selling standalone licenses for the apps as long as people keep buying them. Our new subscription service is great, but there are definitely a lot of people out there who prefer a standalone license instead. We truly appreciate your support! :)

Knox: Any news on possible bringing back support for this front end to encrypted sparse bundles?

Sorry, no news at this time - the answer Brenty previously gave you is still the same. Creating our new accounts/service has been a massive project for us and unfortunately hasn't left us enough room to work on Knox. All of us here really like Knox and would like to be able to start working on it again at some point, but we're honestly not sure if or when that might happen - so I can't make any promises one way or another about that. But thank you for letting us know you're still interested in that!

We're here for you if you need anything else! :)

@DCIFRTHS: I was super confused at first because you seemingly invited me to a discussion I'd already been participating in, but it sounds like maybe you're just looking for an update for 2017. Be sure to let me know if I've guessed incorrectly! :lol:

A lot has happened in the past nine months, and we have recently begun de-emphasizing standalone licenses in response to a number of pain points that people have been experiencing in the year since 1Password Families was introduced. There's been a lot of confusion and frustration as people purchased standalone licenses and expected them to work for their 1Password.com membership. So we're actively marketing only 1Password.com memberships now as a result, and also for the following reasons:

• No more frustrated customers because we don't have any control or visibility into third-party sync solutions and are therefore limited when troubleshooting those kinds of sync problems.
• No more confused customers who rightly expect to be able to use 1Password on all their devices without having to buy it 2 or 3 times (once on each platform they use).
• No more angry customers who forget their Master Passwords. Family organizers and team administrators can recover accounts for family and team members.
• No more devastated customers with lost data because they didn't set up some complicated third-party syncing just right and/or develop a backup strategy.

I can't overstate how huge these last two are. Telling people they're out of luck when they ask for help getting back into their data is a bad time for everyone, to put it mildly. We really feel a responsibility to make the easier and happier path the default one for everyone so 1Password users can avoid these pitfalls. I hope that gives you a sense of where we are today. :)

BTW, I am a HUGE supporter of 1Password Standalone, and that is why I am writing to you.

@DCIFRTHS: Thanks for your support! I'm glad to hear that you're enjoying 1Password. :)

It was my fault for not including a link. Here it is. The whole thread is not about 1Password, but your product is included in the main (and other posts). There are a few choice posts regarding your product, the future of your offerings, and alternatives. Hopefully you'll join in, but if not, that's okay too... Would you post a link to the thread you previously participated in?

Ah, thank you! The context is appreciated, but I'm still slightly confused. I was referring to this very discussion, which you started in June 2016, since both Drew and I had replied to you here previously. I guess it goes both ways then, so thanks for being patient with me too. Eventually we'll get on the same page. :lol:

A not confrontational translation of your words above: In the near future, we are going to stop supporting the standalone version because of the reasons stated above AND more importantly to AgileBits, is the fact that the subscription model is more lucrative for us. That's where you are today. Correct?

No. That's not quite what I said. ;)

In all seriousness, we have never stopped supporting any of our customers, no matter which product they're using. I personally regularly help folks with 1Password 3 for both iOS and OS X (OS X, not macOS, is correct here, because these were developed ca. 2009-2012). And we don't have any plans to change that. We love loving what we do, and telling folks that bought a product from us that they can no longer use it or get help from us isn't something we'd feel good about doing. But yeah, 1Password.com is better, because it can do more of what 1Password is meant to do. A big part of that is data availability (i.e. preventing data loss), since that's just as important as data security. This is just one of many things that we're just not able to offer any other way. Certainly, we like getting paid for our work, but that's not why we built this. We love 1Password and want it to be better. We couldn't do these things for people technically without building 1Password.com, and we can't sustain them financially without charging a subscription for it.

Your subscription model took off - in part - because you have BURIED the standalone version. I could address everyone of your points above, but it's pointless as the decision has already been made to "deemphasize" the standalone version.

That's not even remotely true. We sold licenses right alongside subscriptions for nearly a year. It was rough. We tried all sorts of things, made tons of changes to the apps' setup flows and our website to accommodate both. And, as I mentioned, it was still confusing to the vast majority of people.

Certainly you're not included in this, and I know others have similar feelings in this area. But the common theme is that they're also existing 1Password license holders, so you don't need a license in that case. And the vast majority of new users (and many existing customers) really, really don't care about this. They just expect 1Password to work across all of they're devices without them making multiple purchases across separate stores, Google Account and Apple ID logins, etc., or fiddling with sync settings, and 1Password.com is the only solution to all of these problems, even if you and I are fine with navigating these things.

In fact, our original goal with 1Password.com was to simply never use the word "sync". While that hasn't panned out because enough people know enough to know that they want sync and ask about it, they're usually both surprised and delighted that this is where the conversation ends, as it isn't something they need to figure out.

Additionally, I fully feel the effects of the points you listed, as I have encountered them throughout my career - your battle cries do not fall on deaf ears.

Thank you. I really appreciate that. It sounds like you at least understand why 1Password.com is so important to us then, even if you yourself don't have a need for it right now. :blush:

Hopefully you can tell me I'm wrong, and the standalone, non-cloud syncing version will still be available, fully supported, and updated. Can you tell me that?

No product that we've made receives updates indefinitely, so at some point we'll have to work on building and supporting something new, but that day is not today. :sunglasses:

Look, I get that some people don't want a subscription. That's really a very personal choice, like anything involving money we work hard for. It's just a matter of priorities, because we all spend money on stuff that that is important to us, whereas someone else will find it frivolous (me: video games). So there's no real argument there. But also certainly, when it comes to our most important stuff, we need to think twice (times 1000) about where we keep it. That goes both for the tools like password managers themselves, but also where the data stored, whether locally or on someone else's system. Fortunately, whichever 1Password setup you use, your data is secure because only you have the keys to it. So you don't have to sacrifice the convenience of being able to access all of your data anywhere without sorting out syncing yourself in order to maintain security if you so choose. That's something that I think all of us (I am not mathematician) can understand and appreciate. Cheers! :)

@gl0tzk0wski: I think VMWare is an interesting example. As with password managers, there's some competition in that space. I've used VMWare (license), VirtualBox (free), and Parallels (license/subscription), and while I still use VirtualBox at times, I've actually gone with a Parallels subscription because I ended up paying for the upgrade every year anyway. They do a lot to keep up with OS releases (on both sides, VM host and client), and each major release has new features and improvements I'm glad to have.

Similarly, there are one-time purchase and free options in the password manager space as well, but I think that 1Password.com offers more than Parallels for less money. I would kill to be able to use Parallels on all of my devices — especially Windows! And while Parallels has great updates, they do seem to be "held back" for the major releases, presumably because they also want to sell licenses.

With 1Password, we regularly add new features and significant improvements to the apps throughout their development cycle, and we're excited to be able to do even more. Rarely do we get requests for "no new features", and the list of things that 1Password users are asking us to add is a mile long. We're never going to be able to do everything that's asked for, but if we can say "yes" to more things (within reason) because we have the resources, then that makes everyone happy.

Anyway, I think that focusing on money is missing the point. We have a greater responsibility by running a service like this. We have to keep it running, and keep making it better. With a one-time purchase, you get what you paid for and you can use it forever. With a recurring fee, we have to continually provide enough value for you to stay subscribed. It can and should be a virtuous cycle. If we don't ensure that it is, we're out of a job.

That said, I appreciate that you prefer a license, and it's certainly something we will keep in mind when we start thinking about 1Password 7.

Okay. Second time I deleted my post by mistake. So simply...

@DCIFRTHS: Ah, I nearly did that last night myself. Trying to edit? :(

Does the subscription model/version for 1Password store data outside of my local domain, or is there a way to defeat that "feature" completely? If it can be defeated, is WiFi sync available in the subscription model?

So, I'll try to explain this as best I can. Please let me know if any of this is unclear. I'll start by simply saying that it is possible to use WLAN Server to sync local vaults via Wi-Fi with 1Password for Mac, even if you're a 1Password.com subscriber. It doesn't need to "defeated" or disabled. But this isn't something I'd recommend. Only 1Password.com has the benefit of the Secret Key strengthening the encryption.

Really, a big reason that 1Password.com exists in the first place (though it has many other features and benefits now too) is to offer easy, zero-config sync for 1Password users. Typically the comparison is to Dropbox or iCloud, as those are also cloud sync services, and are more popular than WLAN Server due to convenience and ease of use.

But in each of these cases, when things aren't syncing as expected, there's very little we can do to help. This sucks for us because it sucks for our customers. So we built 1Password.com from the ground up to be an efficient, transparent, and secure way to keep 1Password data up to date across any number of platforms and devices. Having trouble with Dropbox/iCloud? We don't own/operate those services and have very little insight into how they work and where things go wrong. WLAN Server not working? While this is a feature we built and maintain ourselves, it's fairly simple, so nearly 100% of the issues that users have experienced with it over the years in aggregate are specific to their network environment, which we also have no control over (e.g. firewall, proxy, antivirus, router, driver, and yes, even incorrect system time).

So while you could use a 1Password.com membership to get access to all of the apps and sync your own data, you're really making more work for yourself than is necessary, and foregoing a huge benefit of the service. Close to 100% of the time, 1Password.com just works. And with 1Password.com, if something breaks (barring network restrictions imposed on the user), we can find out why and fix it.

This is obviously a really important feature for the vast majority of 1Password users, but the only reason we can be comfortable offering it and recommending it in the first place is because of its security. With 1Password.com, your data is encrypted on your device, so all the server ever ends up with is an encrypted blob. And since Your Secret Key (F.K.A. Account Key) is created locally, your Master Password is only known by you, and neither is ever transmitted, no one — including AgileBits — has the means to decrypt the data. Seven if an attacker compromises our servers, they don't have the means to decrypt it. You can read more details on how all of this works in our white paper, and please don't hesitate to ask any other questions you may have! :)