Data storage in the cloud/on your servers?

Hi all, Long time user of 1password; love the product, love the security of not having my passwords stored in the cloud by default and of being able to then select/manage/change whether or not I want to use cloud storage providers for data sync on my own. This is the very reason I have pushed every member of my team to use 1password in the past, as opposed to using a service like LastPass. The most secure system (that isn't turned off) is one which isn't connected to the Internet, after all.

@opiate: First of all, thanks for the kind words, and for your support! I think it's certainly true that "the most secure system (that isn't turned off) is one which isn't connected to the Internet", but I don't think that's really significantly more practical than not owning/using computing devices would be for us these days. Heck, the fact that we're both here discussing this on an internet forum illustrates that! And certainly most people use 1Password because they use the internet and need to manage all of their login credentials to websites. So I think we're past that being a consideration already.

As a security specialist with a strong background in crypto concepts (and having read your whitepapers/available materials on your site), I understand what you're going for and why your protections can be considered sufficient. That said, I am still not satisfied with my password vault being uploaded automatically to your servers.

Thanks for letting us know, and for taking the time to read the white paper! Can you tell us the sorts of attacks that you envision 1Password.com vaults being susceptible to which local vaults would not? We put a lot of thought and effort into the security architecture, but we're always looking for ways to improve it — and with 1Password.com, since it's a hosted service, we can actually do that, unlike local vaults which we cannot directly update if security flaws are found in the future.

When you are compromised (it's never if, these days), someone could take the vaults they obtain and launch brute force cracking efforts on a cluster of AWS GPU instances. Thus is born a risk of possible compromise of all of my passwords. This risk simply doesn't exist if you're breached when the vault is only on my systems.

I think you're coming at this backwards. Given that brute force attacks against the Master Password are not possible since the Secret Key is also needed to decrypt the data, and that an attacker cannot get the Master Password and Secret Key from us, they would have to target you for these and might as well get the database from you as well — or just capture your data as you enter/access it. The weakest link in the security of your data is you. And of course "you" is each of us, myself included. I'm sure you know that, but I think it's important to note in this context.

And since we're back to user-targeted attacks, 1Password.com data will be harder to crack due to the Secret Key than a local vault. And that's not because local vaults are insecure. No one has yet demonstrated that they can successfully break into any 1Password vault, regardless of the format, except by guessing a weak, common, or reused Master Password. Brute force attacks against even the oldest local vaults (with much fewer PBKDF2 iterations that what we use today) are infeasible with a long, strong, unique Master Password. And 1Password.com takes that even further with the Secret Key, since we have to operate on the assumption — as we always have with local vaults as well — that the encrypted data will be captured, so it has to withstand direct attack. That applies equally to local vaults and 1Password.com, and in either case, if you're using a strong Master Password, it's the difference between being able to brute force your local vault potentially before the heat death of the universe, rather than 1Password.com data after it. And ultimately it's more about insurance against theoretical future attacks, since you can't even buy enough power to run enough hardware to do this on a human time scale today.

I understand from having searched through the forums to see questions like mine (will you continue to sell standalone licenses?) that you will not; this is your new business model and customers are welcome to continue using their standalone apps until they stop working, at which time you're willing to see them move to something else.

While it isn't our focus, we do still sell the standalone versions of the apps on all platforms except Windows, since that version is no longer under active development.

This saddens me, because your product is fantastic and I would gladly pay (as would my team/company) for perpetual licenses to new releases of your solutions on our platforms of choice such that we could continue to have local-only storage of our vaults. I guess optionally, I'd be happy to have the subscription, without the account/automated data upload. If this is truly the end of local-only vault support, then I regret to say that when the current solution stops working (hopefully not any time soon - please keep supporting it! :) ) that I may no longer be able to use/recommend your solution. Additionally, I'll have the first member of my team (currently undergoing a platform change) who will have to stop using it. I guess that leaves KeePass, which I'm not nearly as big a fan of for usability reasons.

That's good to know. We've only announced that 1Password for Mac version 7 will support local vaults (and that it will exist, frankly, since it's still pretty early), but we'll definitely take your feedback into account as we develop the apps on other platforms in the future as well.

So, all of the above is to say, I understand that at the moment your mind is made up, and you're doing what you're doing. I hope it works for you and wish you the best, but here's a request from a current customer to please reconsider and offer an option to use 1password without mandating/requiring automatic vault upload to your servers. In my case, target platform is Windows + iOS. Some members of my team are OS X + iOS, and I've got a couple Android users, as well. Respectfully, A satisfied customer who may no longer be a customer if the current product EoLs or stops working with new Windows releases

I don't think our minds are ever completely made up (except about WebDAV — don't ask), and you may be relying on information from somebody outside of AgileBits with regard to our future plans. We do feel strongly that 1Password.com is the best option for most people, but the death of local vaults seems to have been greatly exaggerated. I'm still using them every day myself, and I know I'm not alone in that, either within AgileBits or among other users. It really helps to know how important that is to you as well. Thanks again for the kind words, your support, and for being as passionate about 1Password as we are. Have a great weekend! :)

@brenty The types of attacks are the same, but now we've increased the attack surface by putting a number of users' vaults together in the same place, and instead of hackers needing to compromise only my computer to get only my vault we've also created a case where if a hacker compromises your service they can gain access potentially to my (encrypted) vault along with other users' (encrypted) vaults as well. This after a fashion paints a larger target on your back meaning your security processes have to be perfect. Historically, I've yet to meet a company which is perfect. :)

@opiate: I agree with you 100% that this changes the attack surface. That's why we've designed it with a breach of our servers in mind, and came up with the Secret Key to increase the difficulty of brute force attacks exponentially. We can't and don't expect ourselves to be perfect. So, in spite of the work we do to protect the server itself, we're not relying on that for the security of 1Password.com members' data. That would be like relying on someone not being able to capture a local vault for standalone 1Password users' security. Both need to withstand attack even if they are in the possession of an attacker.

Regarding a hacker's ability to break the encryption on the vault, every few years at most (and months in some cases) another algorithm, implementation of an algorithm, or hashing/entropy gathering scheme is broken.

There aren't a lot of examples of this, and they tend to fall into two categories: crypto algorithms that are old and have been found to have weaknesses which could be discovered only after a lot of careful research and advances in the field, and new algorithms which did not survive infancy because they had fundamental flaws. AES, which 1Password is built around, has been around for decades and is perhaps the most used and researched of all, so it's not only survived a lot of scrutiny but also scaled well and withstood the test of time, even though it is widely accelerated in hardware now.

Prior to the point when it is broken, you may be correct that it would take "more than a lifetime" to crack those vaults. Afterwards, it's anyone's guess. We should not be relying solely on cryptography to protect our vaults, I guess is what it comes down to. By keeping my vault out of the cloud, or choosing where I want to store it myself, I am in control of the risk that I take on should the crypto mechanisms that you're relying on eventually be broken.

It's certainly possible that a flaw will be found in AES as well, but with 1Password.com we can make any changes necessary and push them out to users. That just isn't possible with local vaults. I understand where you're coming from, but for most users, the kind of research and vigilance necessary to be personally responsible for your own security is not feasible or desirable. And, frankly, that's part of what our customers pay us to do for them.

Finally, regarding minds being completely made up, I'm simply going from the posts in the forums from what appear to be AB employees. You definitely may change your mind, which is why I made that post. I hope that a reasoned argument (and maybe some "me too" posts if others agree with me) will cause you to put local vault support back in those products which lack it, which I guess is specifically the Windows version at the moment. What I've read is basically that the Windows version is kind of neutered now, and only functional with a 1password account, unless you have a license to an older version. I've also read that you're no longer selling licenses to the Windows versions, only to the Mac versions. So, that's what I meant; apologies if the wording wasn't quite clear. Thanks for your response!

Indeed, it definitely helps! Currently the new 1Password 6 Windows desktop app is the only version which does not support local vaults, and it's good to know that there's interest there as well. But we weren't going to build a second app with local vaults on Windows right off the bat when 1Password.com members did not have a native app at all. As they say, "there's an app for that", so we're prioritizing filling the need for a 1Password.com Windows app first. And it doesn't make sense (or feel right, frankly) to take people's money for either a Windows app that does not support local vaults, or one that does which isn't under active development. I appreciate that this is way too confusing, and certainly I understand here you're coming from. I wish the situation were less complex on Windows, but we're making good progress there so it's easier for everyone in the future. Thanks for your feedback on this! :)