Browser extension isn't working on Waterfox

I am in the same boat as _Greg and geekzero, so also hoping for a beta that works with Waterfox to be available soon.

Brenty,

Let me start by saying I understand that you only support the major browsers, but (saw that coming, right) it is still a bit disappointing especially as Waterfox is close to Firefox and supports most Firefox extensions. Also, as far as I can tell Waterfox supports WebExtensions, and recently the 1Password icon in Waterfox sometimes goes from being 'grayed out' to 'normal' which seem would suggest it could work on Waterfox.

Is there something in the extension that purposely keeps it from working with Waterfox, or is it simply a matter of being incompatible? The latter seems somewhat strange as the 1Password extension is a WebExtension, right?

Wil Dieteren

Well phrased Ben, that is a tough balance.

That said, as an idea from the crowd, how about allowing said "more technical" folks to bless an application with however many dialog boxes are needed to make us really really REALLY think about opening up access to all our passwords. Then the burden is on me, not on AgileBits. I'd certainly accept that.

I'd like to add something to this if I may (and add my vote for Waterfox support!)

Waterfox is (in my experience and opinion) a massively superior browser to Firefox, especially now as Firefox is dropping support for a number of older incredibly useful extensions (which, in some cases, are simply no longer being developed and thus will never be replaced). It uses less memory, it crashes less often, it runs faster, and it's just generally better.

"Sticking to Firefox for now" isn't an option. Prior to Mozilla's changes in 55.0, FF and WF shared profile information & could be swapped between at will. The FF55.0 changes forced a profile fork, so switching back to vanilla Firefox at this stage is a tedious & painful process leaving me with a browser that uses more resources, crashes more often, and removes features I value.

Until this change was implemented, I could flip a single setting to make 1Password work with Waterfox. There's a small risk that the developer could choose to intercept my credentials, but the code is open-source - I suspect any such feature would be both hard to find & easily identified - and I can build it myself from the public source tree, ensuring I know exactly what I'm running.

With the inability to disable the signing check, users of non-mainline browsers are effectively forced to either return to using several complex but not unique passwords, or store copies of their 1Password passwords in Waterfox's password vault. Either option defeats the entire purpose of using 1Password or its' competitors; if the pure manual copy-and-paste option was practical, the browser extension wouldn't need to exist.

My personal browser preference aside, the inability to disable this check doesn't seem to result in a real improvement in security. What makes Mozilla trustworthy? Firefox is fully open-source, but we can't be certain that the public binaries Mozilla provide are unmodified from the public code. If I'm concerned enough about security that this might be a problem, as with Waterfox I can build my own copy of FF from the public source tree - Mozilla even provide a handy-dandy compilation guide.

Say I follow this process and build my own copy of FF; the binaries produced at the end won't be signed by Mozilla and will fail your code signing check. Despite being arguably more trustworthy than Mozilla's published binaries, 1Password will not work with this browser; I will once again be left storing my 1Password passwords outside of 1Password, or returning to insecure/nonunique passwords, if I want to be certain that I am running trustworthy browser code.

Even leaving all of that aside, the main reason you've given for removing this option is that people who don't know what it's talking about might turn it on & cause trouble for you if their credentials are compromised as a result. This seems like a bit of a zero-sum game; you could use the same justification to make Watchtower mandatory, make Auto-Lock mandatory, etc etc... Where do you stop?

'Saving users from themselves' aside, Both Apple and Microsoft already have a method of exposing advanced options to users that are not available from within the application UI. OS X's 'defaults' system, and Windows' registry both allow some fairly deep options to be tweaked by users who know what they're doing, and are sufficiently out of reach to uneducated users as to not be a concern.

Can the ability to disable the signing check be exposed via these methods rather than a checkbox in the application UI? Better yet, a mechanism by which we could add code signatures to 1Password's trusted list... Best of both worlds, code signing verification without preventing users from creating their own browsers...

Hi @Lars ! Thanks for the reply. You're right - it's not escaped my attention that you guys actually listen to what we have to say, and that's a large part of the reason why I wrote that post in the first place :smile:

Don't get me wrong - as someone outside AgileBits, there's no way I could have the full picture here. I don't know how hard it would be to bring the option to disable back, I don't know the full security implications of doing so, I don't know how hard it would be to implement support for non-mainline browsers (or user-side signature approvals) in a secure fashion; I can probably hazard a guess that the dev team has much more important things to do, though :lol:

I've got enough experience in the world of customer service to know that you definitely can't please everyone all the time, and that the overall security of 1Password as a whole has to come first.

I completely understand your position, and I can't say I even disagree with taking the option away from the main app UI - for the vast majority of 1Password users, that checkbox offered no functionality other than a reduction in security. I would have appreciated some sort of warning - I had been blaming Waterfox for the addon not working, as the checkbox was still present (though apparently nonfunctional!) in the UI until I updated 1Password shortly before writing that post. If there was any warning, I must have missed it, and that's on me I suppose...

Thanks again for taking the time to read & reply to my post. It means a lot to know that you guys are listening, understand that compatibility with browsers other than The Big Four™ is very important to some of us, and that while it might not be very high on the priority list, making it work again is nevertheless on the list :smile:

@Lars,

Am I reading the comments of the latest 1Password version correctly, in that the extension should now work in Waterfox?

Wil Dieteren

@Lars,

Thanks for the update. So a good news bad news situation: good news you are working on it (greatly appreciated), bad news it is not working yet. Keep us posted.

Wil Dieteren

I'd like to add my voice to the call for AgileBits to provide a means for more technical users to whitelist their own browsers. I use my own customized builds of Firefox that now no longer work with with the 1Password extension. I would love if I could indicate to 1Password that these builds should be trusted.

Ben,

Any news?

Wil Dieteren

I've been a Firefox supporter since 2005 but as other long-time users note, they've abandoned the features and customization that made them different from other browsers. I've switched to Waterfox and it's almost as good as Firefox used to be...but lacks 1Password integration. I know there are other password services that do work with Waterfox, but hearing that compatibility may be on its way, I'll stick with 1Password. Just adding my voice of support for supporting Watefox, and thank you for your thoughtful replies.

I finally switched from Firefox to Waterfox on my main machine and was sad to discover that the extension didn't work here; this thread has given me hope that Waterfox may be supported. Hopefully this won't hit any roadblocks in development and roll out in a timely manner–until then using a browser without 1Password integration will feel strange and inconvenient. Thank you all for this open discourse and for your work maintaining and improving this great application.

v4.6.8 of the 1password extension still works with waterfox 56.0.3. why not just make that available to legacy users instead of forcing v4.6.9?