Thinking of bailing on 1Password

Sinister
Sinister
Community Member

The Android app is severely lacking. Cannot have more than 1 local vault, cannot add fields, cannot even create a one-time password on it. I always need to use my Mac to do anything useful. The Android app is nowhere near the Mac app or even the iOS app. Dashlane or Lastpass on Android look like what 1password looks like on everything else. 1password is THE BEST app on Mac and on iOS, but it is really bad on Android.

Most of the arguments were that this was going to be fixed on the 1password accounts (on which, by the way, I hate the "documents" vs "attachments" because whenever you delete a login, the document remains behind, etc.

Is the Android app going to be updated to do justice to 1password, ever?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Sinister: Thanks for reaching out! I'm sorry to hear that you're not satisfied with 1Password for Android anymore, but there's also nothing wrong with looking around at alternatives that might better suit you. 1Password for Android has never supported multiple local vaults, so I suspect that isn't the reason you're looking elsewhere. We don't have any plans for that currently, but I'm interested to hear more about other things you'd like us to add or improve in 1Password for Android. You mentioned Documents, for example. I'm not sure it's a good idea to delete people's files automatically just because they delete a linked item, but I can see how it would be useful to have that presented as an option. It's something we can consider speccing out to add to all of the apps as we continue to build on Documents. Is there anything else? :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    It's not . that I am not satisfied with the Android app "anymore". When I switched from iOS to Android, I joined the forum and read about the feature requests from other members and the comments from support about eventually updating. It has been over a year, and the Android app has not evolved.

    @Sinister: Thanks for clarifying. 1Password for Android has seen some big releases, especially with regard to brand new filling options (two already in public release, and one currently in beta)...but I agree that these aren't flashy, and if these aren't things you use frequently there are probably other features you'd rather have. I don't think anyone told you that 1Password for Android would be the same as 1Password for iOS within the year, but nevertheless I'm sorry if you had that impression. The iOS app has several years head start (and is shared with the Mac app's even more established codebase) on the Android version of 1Password, and while we've made progress there, there is still much work to be done.

    When reading reviews today, 1password is no lounger touted as number one, especially when looking at the Android interface. That is what I find, personally, also, since for over a year I have used Android and use my phone more than anything else...yet I find myself having to, say, get up from bed to go get my Macbook to do anything useful, such as two nights ago creating a new log-in because I needed to add additional fields and a TOTP.

    I really appreciate the specific example. You're absolutely right that it isn't currently possible to setup new TOTP logins in 1Password for Android. It's something we're working on along with some other editing improvements, and it's good to know this is something you're looking for. If there are others, I'd love to know so I can pass it onto the rest of the team as well. That's a big part of how we prioritize what we work on.

    Regarding documents/attachments, that is how it works with local vaults. You delete the login, its attachment goes away.

    Deleting one item does not delete others in local vaults though. I think that's important. I don't believe Documents should work the way you describe just because attachments did — they're very different — but I understand that you're used to a very specific workflow. I'm sorry that Documents have interfered with that.

    Whenever I update, say, a credit card (with a scan of it as an attachment) in a local vault, I have to find that login in the account log-in, delete it, then remember to reach for the corresponding document, delete that, then copy the login from the local vault, which in the local vault, functions as one item, together with its attachment.

    I think that you're confusing attainments and Documents in your description there, but I understand your point.

    Local vaults work better, so I end up having tot delete all items in the accounts vault, and copying all items form the local vault, every now and then, to make sure everything is updated, and no documents that should be linked remaining behind.

    I disagree that local vaults work "better". That's subjective. Certainly you prefer how attachments work, but many people prefer Documents because they are a separate thing. It's something we've been explicitly asked for many times over the years: secure file storage. But I agree with you completely that the current workflow is not ideal for people who expect them to work like attachments. I'm sorry that we've not adequately bridged that gap for people on both sides of this.

    If only one could sync between local and online. and I ONLY ended up getting the account to have mutiple items in Android.

    I understand. I'm sorry you had to make that choice. We're working on improving the Document workflow to make them easier to manage.

    But it isn't tat big of a deal, the problem is the other features. 1password for Android is very very different form its Apple counterparts, or even its Windows counterpart. Regarding other features, it's just about everything. I mentioned above, for example, adding TOTP form the Android app, adding additional fields, etc. Basically doing anything other than just viewing items or creating a simple log-in (just user/email, PW, website and notes. Look at the iOS app...then look at the Android app. The Android app comes up way short, in comparison, while supposedly being the same product.

    They're not the same, and can never be the same. One good example of this is filling. Until this year there was nothing we could do like the iOS 1Password extension on Android, whereas that's something we've had on iOS for years. But we've been making them more consistent in other ways, and adding features were we can. We still have a ways to go, but 1Password 6 has received huge improvements over version 4 from the start, and many more we've continued to add regularly since then.

    I just want to know if I should continue to wait for the Android app top come u p to par, or if the Android app will never really have any TLC put into it.

    But this is the only thing that matters: If there's something else out there that better fits your needs than 1Password, you should use that. 1Password isn't perfect, and it will never be ideal for everyone. You should always do what's right for you, but we'll keep working to make it better so that, if you choose something else for now, hopefully we'll be able to win you over in the future. I'd rather you use a competitor's product than nothing at all, or remain using 1Password if you're unhappy with it. If there's anything I can do to help you either way, or if you have additional feedback, please let me know. Thanks for taking the time to do so in the first place.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Basically I want to know what is the realistic timeline in Android for:

    @Sinister: I can't really give you timelines on unreleased stuff, as even things which are in the betas could get pulled if a serious problem is found, but...

    -Multiple local vaults OR syncing local vaults to account vaults

    These are not things we're working on. The second part will probably never happen. There's a chance with the first, but it isn't something we're working on currently.

    -TOTP
    -custom fields / rename fields
    -Duplicate support

    These are likely to be nearer term, but I couldn't be more specific than that. They're areas we're actively working on, but there's stuff that needs to be built behind the scenes (and tested) before we can do the user-facing stuff. Custom fields is very high on our list though.

    Note that the Android app does not even let you default to main vault, for example, forcing me to disallow all other vaults under the all vaults option, to not see duplicates.

    Maybe I'm misunderstanding what you meant my "duplicate support". I was thinking you wanted to be able to duplicate an item to make a copy of it. Now I'm not sure if you were talking about something else, or this is something different. Do you have duplicate vaults? Let me know.

    The documents thing still bothers me for documents that are created from attachments. Like I said when a document belongs to a login, and the login is updated or deleted, one has to go find the corresponding document to delete it too...of course, if the Android app can handle multiple local vaults, this becomes a non-issue.

    I hear you. We will be making improvements to Document management, so your feedback on that is very helpful. We just don't have any plans for multiple local vaults at this time since 1Password.com accounts already have that built in.

    Will you ever discontinue local vaults?

    I can't predict the future, but we don't have any plans to. We're building support for them into 1Password 7 on Windows (and of course other platforms, though that's easier), so they're not going away any time soon.

    Like I said, 1password is the best for anything apple, but leagues behind for Android. Researching options these past few days, all reviews agree, and even say...if using Android, look elsewhere, but a no brainer if using iOS or MacOS.

    Yeah, it totally depends on what you're looking for, but certainly there are alternatives out there, on any platform.

    It's a shame too, since iOS steered me away since iOS10 , and since then, I have felt 1password lacking, due to using Android. In this time, all of these features could have easily been added, but the development, it seems, is focused on Apple environments.

    It seems like a lot of people think that work we do on iOS or whatever takes away from Android, etc., and that just isn't the case. 1Password for iOS getting an update doesn't mean that another platform doesn't. And more and more 1Password.com design and spec work done helps us make bette progress on all platforms...but I appreciate that may not help you as much if your preference is local vaults. :blush:

  • AGAlumB
    AGAlumB
    1Password Alumni

    For this: "Note that the Android app does not even let you default to main vault, for example, forcing me to disallow all other vaults under the all vaults option, to not see duplicates."
    Regarding Primary/All vaults and duplicates, I mean that since the app always starts with with ALL VAULTS selected, when searching, I see duplicates, since I keep an item in more than one vault sometimes. There is no way to have it start up with PRIMARY, as in iOS or MacOS. For example, my wife shares her entire vault with me, and we both manage the kids' vaults. Some items are included in all of the vaults, so when the app shows ALL VAULTS ALWAYS one sees 4 of the same login when searching. Yes, one can turn off all but one vaults to show under ALL VAULTS, but then when one WANTS to search all vaults, the others don't show.

    @Sinister: Remembering the last vault between sessions isn't something any of the apps support, and I don't think we'll be adding that since the vast majority of people are not using both 1Password.com and local vaults, or keeping the same data in multiple vaults. We do, however, want to add an option to have an "Always open to" vault setting. I think that might help in your case as well.

    For the reasons stated above, we prefer local vaults. But whenever one family member makes changes to their local vaults, no one can see them in the accounts vault in the Android app, since the Android app only has one local vault. And when searching their accounts vault, they may have an old version of a login item, since the change was made on a local vault.
    And here is where the documents/attachment issue comes in. Someone updates a credit card, or any login with an attachment on their local vault. Then they have to delete the old item from the accounts app, then COPY the new item form the local vault to the accounts vault JUST so that another family can see that item in the Android app (note that one cannot do this on the Android app, so again one must get a Macbook to duplicate/copy the item in the first place). When this is done, the new AND the old attachment are there. So what we end up doing is deleting all items and copying all items from local to accounts every few days, JUST so that other family member can have access to each other's LATEST logins on Android, to not have to look for each updated item, delete it, then find the related document, and delete that SEPARATELY.

    We really don't want to design around this use case (1Password.com + local vaults). Most people
    aren't doing this, and moved to 1Password.com explicitly to get away from managing that stuff. But we can help them and you by improving the Documents workflow, etc.

    See how not having features that have been available to years on iOS or Macbook makes the experience cumbersome?

    It sounds like the problem (in this case) isn't what you're saying it is, but rather that Documents are't as streamlined as we'd like them to be — and I'm including myself and you in that.

    Multiple vaults:
    The experience with local vaults itself is DIFFERENT than the account ones, especially with the way the attachments work. I much prefer the local vaults, so the multiple vault selection form ACCOUNT vaults does not totally fill the void. You say you are not working on it, but it shouldn't be that hard to add. Not having stuff in a centralized cloud is safer too as far as being a target.

    That isn't true. In both cases, you are the target. We don't have what an attacker would need to access your data; only you do.

    It's not that workin on Apple takes way. It's that the current Android app doers not do half the things the Apple apps did 2 years ago...i.e. the things mentioned above. One would have thought by now you would have brought the Android app to iOS app two years or a year ago. The Android app is stagnant, other that autofill having been added though one can use copy/pasting as a workaround for autofill, but there are no workarounds for missing features.

    "Other than autofill" is a big caveat in your characterization that it is "stagnant". It's a petty big deal (and 6.7 will be even more exciting in that regard), and it was a lot of work. Two years ago, 1Password for Android version 6 did not exist, and 1Password for Teams was an early beta. So that just doesn't mesh with reality. However, I think what you're getting at here is that 1Password for Android lacks some niceties, and that feels bad. We can agree on that, and that's why we're working on it and shipping betas regularly.

    I am only posting here because I am already paid-up on accounts, paid to purchase the premium versions before that, use Apple for computer but not for phone or tablet (where 1password has no equal), and would really rather just keep using what I use, so in hopes you update things things soon...but usually you guys just say we are working on this, not on that, and things don't progress. (as far as features for Android). 1password is even pricier than everything else, and worth it but ONLY for MAC and iOS...ALL you beed to do is make the Android app do what 1password does in all things Apple.

    That's much easier to say than it is to do. Getting those apps to the point they are today has taken nearly a decade for both. I guess I don't understand why you paid for it if you didn't feel it to be "worth it" for you. I'm sorry to hear that, but literally the only thing we can do is keep working to improve 1Password, which is just what we're doing. :(

    Please take a few days, pull it off, and make all Android users happy and get new Android-only customers. Yes it's work, yes it requires coding and whatever technical excuse, but that is why we pay for this and why one chooses to use one app or another. It DOES NOT take two years to add the above features, which, by browsing the forum have been requested by more than one person, since that time, repeatedly.

    If you really expect this stuff to happen in a few days, I can totally understand why you're so frustrated. I don't think that's an expectation we've set with you or anyone else, but nevertheless I'm sorry we've let you down in that regard. I appreciate that these specific features are important to you and some other people, but that's not the only stuff we're going to work on. It comes down to proprieties, and while we want these features too, others have been prioritized due to greater demand and/or greater impact on 1Password users. For example, arguably, we could have Documents to a point where they would satisfy you, to the point you could go all-in on 1Password.com...but that would not benefit folks still using 1Password only with local vaults the way that filling does — and others using 1Password across many older versions of Android. Truly comparisons to iOS are Apples and oranges, since we're not supporting a wide range of different hardware going back nearly a full 6 years now. Nevertheless, that's the reality on Android, and we knew that when we bought into that ecosystem. Android has a lot of strengths because of that, but you can't have it both ways. Now, that's not going to stop us from trying to match the iOS app, but I'd be lying if I said that it wasn't easier supporting roughly a dozen devices and a single OS release there when compared to Android. :blush:

  • AGAlumB
    AGAlumB
    1Password Alumni

    p.s. I know you don't do anything for a few, and you have made it clear that you work on what you want to, but think strategy... the Android market is growing and you are losing Android customers to the competition (since all reviews prefer the others when using Android, and thus steers Android users away), while dominating in the Apple territory.

    It's definitely something we wrestle with, but the majority of 1Password for Android reviews seem to be complaints that it isn't free. :unamused:

    If I wasn't an iPhone user before, I might not have gotten 1password. I had an iPhone and all reviews mentioned it was the best if for Apple (same reviews that mention it isn't good if using Android, which i am experiencing) . But now that I have it, I love it on my Macbook, but hate it on my Android.

    That sucks to hear, but thank you for being honest. We'll keep working to rectify that.

    The only one vault thing has to be an easy fix and feels like it cripples the app, knowing this has been available in other platforms, same company, but way different experiences (see why above).

    Different experiences are a bad thing in many other ways too. It's something that we're focused on addressing, not just on Android but also Windows and the others.

    Regardless, support is second to none - thanks for reading and replying, even if likely nothing will come of this, from reading the forums.

    I'm sorry you feel like it doesn't make a difference since there are specific things that you want which haven't been done yet, but we're absolutely listening and that's how our release notes are populated with things that others have requested. For example, filling improvements have been our #1 request this year, and we've made great progress in that area in a relatively short amount of time. Once we have 6.7 finished, that should (hopefully) put a lot of that big stuff behind us so we can ship more improvements like the ones you're advocating for. Thank you for the kind words, and for holding us to such a high standard.

    Left out multiple url support on Android.

    Indeed, the good news is that TOTP and multiple URLs (and many other things) go back to support for custom fields and editing in general, and these are things we're working on now and in the near term.

  • AGAlumB
    AGAlumB
    1Password Alumni

    -The iOS and the MacOS DO remember the last vault used and open with that.

    @Sinister: They do not. They remember the vault you're on if you're just multitasking (as does 1Password for Android), but when the app is launched it will not remember the vault from the last session. But, like I said, we have a default vault setting in the iOS and Mac versions, and we'd like that on Android as well.

    ref: OPA-1364

    Regarding the second point, just add multiple local vaults to Android, and problem solved...iOS and MacOS have it.

    We're probably not going to. It would be a lot of work since 1Password for Android isn't designed with that in mind already, and our focus is on 1Password.com accounts since that's where it makes the biggest difference for cross-platform users — and we have multiple vaults there by specification.

    I do not want to be forced to use accounts only, just for having an Android phone. If I hd iOS, I wouldn't have that problem, and it isn't fair, as I said, just because you don't have the Android apps at par.

    You're not forced to. But I agree that more consistency is needed.

    No, what I am saying ins that iOS and MacOS have all the features in their 1password app, and Android 1password does not.

    They do have some of the features you're specifically interested in, but they are also lacking features which are available elsewhere. Auto-Type is a Windows-only 1Password feature which has long been requested by Mac users; similarly, iOS users would love to have the inline filling available now on Android. We certainly would love to have "all the features" too, but that isn't possible today. It's something we'll keep striving for though.

    "That isn't true. In both cases, you are the target. We don't have what an attacker would need to access your data; only you do."
    I disagree. A CENTRALIZED repository off password will always be much more enticing. Either way, that is not really the issue; the other half of the comment has to do with the way documents are or are not erased when they are created by a link from a login, after deleting the login. Not all documents are self-standing.

    Well, we'll have to agree to disagree then. Apart from hypotheticals, 1Password.com is subject to external audits and penetration testing from independent security researchers to find any flaws so we can fix them. I suspect that your personal security is not. I know mine isn't, so it will be much easier for an attacker to go through me to get my data than 1Password.com. After all, they'll need my Master Password and Secret Key anyway: one-stop shopping.

    OK so maybe not two years ago but 1.5yrs..that does not change the issue. You agree that it lacks all of the features, but then say you will not develop multiple local vaults...You need to at the very least but all apps on par, being the same product. Multiple local vaults is a must. I am an accounts member but for certain things I want my multiple local vaults, which I have on Mac and which made me become a customer in the first place.

    I hear you. Multiple vaults is a must for you, and certainly some other people. But the vast majority of people couldn't care less about multiple vaults outside of 1Password.com because, frankly, they're a huge pain to manage otherwise. So that's what we're going to focus on.

    "I guess I don't understand why you paid for it if you didn't feel it to be "worth it" for you"
    -That is out of context. I clearly said that when I signed up I had iOS and Mac only, and for those platforms., nothing comes close.

    That's fair. I'm sorry for taking you out of context.

    I didn't understand about "the reality of Android"; what is "the reality of Android"? All of the same features could be supported, if programmed in, at least for the ones I am referring to. Why aren't they a priority? Why not bring them up to par?

    The reality of Android versus iOS is that the former can't benefit from the work we do in 1Password for Mac, as the latter can, and we have one OS version and a much smaller number of devices to target on iOS.

    That you are working on TOTP, multiple URL's, and custom fields on Android is a big relief. If you also add multiple local vaults I think most of my issue would be gone, and the apps would be significantly on par, after all of them have been programmed in. Multiple local vaults wouldn't be a stretch to program in and it used to be one of your selling points.

    I can definitely understand how critical that is to you, and I felt the same way when all of my data was in Dropbox. But most people aren't willing to jump through the hoops necessary to use multiple local vaults, so it is unlikely that we're going to divert development resources from something else that people will use. To put that in perspective, if multiple vault support wasn't built into 1Password.com accounts, we probably wouldn't have that on Android now even in that case. I'm sorry I don't have better news for you on that front, but improvements to editing and Documents are priorities for us.

    In the future then consider iris scan authentication for Samsung, as you've had to consider Face unlock for one model of iPhone. Please and thank you on all of the above.

    It's definitely something we'll consider, but we need to consider security first...and their track record in that regard has been less than stellar. It's something we'll keep an eye on though (pun sort of intended) so see if it proves to be a viable option for 1Password. I know that might feel crappy given that we support Touch ID and Face ID on iOS, and the whole point of this discussion is your sense that we're depriving you and other Android users, but while making Android users feel bad isn't at all what we want, when it comes to security we do need to deal with facts rather than feelings first and foremost.

  • AGAlumB
    AGAlumB
    1Password Alumni

    My 1password on MacOS DOES remember the vault used in the last session. Just tested it again. And when I had iOS, it either remembered or started with Primary and not ALL VAULTS.

    @Sinister: I'm not able to reproduce that here, in any of the apps. Do you maybe just have "Primary" set in 1Password for Mac Preferences > General > Always open to, as I mentioned previously?

    I still resent the not adding multiple vaults on Android. I appreciate your honesty, though. It is OK to focus all new features on accounts, but at the very least bring the local vaults version up tp par with Mac. Adding multiple vault support isn't a stretch at all. As you said above, "more consistency is needed."

    The way we're doing that though is standardizing on an overarching 1Password.com featureset. I know that's not what you want us to do, but it's the way we can make the biggest difference for the most people smoothly. I'm sorry that means we probably won't be doing the thing you want us to, but I'm hopeful that we can make 1Password.com accounts better meet your needs in the future as we improve them for everyone. :blush:

    On that last one, Iris scan has proven way ore secure than FaceID, and FaceID is valuable on ONE device model.

    I haven't seen security research that bears that out, but I'd be appreciative of any papers you can point me toward. And keep in mind that supporting Face ID required no code, only a minor cosmetic change to show "Face ID" instead of "Touch ID" where appropriate. Supporting separate, vendor-specific biometrics on Android involves considerably more work, which is why we didn't support other proto-Nexus Imprint fingerprint sensors.

    In fact, the gold standard is whether NFC payments support it. Iris Scan has long been supported for, for example, Samsung Pay, and people are moving away form touch id and using Iris/Face as the main authentication method. Seems only logical, that as more apps support it, which they do, 1password does...in any case, that is a suggestion and not a deal breaker.

    I think it makes good sense for us to continue to evaluate this. Certainly if it becomes ubiquitous that would be a valuable feature for 1Password to support. And perhaps Google will create a standard on Android that will work across many vendors' hardware, much like Nexus Imprint. Interested to see how things shake out. :)

    But I feel you wouldn't be going much out of your way to add multiple local vault support. As I said, this used to be a selling point in Mac and it is a differentiator form all other competitor that ONLY have online backups. Some vaults i ONLY use local, while I do have an accounts password for other things.

    Multiple local vaults on Android would be a lot of development and testing, and not a lot of people use multiple local vaults at all, so it would benefit very few people. Nothing is set in stone, but that's where we're at currently. Multiple vaults in general are very useful, but managing and syncing them sucks, which is why almost no one has historically. 1Password.com makes it much easier though, so that's our focus for now. If, with the release of 1Password 7, we hear from more people who want to use multiple local vaults, perhaps moving from a membership to standalone, that may change things. Too early to say though.

    Speaking of accounts, here are 2 feature requests:
    Allow sharing of main vault
    allow renaming of main vault
    allow synching/sharing of specific items vs entire vaults (competitors already have this)

    Thank you! We actually have a beta item sharing feature in 1Password Teams, and if we can get it to the point where it's a good user experience we may bring it to others as well. Meanwhile, you can always share an item by putting it in a shared vault, and this appears on the devices of those you share it with automatically.

    Regarding sharing of Personal/Private vaults, we don't have any plans for that since literally any other vault can be shared, but it's something we'll consider as 1Password.com evolves. Renaming it is something I'd love as well, but, much like with sharing it, we do want to avoid confusion, or potential privacy/security issues. Right now, all users can be assured that anything in their Personal/Private vault is only accessible to them. What if I share my actual Private vault with someone in my family and they accidentally start saving private things there thinking that only they have access to it? Renaming has similar issues for the owner of the vault, so we do need to consider the ramifications carefully before making a sweeping, fundamental change to how 1Password.com accounts work. It's something we never stop thinking about though. Cheers! :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    I do have an always open to Primary option selected, but mine seems to remember (must be a bug, but works in my favor). Either way, an always open to for Android would work just fine.

    @Sinister: Yeah that does sound off to me. Thank you for bringing it up! I'll keep an eye on that myself.

    I will never have certain vaults in accounts. I understand the drive to improve accounts, but other than wanting to force everything over (which, in any case, I already have accounts anyway and reasons to use both) I still don't see why you don't take time to add this feature. It is the main differentiator, both form competitors and for Mac/iOS.

    I can't really say it any better than I did before: Multiple local vaults on Android would be a lot of development and testing, and not a lot of people use multiple local vaults at all, so it would benefit very few people. That may change though, so it's something we'll keep in mind.

    I will never stop asking for this and think it is unfair and unreasonable not to have the apps on par.

    That's fair. And if we hear from a lot more people who want the same thing in the future it's possible we'll need to reprioritize what we work on.

    I insist that multiple local vaults was a main selling point and I feel bait and switched when this wasn't supported when I went form iOS to Android. It feels like a "make a point" or "force you to use accounts" deal on your end. I insist you NEED to to this. Not everyone posts but I am sure I am not alone.

    I understand the sentiment, but I don't think "bait and switch" is fair at all. 1Password for Android does support multiple 1Password.com vaults, so when you're paying for a 1Password.com membership, you get that across all your devices. But the Pro Features in 1Password for Android do not include support for multiple local vaults, so no one who paid for the Pro upgrade is missing a feature they were promised as part of that. I understand that doesn't help you given you want this particular feature, but I think we're pretty transparent with regard to what we offer with each purchase.

    Regarding research for Iris scam, a simple google search yields many. Even shows why Samsung Pay, etc use it for secure payments and credit card payments. That is, like I said, the gold standard.

    All I've seen in search results are Samsung marketing and articles regarding the vulnerability to high fidelity photos of a person's eye.

    Not sure how it is or isn't a cosmetic change, but it should apply the same for Samsung phones then...which have touch ID and Iris scan.

    Apple provides a single biometric API that apps like 1Password can call to request authentication, which works with either Touch ID or Face ID. The OS handles the rest, including storing a mathematical representation of the biometric data in the Secure Enclave, which nothing can access. There's no coding support for different biometric hardware — and different types — from different vendors, which, excepting Nexus Imprint, is the case on Android. Android's strength is its flexibility and broad ecosystem, but when it comes to supporting new technologies, that's also a bit of a liability at times. :(

    Thanks for listening in the requests at the end.

    Totally! Regrettably I can't make promises as far as time frames for unreleased stuff, even when I can tell you we're working on it — it's possible for things to be delayed or shelved if there's a problem — but the only way for us to know the stuff that's most important to you and other 1Password users is if you tell us. So thank you as well. :)

    To address those, sharing ITEMS and NOT entire vaults (and not to have to have separate vaults JUST for separate items than then would either be repeated, when showing all vaults, or missing, when showing the private vault, is what I want to avoid.

    If we can figure out a way to do that securely and seamlessly, we probably will. Items are encrypted using the vault keys though, which is what allows for sharing in the first place (multiple users' "public keys" can be used to encrypt a single vault, which allows each to decrypt it with their "private keys"). Making such a strong distinction between vaults and items is just not useful though. The only technical difference between sharing a vault with a single item and sharing a single item is that in the former case others cannot be added, and users would have to exchange secrets to share additional items. That's why vaults are better. But otherwise it comes down to presentation. We may be able to do "item sharing" by using single-item vaults in the future...but that does seem unnecessarily limiting, given that in most cases we want to share more than just thing with another person.

    Item sharing, if it works out, will probably be a one-way operation like it is today in 1Password Teams beta. It's meant to be the secure equivalent of emailing someone a password. Vault sharing is useful for sharing perpetually, so that each party can make changes to the data saved there — including editing or adding additional items. Setting up a new item share for each individual thing, especially when you already have something else shared, is unnecessarily tedious and presents an artificial barrier to the user. Why would I want to go through the whole thing again when I've already shared with that person? If I use a vault in the first place, I don't need to create a new vault and share that each time; I can just add another item to the original. And that's as an Organizer/admin. As a regular user, I don' have to do any work to share an item if the admin has already shared a vault with me; I just copy it to that vault. Not everyone wants to be an admin and manage all this stuff after all!

    Regarding renaming private vaults, that is the thing, it would be good to be able to share the main vault, like one can do on local vaults. My wife, for example, wants me to manage her vault, and she just looks up passwords for logins I crate for her. So for accounts, she does not use her private vault, but a shared vault as the primary..which is why being able to rename AND to share the private vault makes sense...if it can be shared, it solves the problem above, and thus she would need to rename it so they don't all say Private. The same goes for my kid's vaults, which we manage for them (and now have to use shared vaults as their main vault in accounts). And sharing items...well, if you are testing it and bringing it, that may solve most of this. Just make sure if can be done form the Private vault.

    I don't think that's a use case we should design around, as it's a pretty narrow one that is not common, but it's something we'll continue to think about. It's really helpful to know the specifics, so thank you for sharing that example! Item sharing isn't quite where we want it to be, but yeah we definitely want it to work with any item too. :chuffed:

  • AGAlumB
    AGAlumB
    1Password Alumni

    Bait and switch since when I initially signed on and paid pro, even though I had to pay again for Android, it was a feature.

    @Sinister: I understand how you feel about this, but it isn't a feature we offered and then removed. 1Password for Android has never had support for multiple local vaults.

    -All I've seen in search results are Samsung marketing and articles regarding the vulnerability to high fidelity photos of a person's eye.
    Same thing (and wise) for Face ID. There are also cases of twins unlocking, relatives, and other methods. With REGULAR pictures (then prepared for use with a mark, or being DIFFERENT people. The ONLY case with Iris scanning as someone who allowed a high-resolution picture of their Iris to be taken (hard to do without cooperation) and with a special camera, then mounted on a contact lens. There are still was ti copy fingerprints, so that is a non-issue. But with FaceID...well, Google the articles. Iris scanning is safer than even touch id.

    That may be the case, but I don't think there's enough research into either. Face ID is easy to support though (1Password for iOS has supported the biometrics APIs for years), while vendor-specific iris scanning on Android is more work for a small segment of the install base to use the feature. Interested to see how things shake out on Android though. Maybe Samsung and Google and others will iterate on this and what Apple has done and come up with something even more convenient. :sunglasses:

    Regarding item sharing, I see above you got it. And that you see why one would want to rename a private vault, share just items, or be able to share the private vault. Sharing items works well in the competition, and that is one of the things that works better than in 1password. If you're working on it, see how they do it, or read my summary. I am sure you will, if implementing it, make it the same or better.

    I can't really say anything about unreleased stuff we're working on, but the feedback is greatly appreciated. :)

    Multiple local vaults man....multiple local vaults.

    I don't see it happening, certainly not in the near-term, but I've shared your wishes with the rest of the team.

    ref: OPA-97

  • AGAlumB
    AGAlumB
    1Password Alumni

    Definitely not something we can throw together in two days — and not something I would recommend using if we did! We'll keep your request in mind for the future though. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    Glad to hear it. I hope you're having a wonderful Christmas, even if Santa doesn't have everything you want this year. :chuffed:

  • Thanks for the feedback, @Sinister. I can't say when we'll be able to support this, but I'll definitely let the team know you'd like to see it!

This discussion has been closed.