1Password Sync via Nextcloud [not supported]

binarytec
binarytec
Community Member
edited June 2018 in Android

Hello community,

i don´t want to use the 1Password Cloud. I want to use my Nextcloud Server. The data exchange between different windows computer works perfect. But when i want to use my mobildevice, there is a problem. I use the App Folder Sync for the sync process. This works so far. But after the files are up to date via Folder Sync, the 1Password App dont show me the new safe. I started the Sync process in the 1Password App, but there are no updates... 1Password show me a empty Safe.


1Password Version: 6.5.1
Extension Version: Not Provided
OS Version: Android 6.0.1
Sync Type: Folder Sync (Nextcloud)

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2017

    @binarytec: While there's more flexibility on a computer, 1Password doesn't support that service, and we don't currently have any plans to build support for additional 3rd party sync options into our mobile apps. You may have better luck using WLAN Server between your computer and mobile devices, though Dropbox depends less on your network environment, and 1Password.com is the best option since it's seamless. Be sure to let us know if you have any questions about those!

  • binarytec
    binarytec
    Community Member

    Thank you for the fast response! This is disappointing, cause you have the option sync with local storage option. And i thought this will work.
    But then i dont understand for which purpose do you have this option

  • AGAlumB
    AGAlumB
    1Password Alumni

    @binarytec: Indeed, that's been causing some confusion so we've made this clearer in the next update. Read-only support is present for importing data, otherwise it wouldn't be possible for anyone using a different version to migrate their data. I'm sorry to disappoint you, but we really need to focus our efforts as we develop this new app from the ground up.

  • edverillo
    edverillo
    Community Member

    I have got tired of waiting, been using 1P since 2011 and this is a huge disappointment. Moving on to an alternative solution.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @edverillo: I'm not sure where you got the impression that this is a feature we were going to add to 1Password. It isn't something we've ever indicated, and as I mentioned above it is possible to use 3rd party sync options anyway in some cases. It just isn't something we support since those aren't our products and services. I'm sorry if there was any confusion about that, but if you've decided that this is now critical to your needs (where it apparently wasn't in years past) it makes sense to use the tool that does what you need it to. And we'd rather you use a competitor's product than nothing at all. Stay safe out there.

  • edverillo
    edverillo
    Community Member

    Hi @brenty.

    The impression this feature would be added came to me because "everyone else" was doing it, so I hoped it would eventually come to 1P, too. You are correctly pointing out this wasn't critical to my needs in the past few years, and I did let this drag on for a long time. In fact, 1P was the only reason I still had a DropBox account.

    Right now I've decided to make an effort in taking back control of my data and, at least, consolidate all the 3rd party services I'm relying on. DropBox is out of question. Signing up for yet another service is also out of question.

    As a developer, I actively use multiple OSes and devices, so I need a solution that can work for all, with no dependencies, with data stored on my own self-hosted infrastructure. 1Password has been awfully close to achieving all that, for very long, but never took the last step. So I hope you understand why I held on to that impression, for so long.

    1P is a great tool, offering good security with a great user experience, difficult to find on competing products. I got used to it and am making this change with a heavy heart. If one day your product strategy changes, I'd be happy to re-evaluate my decision and come back to using it.

    Best,
    Ed

  • AGAlumB
    AGAlumB
    1Password Alumni

    @edverillo: That makes sense. Obviously I think 1Password.com is a great solution (or I'd find something else to do with my life!) but I understand if it doesn't fit the particular requirements you've settled on. While it isn't technically necessary given our security architecture (we simply never have the keys to anyone's data, regardless of where it's sync'd/stored, and that hasn't changed), some businesses have requested a self-hosting option for 1Password.com due to regulatory requirements, so perhaps that's something we'll be able to offer in the future.

  • AGAlumB
    AGAlumB
    1Password Alumni

    We don't currently have any plans to support additional 3rd party sync options, but it's helpful to know that this is something you would like. :)

  • Thanks @Oclair! Currently, our team is concentrating on our own service, and we don't have plans on the roadmap to add support for other 3rd party sync solutions. However, if we do decide to do so, I'll certainly put in your request for Nextcloud. Let us know if you need anything else!

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited November 2017

    @Oclair: I'm not sure what you mean by "times have changed"; it sounds like your personal preference has, but I don't think that's 1Password's fault. We haven't removed the feature you're asking for. It's something we can consider for the future, but if we add every sync service that is requested by a handful of people we'll never get anything else done. We have to be realistic and practical, and work on things that will benefit the greatest number of people. :unamused:

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Oclair: We do. Your passwords are only ever unencrypted on your local device. That's how end-to-end encryption works. This is how 1Password has always worked. 1Password is secure by design, not by chance. There's plenty of information available on both our security model and the data formats themselves, so I encourage you to take a look and let us know if you have any questions. Cheers! :)

  • pgraetz
    pgraetz
    Community Member

    +1 self hosted: nextcloud

  • AGAlumB
    AGAlumB
    1Password Alumni

    We don't currently have plans to support another 3rd party option, but thank you for letting us know which you'd prefer. :)

  • pgraetz
    pgraetz
    Community Member

    at the moment I have one Dropbox account and the only thing I use there is 1password since I cannot use WLAN because my desktop is on my private ethernet network and has no WLAN.
    So, what I do is I run Dropbox and Nextcloud on my Desktop and synchronise both 1password folders and I use Dropbox sync on the Ipad/Iphone/Android and other mobile devices.

    I think that is what others do as well. Would be nice if there would be any other way so that we don't have to use a space outside the own network to store the files.

    Have a successful 2018 brenty.

  • Thanks for the feedback @pgraetz. We'll keep this in mind if we ever decide to support other third-party sync options. Happy New Year!

  • AGAlumB
    AGAlumB
    1Password Alumni

    @pgraetz: Thanks! Happy new year to you too! :chuffed:

    In case it helps, I also wanted to clarify that WLAN Server can sync even if the computer is using an ethernet connection, so long as the mobile device (connected via Wi-Fi, naturally) is on the same local subnet. Cheers! :)

  • botootsy
    botootsy
    Community Member

    Hi all,
    first of all thanks for your product – I really like it very much and also your support and communication in general :)
    Regarding the issue above: do I get this right that it's not possible to use Nextcloud for syncing the tresors? Within the last years I used Dropbox to sync my passwords (readonly from the 1P-app-side) but now want to go away from DB and use Nextcloud to be more on the safe side regarding GPDR.
    So I tried to use the "local storage"-option within the Android-app and pointed it to the Nextcloud-folder but 1P doesn't find the tresor. Is this related to your answers above saying you don't support 3rd-party applications?
    If so I'm curious what's the differerence between Dropbox and Nextcloud technically. They both simply store files and the 1P-app is reading these files or do I get something wrong here?
    Cheers,
    Michael

  • AGAlumB
    AGAlumB
    1Password Alumni

    @botootsy: I don't know that it's impossible, but it isn't something we support. 1Password doesn't particularly care if you sync the data whichever way, but it needs the data to be available any time it wants to read or write to it. If you experiment with something like that, please backup your data religiously. I couldn't tell you the technical differences, as, again, we don't develop and test for their service.

    If you're just trying to get away from Dropbox, you may want to consider a 1Password.eu (or 1Password.ca) membership, since it is not only GDPR compliant, it also gives you access to all of the apps, the web interface, and does away with license management and sync configuration altogether — you simply login to your account to authorize a device and access your data. You can try it for free for 30 days to take advantage of all of its benefits.

  • lowi82
    lowi82
    Community Member

    I would like to have support for NextCloud please!. More and more people will start using this private cloud solution in the coming years. It would be wise for you to adopt this "easy to implement" feature. I think NextCloud really embodies a lot of the principles that 1Password is all about.

    Please pass it on and give another look.

  • lowi82
    lowi82
    Community Member

    By the way. @brenty You don't seem familiar with what NextCloud is all about. It is a personal cloud solution. It give individuals and companies the power to set up their own cloud in a secure and private fashion. It is truly amazing. Please check it out before passing out opinion on it.

  • pgraetz
    pgraetz
    Community Member

    Nextcloud or Owncloud which is pretty much the same are both the same as dropbox. They syncronize data into and from a cloud server. Only difference is that nextcloud runs on your private server instead of an open server, where you never know what these companies will do and if they have some kind of back-agreement with NSA, CIA or the like institutions which are interested in collecting all and everything of us humans.

    For me , being a german and usually very piky with what other companies like facebook, google etc. do with my data, the open cloud services are not an option. I simply dont trust them.

    And therefore I am somewhat surprised that a company like Agile doesn't know of it and/or are not interested, since the security of data is their core business.

    What you guys think ?

    cheers.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited June 2018

    @lowi82: We're familiar with NextCloud. But as I mentioned above we don't have any plans to develop, test, and support (to the extent that is even possible with 3rd parties) additional 3rd party sync options. 1Password.com is easier for users, more secure than local vaults, and we're able to offer an integrated experience there, which is not possible when depending on outside entities. You should check it out before forming an opinion. :)

    1Password.com security white paper

    1Password.com benefits and features

  • AGAlumB
    AGAlumB
    1Password Alumni

    Nextcloud or Owncloud which is pretty much the same are both the same as dropbox. They syncronize data into and from a cloud server. Only difference is that nextcloud runs on your private server instead of an open server, where you never know what these companies will do and if they have some kind of back-agreement with NSA, CIA or the like institutions which are interested in collecting all and everything of us humans. For me , being a german and usually very piky with what other companies like facebook, google etc. do with my data, the open cloud services are not an option. I simply dont trust them.

    @pgraetz: Indeed, we wouldn't use the "cloud" for 1Password either if the data wasn't end-to-end encrypted. 1Password simply doesn't depend on the sync service to protect data though. 1Password is secure by design, not by chance.

    And therefore I am somewhat surprised that a company like Agile doesn't know of it and/or are not interested, since the security of data is their core business. What you guys think ?

    Because security is our core business — our whole business — we've built our own service so we're not dependent on someone else to (hopefully) make good decisions when it comes to security, and so we can also do what must be done to audit and improve its security. With an outside company, it's not in our power to do so. But with 1Password.com, apart from our own efforts, we participate in external audits and cooperate with independent security researchers to find any flaws so we can fix them. And since we never have the "keys" to anyone's data, they cannot be stolen from us; even if the encrypted database is, an attacker will not have what they need to decrypt it — and will not be able to brute force the Master Password + (128-bit, randomly-generated) Secret Key either.

    And, not only can we ensure that 1Password.com is a secure option, but it's also a usable option that almost anyone can manage. Most people aren't going to be able to run (and maintain) their own private server, and security and privacy are things that everyone deserves, not just "power users" willing and able to fiddle around with stuff like I enjoy doing. :)

  • pgraetz
    pgraetz
    Community Member

    @brenty. In the back of my mind I have memory that NSA or was it CIA tried to enforce developers (phone companies) to include a backdoor in any particluar layer of the software so that they can read whatever there is (for the reason of identifiing terrorist, I guess).
    So you cant be sure there is 100% secure algorythm and encryption. These guys dont use brute force. They will use the law to force their way in without us users even knowing about :o)
    Haveing your own cloud server is pretty simple and cheap nowadays. The only thing you need is a NAS which includes already the software (e.g. a synlogy or qnas or asustore). You get this for a couple of hundert dollars already.
    I just dont want my data in the hands of a US company (like dropbox, google or any other). Even if it is encryptet.
    Call me paranoid, but better save then sorry.

  • Hi @pgraetz. I fully appreciate your paranoia. We're a company full of paranoid people. In fact, we're a Canadian company, so with a 1Password account, your data won't be in the hands of a US company. That said, I recommend taking a look at our law enforcement policy here: https://1password.com/legal/law-enforcement//

  • AGAlumB
    AGAlumB
    1Password Alumni

    @pgraetz: Also, in case it helps, we offer 1Password.ca and 1Password.eu membership options as well, which are hosted in Canada and Germany respectively. :)

    But more to Peri's point, we will only turn over any information in response to a court order in accordance with Canadian law, but what they could get from us is encrypted data, not the keys to decrypt it (only individual users ever have those). Also, only AgileBits team members in the EU can access 1Password.eu, and only those in Canada can access 1Password.ca. So you're in good company. ;)

This discussion has been closed.