Advantages of 1Password over Enpass

cube2222
cube2222
Community Member

I've been testing 1Password recently, and I really can't find one reason (apart from the interface, which is only marginally better, as enpass also has a great one), to use 1Password over Enpass. 1Password costs ~60$ + 10$ one time fee, or 36$ yearly. Compare that to Enpass where desktop is free and mobile is 10$ per platform one-time. Enpass is also available on linux, and has great windows desktop and UWP apps. Their beta already works as an Edge extension. Just to make it clear, I'm no Enpass advocate, I'm just discovering different password management solutions and I'm quite confused about this one. What are the real advantages of 1Password which are worth those 36$ yearly.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @cube2222: I hope you don't mind, but since this is a pretty general question, I've moved it to the Lounge category of the forums so non-Windows folks will see it as well.

    I can't speak to anyone else's business, but a 1Password subscription gives you a few major benefits (along with many others):

    • Web interface for your data.
    • Access to all of the apps, any future updates, and no license wrangling.
    • Option to upgrade to a Family or Team plan if and when sharing becomes important to you.
    • Personal support from actual humans.
    • Automatic syncing with no configuration.
    • Easy setup of as many devices as you wish.

    What appeals to one person may not appeal to another of course, but in additional to the value you get now, we're always improving the apps and service using customer feedback, so if there's something that 1Password doesn't do for you yet, perhaps we'll be able to better meet your needs in the future. Let us know if you have any other questions, comments, or feedback! :)

  • cube2222
    cube2222
    Community Member
    edited July 2016

    Sure, couldn't find the lounge category earlier, thanks.

    The thing is, again, is that what you offer for 36$ a year, because it's not much. Which I'm deducing from the fact that lastpass costs 1/3rd of that price, and allows exactly the same features. At least for single users.

    Also, thank you for the quick answer!

  • AGAlumB
    AGAlumB
    1Password Alumni

    @cube2222: It definitely doesn't offer the same features, and "not much" is a pretty subjective assessment. However, 1Password may not offer anything that you happen to care about. In that case, it's a personal choice. I'm not certain of their trial offers, but the best way to see if 1Password is a good fit for you, both feature- and value-wise, is to try it and find out. Cheers! :)

  • khad
    khad
    1Password Alumni
    edited August 2016

    @cube2222,

    I think it’s great that you’re considering a password manager, and I'm happy to talk about 1Password. But I do not wish to say or imply anything about any other specific product or service. I'd like to add just a bit to what Brenty already wrote.

    Why 1Password?

    • 1Password comes with responsive support. I think this is one of the most important aspects of 1Password. Time is money, after all. I hope our replies here are some indication of the kind of customer service you can expect from AgileBits. We are always available to help, whether there is a problem or if you just have a quick question. And we always love customer feedback.
    • 1Password protects your data using a publicly documented format. It's completely buzzword compliant—authenticated encryption with key derivation: AES-GCM, PBKDF2-SHA256, RSA-OEAP, and SRP—but, more importantly, the format used by 1Password is available for scrutiny by you and the security community at large. You have secrets; we don't. Why our data format is public.
    • 1Password is the only password manager that has ever won a design award. As Steve Jobs once said, “People think it's this veneer — that the designers are handed this box and told, ‘Make it look good!’ That's not what we think design is. It's not just what it looks like and feels like. Design is how it works.” 1Password is an Ars Design Award winner. This comes back to the notion that time is money. If everyone in your family can (1) start using 1Password quickly and (2) easily understand new features when they are rolled out, then you save money on time that would otherwise be lost trying to figure something out or fight with a new version. If price is the only consideration, there are plenty of free tools available, but your time is more valuable than that.
    • 1Password is encryption-based rather than authentication-based. Our security architecture means that a family organizer can recover accounts for other family members. We at AgileBits can never do that. We simply cannot perform a traditional "password reset" for you. With traditional password reset mechanisms, your secrets are only as secure as all your family members' email accounts. With 1Password, account recovery can only be initiated by a family organizer. Learn more in the 1Password Security Design White Paper.
    • 1Password is funded by you not advertisers or investors. Last but definitely not least, we have sustainable prices, so we can serve you for years to come without exploiting you or your data. It’s possible for a company to cut corners on pricing, but then they might need investors’ money, a buyer with deeper pockets, or — worst of all — advertising money at the expense of your privacy. We have gone out of our way to build 1Password so that we have no information about your data or about how you use 1Password. It is not merely that we choose not to collect or use data about you; we have designed our systems so that, for the most part, we don’t even have the capability to collect data about you or how you use 1Password. Learn more about 1Password privacy.

    Why a 1Password subscription?

    It's easier to manage a single subscription than it is to keep track of individual licenses across different platforms and version upgrades. The subscription model also allows us to build in features and services that wouldn't be feasible in the standalone apps, like central hosting and vault management.

    If you have a 1Password account:

    • Get all the 1Password apps for free. No matter which plan you choose, you (and every member of your family or team plan) always has free access to the latest versions of all the 1Password apps. Learn more about all the features included with a 1Password account.
    • Share and sync without the need of a third-party sync service. Setting up syncing with Dropbox can be confusing for some folks. With a 1Password account, simply sign in and all your data is there.
    • New vaults automatically show up for family and team members. When you create a new vault, you can add others in your plan to it automatically. They don’t need to do anything to see it and begin using it on their end.
    • Set permissions for each person on each vault. Some passwords can be set to read-only, for example.
    • Recover accounts if a family or team member forgets their Master Password. I mentioned this above, but this is a huge one and bears repeating. We have always prided ourselves on our security model which has no back door. While we still can’t recover anyone’s accounts, you can now recover accounts for your family and team members.
    • View, edit, and add items from any browser. You’ll always have access to your data on 1Password.com, even if you're away from your main devices.
    • Access your data even if you stop paying. Your data is yours. Even if you ever cancel your subscription, you can always view and export your data.

    What about a standalone license?

    All that said, lots of people simply want to buy an app once and start using it. We totally get that. And that's why we have no plans to stop providing the 1Password apps for individual purchase. We're going to keep supporting anyone who chooses to use the apps that way, and the individual apps will continue to see new features and developments provided in free updates.

    If you purchase a 1Password single version license instead of a subscription:

    • Get updates for the version your purchased. For example, if you buy now, you’ll get all updates to 1Password 6 for Mac. 1Password 7 for Mac will require a separate purchase.
    • Pro features on mobile devices available as a separate purchase.
    • Sync your data yourself. Use iCloud, Dropbox, or WLAN Server on your local network.

    And you’ll get the same helpful, one-on-one support from us. :)

    If you have any additional questions, don’t hesitate to let us know. Whatever you decide, stay safe out there!

  • cube2222
    cube2222
    Community Member

    Thanks for the answer! I must say I'm really positively surprised about your responsiveness and I think it's the best part about your product. Keep it up! Having a business model which scales and lasts is important too. Currently testing 1password but I'll probably stay with you.

    However, some feedback. Both windows apps (the new ones) are very underdeveloped. One of the visually most important things, the lack of icons. On the web version I'm getting pretty icons, the windows versions lack it, and it's not that hard to add. The Android version is also lacking a few icons in comparison to the browser client, I hope you'll change that too.
    Thanks for the fast answers again!

  • khad
    khad
    1Password Alumni

    @cube2222,

    It's my pleasure to help. The Windows app is still in beta, but it's being improved at a very steady clip. I think you would be amazed by how much it has improved even in the past month or so. If you stick with it, I think you will be rewarded. You may also be interested in the 1Password beta for Android. :)

  • SoftAllan
    SoftAllan
    Community Member

    @brenty, @khad
    Excellent written! :)

  • khad
    khad
    1Password Alumni

    Thanks so much! :)

  • crisbennett
    crisbennett
    Community Member

    I'll just add one signal advantage of 1Password is that it works really well!

    I've just tried Enpass for a couple of days, despite a very happy history of using 1Password (long story, but it comes down to desperate cashflow problems on my part and Enpass being cheap).

    Enpass isn't without merit at first glance, albeit it is highly derivative (to put it kindly) of 1Password. But I found it just too buggy to use. It kept duplicating entries on sync, and its browser extension url matching works much more poorly, requiring me to manually search through entries for many logins (made much worse by the entry duplication).

    Honestly I spent more time troubleshooting it in 2 days than I have in years of using 1Password. This is not to condemn Enpass outright: it is clearly being developed at quite a clip and I'm sure it's worth keeping an eye on for anyone interested in this kind of app. Competition is good.

    But for the sake of my own time usage I'm sticking with 1Password (as an aside, Agilebits folk: you should make it clearer on the Pricing page that monthly subscription payment is available. I literally couldn't afford it annually, hence the Enpass detour, which I probably wouldn't have taken had I known monthly payments were possible).

  • AGAlumB
    AGAlumB
    1Password Alumni

    @crisbennett: Competition is definitely a good thing! Thanks for the kind words, and the feedback regarding pricing information. We'll try to make it clearer that paying monthly is also an option (alongside a single payment annually). I think you're right though: I do take it a bit for granted since 1Password just works for the most part. It's an invaluable tool that I use at least dozens of times throughout the day, and it's easy to overlook that sometimes. Cheers! :)

  • [Deleted User]
    [Deleted User]
    Community Member
    edited April 2017

    @crisbennett your experience with Enpass does not match mine.

    Enpass is not as polished as 1P (I have been using 1P for nearly a decade for personal use and for my company's use), Enpass doesn't support teams, families, DFA and such.... but it doesn't need to.... for a standalone user it works a treat.... I sync 3 devices via iCloud with zero problems (and no monthly fees) ... and they still seem to listen to their customers... which I like (yeah, I am old and I still seem to think that matters).

  • AGAlumB
    AGAlumB
    1Password Alumni

    Interestingly, what you describe is how a lot of people have used 1Password for years and continue to today. Certainly different folks will have different preferences though. We're committed to continue to improve 1Password, even if we can't please everyone. I'm glad to hear that you've found something that works for you. Thanks for sharing your thoughts. :)

  • [Deleted User]
    [Deleted User]
    Community Member

    Yeah, its how I used it for years....I would have continued with it too, if I could buy it, and not host my data on AB's (Amazon or whoever) honeypot servers.

    ....and yes, I really like it that my comments are now blocked because I am, apparently, a spammer...AB have my email address, I have been on this forum since mid 2013...but now I am a spammer... guess you don't like what I have to say any more.

    Yeah yeah, sure, its the spam filters fault.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited April 2017

    Yeah, its how I used it for years....I would have continued with it too, if I could buy it, and not host my data on AB's (Amazon or whoever) honeypot servers.

    @toasted: I'm not sure I understand. If you've been using it for years already, presumably you already have a license which you purchased. If so, nobody's taken that away from you, so I don't quite understand where this is coming from. And the "honeypot" comment is just plain nonsense. I'm sure you know that, based on your interest in security. But for context, I'd like to offer a few simple points that summarize how 1Password secures our data:

    1. 1Password data is encrypted locally using the Master Password and Secret Key before it is transmitted.*
    2. The server receives only an encrypted blob to store in its database.
    3. The Master Password and Secret Key themselves are never transmitted.

    *Note that this is how 1Password has always worked, but you only have the benefit of the Secret Key strengthening your Master Password with 1Password.com.

    Suffice to say, even if someone gains access to our server and dumps the full database, they simply don't have what they need to decrypt it, as each individual user alone has the keys to their data. So an attacker won't have that and can't get it from AgileBits, even if they get everything else. We've designed 1Password.com with this in mind, because we don't want our customers' or our own data to be vulnerable in the case of a server breach. The internet has seen enough of that already.

    ....and yes, I really like it that my comments are now blocked because I am, apparently, a spammer...AB have my email address, I have been on this forum since mid 2013...but now I am a spammer... guess you don't like what I have to say any more. Yeah yeah, sure, its the spam filters fault.

    I'm not seeing where your comments have been blocked. It sounds like you ran into the same issue others have when posting multiple comments rapidly, and were throttled temporarily as a result. I'm sorry to be the one to tell you this, but you're not receiving special treatment. Certainly the snide remarks are uncalled for, but the conspiracy to silence you is imagined.

  • [Deleted User]
    [Deleted User]
    Community Member

    presumably you already have a license which you purchased.

    Yes, many 1Password licenses. On MacBook laptops, iMac, iPhones and iPads.

    I don't quite understand where this is coming from

    I appreciate that AB need to assess the customer take up of the subscription model and weigh that against the income from the license model. AB needs to assess the reputation damage (if any) from abandoning users who want to utilise a standalone model against the advantages of supporting a subscription model only - removing customer purchase confusion, dealing with customers that cannot set up sync, making more income etc.

    In the meantime, clearly AB needs to be evasive in responding to questions about the future of standalone licenses so as not to commit one way or the other until the assessment results are clear. (and in being evasive and condescending, try not to alienate long time users in the process...oops... might be too late for that)

    Anyway, I don't want to risk a situation where:

    • my Mac devices cannot be upgraded to the new operating system (and by such upgrade be as secure as possible)
    • nor can they be replaced with new models,

    because:

    • my version 6 copy of 1P is not supported on the new OS, and
    • upgrading 1P necessitates going to the centrally hosted subscription model.

    So I decided to start using Enpass (and a couple of other off line managers) in my own time, rather than having to rush doing the migration if/when the situation at 1P becomes clear.

    the "honeypot" comment is just plain nonsense

    Sorry, I don't think this is nonsense at all....a site with tens of thousands of sets of passwords and is a greater target than my iCloud account (assuming sync) or my off line device. Anyway thats it for me...I have wasted too much of my time on this forum and I too am 'sick of the toxic discussions'

  • I think it's great that you're looking at other password managers. I would hate for people to think that we're the only game in town. We have some really good competitors, and they keep us on our toes. We've purposefully built our 1pif format such that it exports all of your data in a structured way so that other apps could import from it easily. We struggle to import from the others due to their lack of a good export format. The last thing we want is for a user to feel like their data is trapped in our app.

    We know that we're signing up to be a target, and it's not a responsibility that we take on lightly. This is exactly why we run the BugCrowd program. We provide those researchers with as much information as possible in order for them to try to find holes in what we've done.

    Rick

  • rickcr
    rickcr
    Community Member

    I came across this forum post, while I'm re-evaluating what password manager I want to continue to use for my wife and me. Certain things weren't mentioned above and when you start googling for some comparisons they miss certain things which to me our "key," but possibly to you they are not. Keep in mind the date I'm writing this is 10/7/17 so it could change when you're reading this and correct me if I'm wrong on things.
    Enpass - UI is ok. Cheaper. Issues: No easy way to share your vault with a family member (unless you want them to use the same cloud account - dropbox/onedrive. You can sort of get around this on the computer, but more difficult on your mobile device.) No identity support for form fills? Seriously? They say it's on their radar, but this is a deal breaker for me. Yea I guess browsers now can store a lot of it and have autofill work, but it's not consistent.
    Lastpass - ugh. The UI is just still horrible in my opinion and not even intuitive. For example, I thought there was no way to enter in bank account info, but it turns out it does exist under "form fill" but it's just clunky. LastPass is a missing a ton of storage for other types of things you'll often want to store - it's really only good for site logins. Yea you could make your own form fields, but I don't want to mess around with that for things. Another goofy thing is you have to go to "edit' just in order to view secure note info. The UI still in 2017 is just so clunky esp the form fills UI, that it bothers me.

    Bottom line is 1Password is the best out there bar none. Now, is it worth the price? I think for a family, it is for sure. For a college kid with just one credit card and then a bunch of site logins, maybe not so much. For basic website login form fills some of the cheaper alternatives work ok, but I use 1Password for much more than that - it's my secure vault for important family notes. Insurance info, family ssn's etc, server logins, the list goes on.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @rickcr: Yeah the tough thing is that what's "key" to me may be irrelevant to others. For example, privacy is at the top of my list. There are a lot of things we could discuss on that rather broad topic, but you raised a good point about sharing: sharing a local vault with someone else means sharing all of its contents and the Master Password with them, otherwise they could not access it. So one of my very favourite things (in addition to automatic offsite backup and account recovery) is that I can share data with my loved ones without sharing everything, and they can still use their own Master Password to access it. :sunglasses:

    I'm glad to hear that you prefer 1Password to the competition; though a bit bummed if it's because of how much you dislike the alternatives, I take that not at all personally and, frankly, as a challenge for us to keep making 1Password better to really wow you. That's what gets us up every morning. :)

    You also make a fair point that, arguably for basic individual use, 1Password may seem a bit pricy to some. There's a lot to recommend 1Password, but it's up to us to demonstrate that value to people. Certainly we're doing a bit of straddling here to try to make it easy for anyone but also powerful enough for advanced users, and I can see that we have room to improve in both regards. And even as we make 1Password better, the competition isn't going to sit still. So it's good to get the love and constructive criticism that both inspire us to do better. Thank you, and don't be shy about sharing any other comments, suggestions, or feedback you have. We're listening. :chuffed:

  • macdabby
    macdabby
    Community Member

    To answer the OP - I switched to enpass a few months ago because I ditched Mac (won't list all those reasons) and use Linux. 1password was unfortunately not available. If it was, I'd probably switch back immediately.

    1password has an ios plugin that let's you use 1 pass in your mobile browsers. I'm on Android now but maybe they'd have the same thing.

    Also 1password has a daemon process running so you can always use your desktop browser plugin. Enpass requires you keep the app open which quits when you close the window. This is a minor annoyance, and I tried explaining a daemon process to enpass developers and they didn't seem to get it - they tried to convince me it wasn't necessary.

    One thing I do prefer in enpass is that they allow you to store data on your own cloud for sync. I know 1password has it's own cloud, and they are pushing towards this, but it's a monthly fee - why pay for this when I already soend hundreds on running my own servers for all kinds of other data? And they seemed to be phasing out wifi sync the last time I looked.

    All in all I did like 1 pass better but not having linux is a deal breaker. I hope they port it soon.

  • Ben
    Ben
    edited December 2017

    Thanks for the feedback, @macdabby. We do have a command line interface and a Chrome plugin for 1Password.com, and each of those will work on Linux. :+1:

    Ben

  • Sorki
    Sorki
    Community Member
    edited January 2018

    I've been using 1password for years now. I bought all the stand alone versions for all my devices from different vendors. The interterface and functionality is unmatched in any other password manager.

    But, I made the switch to enpass this week. Not because its a better software, but because (and solely because) of the lack of a decent cross platform sync functionality other then dropbox.

    I registered just to give this last feedback, do something with it. Maybe one day I'll be a 1password user again.
    Sad to say goodby, but after years of waiting its time to move on.

  • AGAlumB
    AGAlumB
    1Password Alumni

    This discussion really isn't about sync, but we don't currently have plans to add additional 3rd party sync options, as the vast majority of our customers are not satisfied dealing with sync configuration, and with 3rd party options that we're not designed for syncing 1Password data seamlessly, and which we cannot fix for them when they have trouble. So our focus is on 1Password.com for now, since that makes both security and convenience easy. I get where you're coming from, as a tinkerer myself, but there's something to be said for saving our time and energy as users for more important things than figuring out how to setup apps; most of us would rather just use them.

    I'm sorry to hear that you've decided that 1Password no longer meets your needs as it once did. We haven't removed options, but of course your needs may have changed over time and it sounds like you want more. Unfortunately that's not the case with most people. I'm glad you've found something else that works for you though, because we'd much rather have you use a competitor's product than something awful like a spreadsheet. Stay safe out there!

  • Manaburner
    Manaburner
    Community Member
    edited January 2018

    I totally get why people with special syncing needs or who don't want to pay a subscription want to change to something else.
    But I would be wondering, why other vendors like LastPass and Enpass (just to mention two, I'm not fingerpointing or anything) offer their product for a very low price or even free. Nobody has anything to give away. So they either make money in other ways (e.g. have a big company behind them with unknown intentions, sell your data, track you or worse) or they will soon be out of business.

    LastPass for example has been bought by LogMeIn in 2015. I don't want AgileBits to be sold to some shady company or investors but want them to remain independent. That's why I'm paying a subscription, even if I currently don't actively use 1Password.com (because 1Password.com is missing some features I need).

    Again, I'm not saying that it's a bad choice to use LastPass, Enpass et al., if you want to use that, feel free to do so. But I personally wouldn't.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Indeed, it's important to us to maintain our independence so that we're not motivated or mandated to do things that can impact customer privacy or security, like ads, outside funding, etc. There's nothing inherently wrong with those things, and companies that to that are not necessarily bad. But when it comes to software that we use to protect our privacy and security, we need to be sure that our business model aligns with our customers. And getting money only from our customers is a simple way to do that.

  • Baldwin90
    Baldwin90
    Community Member

    I might as well weigh in on this one. I understand that most companies are moving to the SaaS model because it's the only way to maintain revenue once you've reached your critical market share. But right now I personally feel like I can't trust this company enough to pay them.

    I bought a bundle for a Windows license and a Mac license about 3 years ago. The reason why I picked 1Password was specifically because it allowed me to keep my vault out of a centralized cloud and because it was "pay once." The implication of the license key is that you get the updates that come along with it, but you pay a hefty sum for that privilege.

    1Password is now not only telling me I have to pay for a new version of the software, but I have to pay about as much for one OS as I paid for two. Now some may argue that nobody is forcing me to upgrade to the new software and that my key is still valid, but this isn't that same as normal software. If I bought a license for Photoshop, back when those were a thing, I could use that version of photoshop until the end of time and simply miss out on cool new features. With 1Password my password security is in jeopardy because it's not getting security updates. Now that my passwords are stuck on an outdated piece of software their security is being held hostage by a pay-wall. You don't even offer discounts for users that paid for the previous version.

    So now we're expected to pay for product keys, which are the most expensive I've seen for consumer password managers, that we know will become obsolete and risk the security of our passwords if we don't pay up in the future.

    I say all of this to contrast Enpass. They specifically state on their site that the desktop client will always be free and you just have to pay $10 to use it on iOS and another $10 for android. Just putting aside how clean or responsive the UI is comparing the two, the major issue is that a user's security should never be held hostage with a pay-wall. This is especially true for a customer that has already paid you specifically for security.

    Basically, 1Password has made me feel alienated and very distrusting of their future practices. If this doesn't change then I have no logical reason to stick with 1Password and will be forced to migrate to a company I can trust.

  • XIII
    XIII
    Community Member

    They specifically state on their site that the desktop client will always be free and you just have to pay $10 to use it on iOS and another $10 for android.

    How can they stay in business (and provide security updates) with that kind of pricing?

    (According to the release history of iOS they have been around for at least 3 years though)

  • Ben
    Ben
    edited July 2018

    I think that is a very valid question to ask especially when things are offered for "free." Where are they making their money? It seems unlikely that they are going to be able to survive on a $10 on average ($20 at the most) one-time payment from each customer, with many customers using the product entirely free. The economies of scale just don't seem to work out there (do some quick math). Quality developers and customer service folks are expensive. So I'd suspect there is some other revenue source, or they are operating at a loss. If it is some other revenue source, what is that source? If they are operating at a loss that is only sustainable for so long.

    Like everyone we need to be paid for the work that we do. 1Password is all we do. We don't sell advertising space within the app or on our website, we don't sell what little customer data we have, and we don't have a stream of venture capital that allows us to operate at a loss. As such we need to charge a rate for 1Password that enables us to continue to fairly compensate the talent that we have and offer competitive wages to continue to attract new talent. I totally understand if some folks aren't willing to pay that. Each of us has to determine what value our money has to us and what value 1Password provides. If those numbers don't match up -- I get it. But I certainly feel for me that they do, and obviously a lot of other people agree. :)

    Also -- for what it's worth -- software licenses from us have always been advertised as being for a particular version of 1Password. We've never sold licenses that included perpetual upgrades. In version updates, yes. Upgrades, no. That is fairly typical in the software industry.

    Ben

  • Baldwin90
    Baldwin90
    Community Member

    That message was all I needed to decide you don't care about customer loyalty. You're more than willing to erect a pay-wall for the security of passwords people have painstakingly added to your platform. It literally took me weeks to add all of my data from the start, and I only added to the effort with each new login. I see now that you are willing to use fear to drive them away from competitors by saying their business model is unsustainable rather than being competitive or even validating that it's clearly a better deal for locally stored passwords.

    You don't even offer upgrade packages to make it cheaper for people who already bought previous versions. You also fail to recognize that you're most loyal users are driving a lot of customers your way. I have had countless people install 1Password because I trusted it to not sell out and use cheap tactics to get users to pay for upgrades out of fear. Do you honestly think older versions are impenetrable to attacks and that older users are safe to keep their sensitive data on outdated security software?

    From now on I'll be recommending Enpass to literally everyone I can, especially 1Password customers, if for no other reason than I now have to migrate my data by hand because your export process doesn't include documents.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Baldwin90: You can export all textual item data to 1PIF or CSV, and since Documents are just files those can be saved to disk as well.

    Anyway, this has nothing to do with fear. I think it's important to note that to date there aren't old versions of 1Password that are unsafe for people to use. The security concern ends up being that OS and browser vendors stop issuing fixes, so sticking with an outdated version of those ends up being a real risk. And that's one of the many reasons that 1Password requires ongoing effort to maintain to a degree that your old version of Photoshop doesn't: continuing to use an outdated OS and browser is unsafe, so we need to stay on top of things to ensure that our customers can stay up to date without worrying about whether or not 1Password will work. It's quite literally a full time job, for our whole team.

    For myself and many others, it's important to know that someone else can't make us change 1Password to suit their purposes; our revenue comes only from our customers. I don't disagree with your statement — "a user's security should never be held hostage with a pay-wall" — in principle (and that's why you can access your data in 1Password even without paying; we never lock you out of your own data), but ultimately it's a very clever way of saying that you want to pay once for us to work for you forever. And like Ben said, that's not really sustainable, at least not for us as an independent software company which isn't going to sell ads, sell user data, or sell out to someone else.

    In practice, security is an ongoing process. You seem to recognize that. And along with that comes the reality that if you want the software you use for your security to be continually updated, somebody needs to be paid to do that, one way or another. A lot of people choose 1Password because of our business model, since it's 1:1 — you pay for a specific thing we made. Building stuff costs money, whether that's new CPUs to work around Spectre and Meltdown, or a new version of 1Password with additional features like the new Watchtower.

    At the end of the day, we don't expect or demand "loyalty", as that would mean you and others would keep paying us and using 1Password out of obligation. We'd rather people use 1Password because they want to. If you're happier using something else we don't begrudge you that. The important thing is taking control of your security.

  • Ben
    Ben
    edited July 2018

    Just to add to what Brenty said... if we wanted to lock people in with a pay wall this wouldn't be true:

    You have secrets; we don't. Why our data format is public - AgileBits Blog

    Our OPVault and (legacy) Agile Keychain formats are open. Third party tools can and have been written to read them. We’ve answered questions that have helped enable this. As mentioned in the article we can’t really recommend entering your Master Password into anything that isn’t 1Password, but the point is that it is entirely open which is the opposite of a pay wall.

    This is an older article (pre-memberships, and before we named OPVault) but the premise is still valid. You make a reasonable point about the limited nature of the export/portability of Document items from memberships using the 1Password apps and that is definitely something we’d like to address. There is room to do better here.

    Ben

This discussion has been closed.