So, it seems 1Password is going the monthly subscription route and will offer cloud syncing:
I’m not sure how I feel about $3/month.
LastPass charged $1/month which I am fine with and am slowly moving some of my password off KeePass to Lastpass. But at $3? They will have some tough competition, in my opinion.
That all happened well over a year ago. They still allow you to buy the apps and sync with dropbox or locally, if you want.
I agree that $1/month is far more palatable than $3. I was happy paying Lastpass and am slightly concerned that the service is now free.
Guess the news was more about the move to cloud sync instead of local storage but the $3/month caught my eye more. I think Lastpass has set a precedent on cloud storage. No big deal, honestly, why are people so concerned about that?
For me it’s a weird catch 22. With my 1Password vault on iCloud, someone has to get through my 2factor authentication on iCloud, and then through the vault encryption. I can have my vault password something easy to remember since I need to enter it a lot. I trust iCloud and Dropbox fairly well. Plus, there is the general encryption on the vault.
With all my passwords on a site, I’d want my 1Password.com password to be a strong password. Something like Sjhfjhs1232!#($#alkjdsfljs. You know, the type of password I’d want to keep in 1Password. Oh wait. Plus, I’m hoping it would also use the authenticator component of the mobile apps.
Edit: that said, I don’t have a problem with a subscription service. I need to read more about how they feel the cloud is more secure than the other options.
Here’s the thing that I don’t quite get. If it is local storage, why not KeePass which is free and super popular and cross platform support? I have been using KeePass for the longest time but one thing that frustrate me is that I have to always import the local vault from iCloud into KeePass in iOS (if there are changes). So whenever I needed certain password, I will have to recall if I recently change it. And if so, where? If I changed it in the phone, I had to export it out to iCloud. If I changed on the PC or Mac, I need to import back into the phone.
That inconvenience made me move to Lastpass where all the password are sync to cloud and I get it in all devices.
I am assuming 1Password need the same import/export to and from the phone?
Habibi: KeePass has a ‘sync’ button that you can use between, say, your charging mobile phone connected to the pc and thus mapped as a ‘disk drive’ and your file stored on C:, so that it will update all entries in both ‘files’ with the most up to date for each entry.
Do you think they’ll be more vulnerable now that they’re primarily free? You can still pay if you want, right?
It is still not as convenient as Lastpass where password is available “over the air”. But good to know that there is a sync button when connected to the PC on wire.
They aren’t more vulnerable, no. The issue is that when you pay you’re the customer. When you don’t pay, you’re the product.
It’s unclear how Lastpass is monetized today. The vault shows an ad but I block it and look at the vault maybe 3-4 times per month anyway. So how are they staying afloat?
Yes, you can pay them, but there’s no particular reason to do so.
Consumers get the free version (with option for premium), but they do have enterprise licensing. Maybe that’s their play?
That worked for Dropbox, but their free product was so castrated that it wasn’t particularly usable without a great deal of effort. So lots of consumers pay for Dropbox. I can’t imagine many will pay for Lastpass once they realize what they’re paying for.
Edit: I just looked into the 1password thing. While they did start pushing customers to their hosted option over a year ago, as of yesterday they really mean it-- they are still officially supporting the local vault, but aren’t actively selling the non-subscription software any more. If you want it they tell people to email them and they’ll “work something out”. Which means that the local version really is essentially dead now, as opposed to mostly dead before.
I’ve been using 1Password’s cloud-syncing Family plan for over a year. I think we pay $5/month and can have up to 5 family members on it, unlimited vaults, and the apps are free. I’ve been extremely pleased with it since we moved to that plan. The sync works perfectly and the individual personal vaults are only accessible through the password set by each participating family member.
Yeah, and Lastpass is completely free forever. You do lose that shared family vault, though.
Lastpass is $12/year/person for Premium. Worth it to let the wife and I gain access in an emergency.
I’ve heard here many time that this service or that service is cheaper. I’ll grant you that: 1Password is not the cheapest on the block. However, for somebody deep in the Apple ecosystem (me, my family), it does its job really well. On top of that, I really like Agile Bits as a company. They really seem to care about their customers. I guess I’d rather spend a little extra money to support a small company that I admire.
Oh, certainly! Wasn’t trying to sway you to Lastpass. Just figured I’d toss the pricing out there. If you actually use 5 accounts, it’s a wash anyway :)
No doubt, I’d be using 1Password as well if I were all-in on Apple.
Well, you could just share your lastpass passwords.
There are certainly workarounds, but using LastPass at all is a big deal for my wife. Keeping track of whose account is whose on sites where we each have accounts is do-able, naming the site in the vault, but a bigger PITA then each of us maintaining an account. I also don’t mind supporting them (Logmein now I suppose) for all the utility I gain from the product.
Here’s an article about password managers. It argues against using any web-based password manager service.
https://www.tbray.org/ongoing/When/201x/2017/07/16/On-Password-Managers
I’m pretty sure this part is incorrect:
I use the 1Password Chrome plugin to fill in forms for me, and this means I type the master password into a browser.
When I’m asked for my master password, whether using the app or the Chrome plug-in, 1Pass is using Secure Desktop, not the browser. (although you may have to turn this feature on in Preferences.) This protects against software-based keyloggers.