1Password and the Dark Side (I guess we're here)...

Hello everyone,

as previously mentioned, I was very concerned with what 1Password, a well known password manager was doing in regards of permanent licenses and non-vendor sync options, and last year they totally dropped the ball.

I made fun of their mention that they "won't forget [their] roots." of selling licenses (and also several assurances of not planning to remove standalone vaults (although the forum topics are hidden now, to no one's surprise) including using Walter Ulbricht as a reference, one of the most well known liars in German history known for saying that nobody has the intention of building a wall 2 months before.)

And well here we are, 1Password has come being both subscription only and only with vendor-based password sync.

I know I am late to the party, but that frankly does not matter and I will be writing about this as I think it's stupid and I also had written about it in the past.

while cloud sync generally is a viable option for keeping the password everywhere, the term cloud is relative. I have once read a very nice view on this. "The cloud is just someone else's computer", which is mostly true, but it might as well be your own. And this is the point I wanna make. cloud sync is not the same as a sync offered by the vendor's option. after all the vendor does both have the data in the backend as well as the application itself, which makes them a very fine hacking target, especially with a website based password manager being offered as well.

They also often mention something about trust and how hard it is to gain and how easy it is to destroy, I might add it's kinda like a house of cards, an absolute pain to build up but it's super easy blown down, and yet they go in like a typhoon and destroy it time after time.

It frankly pains me the way they chose to go, and I think I'll stay with password managers that dont even offer a vendor-based sync option so they wont get ideas, except for bitwarden which is one of the few open source password managers with great sync and team options.

Comments 1

  • I never used anything other than KeePass or browser built-in password stores. I am still a massive fan of KeePass and never saw a reason to look for a new one.
    The whole thing looks different in a company setting with multiple people accessing the same passwords. Passwords are just a suboptimal solution if employees rotate.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.