So I briefly tried 1P 8 and then noped right back to 1P 7. Here are some of my concerns, I hope they are fixed before general public release: Mini. This is how I use 1P daily. Seems that 1P Mini has been reduced to a search field. Fine, I guess. May be nice. But that I cannot change its keyboard shortcut. I mean, with 1P 7 I use a 2-key shortcut that is deeply engrained in my memory and prime at my keyboard alongside other key system shortcuts. You have to allow us to "import" that into 1P 8. Such customizations is critical on macOS. Also, does Mini require the menubar option be shown? Why is that? I don't show 1P 7 there because the keyboard shortcut is all I need on my desktop with 2 large displays. All that considered, it was in my testing nearly impossible to just bring up Mini from any app. Safari. Why require a separate app again, like was needed in the past and for Chrome? And it seems that it was not sensitive to showing logins for sites I am on like all 1P versions of the past did. Why? Will this be fixed? While the search is great for straight-up use, 1P in browser must be able to surface what it thinks will be needed most. Does it, too, need to be in the (about to be ever weirder, thanks Apple, but that is another issue not for you all) status bar? Because I also don't show it in 1P 7 given the keyboard being how I invoke 1P. Biometry. I use my Apple Watch multiple times a day to unlock 1P. In 1P 8 Mini the main 1P window always had to come up, and then me click a button, to trigger it. In 1P 7 Mini it just initiates the biometry itself. Why is this so much more user-intensive now? This, too, must be just as simple as it is today. Unlocking the main window was equally button-heavy. This is just untenably annoying. Electron. I mean, really, maybe it can be made to look more like the existing macOS app and other Mac apps. But that is way too heavy for a password manager. Please reconsider and go back to Cocoa. Maybe I'm needlessly harsh on this point. But given my others, this is a compounded concern. I use VS Code almost daily. I've grown used to it. That is Electron. But one of the main reasons I use 1P is its nativeness. Regardless the tech underneath, 1P 8 does not feel native. This is a serious disappointment. Preferences. As I alluded to above, all existing 1P 7 preferences must be present in 1P 8. I have 1P set up how it works best for me. Not just keyboard shortcuts being all custom, but nearly every preference I likely have tweaked at one time or another. These must stay customizable. All of them. I truly am sorry if this feels harsh. As 1P support staff may know, I post here often with questions and answers. I've used 1P since it used the Mac OS X keychain for storage and now use Families. I write software (web, iOS, Mac, etc.) and manage websites for organizations for a living, so have some idea of what feedback should be, but also how critical my password manager is in my line of work. It and its speed and stability are critical. 1P 8 truly saddens me and makes me wonder if my longtime support of you all was misplaced years ago until now. I am more than willing to continue this conversation here or in another venue. But I will not be trying 1P 8 again until it is finalized. This is unlike me, as I have used 1P betas in the late-summers for years. Kind of feel it is a role I as another developer should play. By general public release, I sincerely hope for all of us that my concerns, and the many concerns expressed by others here, are taken seriously. Or that you do as Apple themselves are with iOS and keep 1P 7 fully supported and getting updates even after 1P 8 ships. 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided

Thank you for your honest feedback. Many of the issues you mention are expected to be addressed. But some, like the number and kind of preferences will be different in version 8. 1Password 8 represents a ground-up rewrite for us, one in which we have gotten serious about sharing core functionality between all platforms (Mac, iOS, Linux, Windows, Android). Another aspect of this goal was a more unified UI design between platforms. Originally, we were writing the Mac version in Apple's new SwiftUI framework instead of Electron. I think if we had continued along that path, many of these same issues would still be present - because it's a new code base, there are a lot of parts missing, and a lot of parts without polish. Mini is a good example where we lost our way a bit with version 7, and many saw it as a downgrade from version 6. I can tell you that the team working on mini v8 (now named Quick Access) is all about user experience, user testing, optimizing navigation flows, etc... It's a rethink of what 1Password mini should be. And it will be better to use. It's just in a _ very early_ form right now.

@chadseld Do you all have any sense of openness to feedback or just a firm belief that what you created is perfect. I just imagine your leadership sending internal memos right now saying "HOLD THE LINE!!!!" This part rings significant to me: "1Password 8 represents a ground-up rewrite for us, one in which we have gotten serious about sharing core functionality between all platforms (Mac, iOS, Linux, Windows, Android)." You're basically explaining why this makes it easier for your team but not better for users. Before you respond touting feature parity across platforms, at least acknowledge that a lot (probably most) aren't using 1Password across 3+ platforms. Secondly, you ignore the single biggest consensus feedback so far which is that folks want the app to feel native to each platform they use. I hope you will read and think about this feedback.

Thanks for your response, @chadseld. I've seen in other threads how some things (like user-definable keyboard shortcuts) are coming. Hopefully they, and many of my other concerns, much of which are real usability headaches right now, are addressed by the official release. My feedback was based on just minutes of use where I saw these serious usability issues. I now have both 1P 7 and 8 installed, though rarely use 1P 8 for now, and keep it quit (well, one or the other is quit while the other is running). I want to like 1P 8, because of my longtime use of 1P, the importance of things like multiple content types and shared vaults (otherwise, if I just stored passwords just for myself, I may have looked into moving to the Apple-built alternative coming in macOS 12 anyway, if just for curiosity), and simply that my data is already in it. But we'll see what I feel like as the early access alpha continues to beta and then general official release. My feeling is that if Quick Access' keyboard shortcut can be customized (as well as work sans menu option being visible), the Apple Watch unlock be made as convenient as it is right now in 1P 7 (no extra click, need of the full window), and the Safari extension works well (I could barely get it to unlock consistently or show my data) I will probably try living on the 1P 8 preview for a few days. But still, this direction of 1P makes me about if an alternative may be needed. Hopefully it won't, honestly,

Just out of curiosity, @chadseld, why does the product management team think that users want "a more unified UI design between platforms"? Mac users use Macs because we like how Macs work and want to use software that feels like Mac software (Google the phrase "Mac-assed Mac Apps" to see what I'm talking about); presumably, Windows/Android/etc. users feel similarly about software they run on their own platforms. So what (user-oriented) goal is achieved by having a more unified UI design?

I agree with @StevenBedrick. Mac users do not want a unified UI design between platforms. We want a Mac specific UI design that feels right at home on out Macs. That's why I have been a 1Password user since 2007. All Electron does is make it easier to manage the code on your end. It does nothing to improve the experience for end users, in fact it's degrading it. Web based apps never feel native. I can't believe that a company that once took great pride in their great Mac software has made the decision to use Electron. Unfortunately there aren't really any other Mac native password managers available, but now that 1Password won't be one anymore it will lose that edge over the competition which is unfortunate. I'd much rather see you do some tweaks to 1Password 7 and keep it around for another year or two instead of forcing Electron on us.

Former Member

5 years ago

Concerns About 1P 8 for Mac from a Web and Software Developer

So I briefly tried 1P 8 and then noped right back to 1P 7. Here are some of my concerns, I hope they are fixed before general public release:

Mini. This is how I use 1P daily. Seems that 1P Mini has been reduced to a search field. Fine, I guess. May be nice. But that I cannot change its keyboard shortcut. I mean, with 1P 7 I use a 2-key shortcut that is deeply engrained in my memory and prime at my keyboard alongside other key system shortcuts. You have to allow us to "import" that into 1P 8. Such customizations is critical on macOS. Also, does Mini require the menubar option be shown? Why is that? I don't show 1P 7 there because the keyboard shortcut is all I need on my desktop with 2 large displays. All that considered, it was in my testing nearly impossible to just bring up Mini from any app.
Safari. Why require a separate app again, like was needed in the past and for Chrome? And it seems that it was not sensitive to showing logins for sites I am on like all 1P versions of the past did. Why? Will this be fixed? While the search is great for straight-up use, 1P in browser must be able to surface what it thinks will be needed most. Does it, too, need to be in the (about to be ever weirder, thanks Apple, but that is another issue not for you all) status bar? Because I also don't show it in 1P 7 given the keyboard being how I invoke 1P.
Biometry. I use my Apple Watch multiple times a day to unlock 1P. In 1P 8 Mini the main 1P window always had to come up, and then me click a button, to trigger it. In 1P 7 Mini it just initiates the biometry itself. Why is this so much more user-intensive now? This, too, must be just as simple as it is today. Unlocking the main window was equally button-heavy. This is just untenably annoying.
Electron. I mean, really, maybe it can be made to look more like the existing macOS app and other Mac apps. But that is way too heavy for a password manager. Please reconsider and go back to Cocoa. Maybe I'm needlessly harsh on this point. But given my others, this is a compounded concern. I use VS Code almost daily. I've grown used to it. That is Electron. But one of the main reasons I use 1P is its nativeness. Regardless the tech underneath, 1P 8 does not feel native. This is a serious disappointment.
Preferences. As I alluded to above, all existing 1P 7 preferences must be present in 1P 8. I have 1P set up how it works best for me. Not just keyboard shortcuts being all custom, but nearly every preference I likely have tweaked at one time or another. These must stay customizable. All of them.

I truly am sorry if this feels harsh. As 1P support staff may know, I post here often with questions and answers. I've used 1P since it used the Mac OS X keychain for storage and now use Families. I write software (web, iOS, Mac, etc.) and manage websites for organizations for a living, so have some idea of what feedback should be, but also how critical my password manager is in my line of work. It and its speed and stability are critical. 1P 8 truly saddens me and makes me wonder if my longtime support of you all was misplaced years ago until now.

I am more than willing to continue this conversation here or in another venue. But I will not be trying 1P 8 again until it is finalized. This is unlike me, as I have used 1P betas in the late-summers for years. Kind of feel it is a role I as another developer should play. By general public release, I sincerely hope for all of us that my concerns, and the many concerns expressed by others here, are taken seriously. Or that you do as Apple themselves are with iOS and keep 1P 7 fully supported and getting updates even after 1P 8 ships.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

betas

52 Replies

Former Member
5 years ago
My experience with Electron is not at all positive. High resource usage. Non-native behaviour (e.g. Cmd-Tab to Teams... won't find it's window). Microsoft is abandoning it and expects Teams 2.0 to use 50% of the resources. This feels like Flash 2.0. As an organization grows, I expect to see greater and more specific commitment to native platforms, not going lazy to create a one-size-fits-all client.

Anyhow, I've been with 1P since the very early days and have touted the product to many. I'll wait until 8 to pass judgement, but moving will be a no-brainer if this is a disappointment.
Former Member
5 years ago

The export function doesn't even ask the user to confirm their master password before handing over all the data!!!

That sounds like an actual great security-related feature request.

Personally I've never used, nor accidentally triggered, the option-clicking function.
snozdop
Super Contributor
5 years ago
roustem

The problem with "hold Option key to reveal passwords" is that it was too easy to do that accidentally.

Is it really? Can't say I've ever done it, and even if I had, pressing macOS modifier keys is a brief split second action in general. Anyone "shoulder-surfing" would have to have superhuman photographic recall to read and memorise a long complex password in a second or less.

Have you done any research into how often customers are actively using 1Password whilst screen-sharing or with someone looking over their shoulder? And then out of those people, how many regularly 'accidentally' press the Option key long enough for someone to accurately read and memorise the password? I can't imagine the number is very high. And what about lone users, who never screen-share or have anyone looking over their shoulder? Why can't they be trusted to enable this option and use the feature. Why should you dictate what is best for everyone, based on some dubious belief that a significant enough number of users are 'accidentally' revealing their passwords?

What about people who might accidentally leave their computer unlocked and 1Password open when going to get a coffee in their office? It only takes a couple of seconds to export a file of ALL vault data... Surely this is a much bigger risk than a brief glimpse at a single long password on-screen. The export function doesn't even ask the user to confirm their master password before handing over all the data!!!
Former Member
5 years ago
Microsoft has got nothing on 1Password. We're clearly passionate about the changes here, but this is a silly comparison, like comparing 1Password and iCloud keychain.

Truth is, Microsoft has had a cloud-synced integrated password manager since Windows 8, when you started to be able to sign into Windows with a Microsoft Account. It ONLY works with Windows itself or Edge. Windows Store apps can integrate themselves into the manager as well, but those are very few and far between. Microsoft has started surfacing this password manager more by making it visible in the Microsoft Authenticator app, but there's no Mac or web version (yet).

1Password stores more than just simple passwords. It's also a OTP generator for example. You can assign multiple websites to a single entry for site recognition, something both Microsoft and Apple can't currently do. 1Password can store passports, driver's licences, and a whole bunch of other things that, sure, you COULD stick into a OneNote notebook, but it's nowhere near secure. This isn't a primary business for these companies, I doubt they will Sherlock 1Password's supported platform list of functionality any time soon.

Look, I joined this forum to bang the Electron drum.

PS, I don't know why people keep harping on "enterprise is driving these changes". Maybe that revenue is, but oh boy does the enterprise hate change more than all of you combined. Do you still need to encounter Windows XP in your day to day job? No? Well, I have clients who do.
jaysee_au
New Contributor
5 years ago
roustem

This is going to sound snarky.... but have you considered making it a preference if you've decided it shouldn't be the default anymore? 🤷‍♂️🤔 Just removing a feature that ppl have been using for years seems a bit brutal.

I'd love to find a better way to do this.

I'm also glad to hear this:

1Password 7 is being supported. We just published a new beta build this week.

As I said, I'm not inherently against Electron development, and I like the sound of a single, solid core underneath + lightweight UI. I am concerned at how unpolished this release is though. Did the reaction to Electron catch you all off guard? (It seems reminiscent of Apple's surprise at the 2016 Touch Bar launch when everyone was like "WTF? That is not what we're asking for."). If I were going to pivot my long time Apple first, native Mac app to Electron I'd be keen to get it more native-looking first given the reputation Electron has.

Again, not saying it can't be a good solution. Just saying it doesn't feel like that yet. Glad to hear 1P7 will continue to get updates. Hopefully the Safari extension will also continue to get updates. That was the thing that broke 1P6 for me in the end, and to be completely honest I'd probably still be using it if the Safari extension was still available! What can I say, I'm not a big fan of redesigning workflows and interfaces just 'because'. 🤷‍♂️
Former Member
5 years ago
Even with a badly-written native app, one would still have proper window behavior, text/font rendering, pasteboard, integration with system-wide keyboard shortcuts, integration with system-wide accessibility features, etc. With an Electron-based app, each of those things is a bunch of extra design, engineering, and QA work, and then each also represents different spot for an app to fall into the uncanny valley of usability.
gussic
Super Contributor
5 years ago
roustem

What exactly is worrying you, gussic ? I see that fear all over the forums and Reddit and I understand some of it but I don't get the fear of web-based technologies (which we are using in 1Password 8 only to render the UI

I think the worry is that even a good Electron App (there's an oxymoron for you) never works as well as a good App built using Apple's native frameworks. Sure a good Electron App might be better than a poorly written native App, but that's about it. Even good Electron Apps are still bad at their core - they make computers run hot, and as we've seen with 1P8 they are significant resource hogs.

With all due respect, using Electron is just lazy development. You're trying to simplify you efforts, which from a business perspective I totally get, to make it a consistent front end. That's great for you and your team, but incredibly poor for the end user.

Many of the Apple's own apps are built with web technologies. There are many Mac apps but how many of them are truly great? The list is quite short and we can probably count them on one hand: OmniGroup, Panic, Fantastical.

I agree the list is short, but you guys used to be in that list. Electron is like a turd, you can polish it as much as you like but at the end of the day it still is crap - and I don't mean that in a nasty way, but its just a fact. It's not web technologies that scare people (although this trend towards it is annoying) its Electron that scares people.

Just making an app "native" will not make it great and it is also possible to build a great user experience with web technologies.

I accept the first part of your statement - the second part I'd say that's the exception rather than the rule, but I would say that the moment you put Electron as your framework of choice for the front end you've basically ruled out having a great user experience on the Mac.

A prime example of why people are worried is the extension as well. We've gone from having a lightweight extension that used barely any memory to one that uses more memory than 1Password 7 did, with all of its attendant processes/helpers. Sure you can optimise it - but can you honestly say you'll get the extension back down to 20 mb of memory usage? No you won't be able to.

What is a user to do? You're stripping away functionality, you will eventually be forcing the use of programs that are significantly more memory than their predecessors, and still charging the same subscription fee. Add to this your comments on reddit where you sarcastically tell a user to go and use iCloud Keychain ... can you really blame users for being upset about the change? It's been incredibly poorly managed by your team.

Why not come out when you were at the fork in the road and ask users what they wanted - laid out the benefits of both and asked? I bet you a lot of people would have preferred 1P8 for Mac had a delayed shipping date if it meant you could get SwiftUI working on it.
Former Member
5 years ago
I would argue that moving to Electron IS inherently bad because it naturally tends towards terrible user experience.

And stuff like this: https://twitter.com/riskybusiness/status/1299689943711662080?s=20

How a company that purports to value security would want to take on this kind of reputation is utterly beyond me.
Former Member
5 years ago
austin

Amen. Moving to Electron isn't inherently bad. Moving to Electron and then half-assing your implementation is bad. Agilebits doesn't recognize that due to money and hubris.
XIII
Super Contributor
5 years ago

The problem with "hold Option key to reveal passwords" is that it was too easy to do that accidentally

Indeed: happened to me when pair programming on my machine... :(

Forum Discussion

Concerns About 1P 8 for Mac from a Web and Software Developer

52 Replies

Featured discussions

September at 1Password: Browser versions, enhanced security, and new integrations

Recent discussions

All devices offline

Please update the Windows Tray Icon

Username Alias

Alphabetical sorting of tags

I have an idea... for too many accounts