Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
The real problem behind 1P8
The biggest problem with the 1password 8 is that AgileBits are pulling a total and complete overhaul on everything. Sure a new code base is a clean break, but they are taking this as license to change anything and everything. So 1P8 is pissing off a lot of people for a lot of unrelated reasons. For example today I found out that if you use multiple accounts, you will now need to use multiple passwords to unlock your 1P client. Personally, I couldn't care less about the Electron thing and the search changes are annoying but not game breaking. However needing to use a bunch of passwords every 30 minutes to get access to the data I need is absolutely a change that would drive me away from 1password. After all it's called ONE Password, not 15Passwords.
Why are they doing this? Because someone thought it was more secure. Who cares what the customers think. Who cares what the customers need. Who cares about the actual use cases of the paying customers. Did anyone even ask the customers? Could it be a preference? Sure, totally. And some may want that. Heck, it something they could make as a business feature flag so that admins can require it. But should it be forced on everyone without any thought to what that actually means? Fark no. That's how you piss people off and drive them off your platform.
And this is one tiny change in a vast ocean of changes known as 1Password 8. So now I'm scared. What else is going to be changed that I (and others) haven't figured out, that is totally going to screw us? I don't know. No one knows. 1Password won't even be truthful about the changes it is making (see also electron and stand alone vault drama).
The only thing that a complete overhaul of an application (and service) accomplishes, is making everyone angry at you for changing the one or two things they cared about. Because you changed it all.
PS. And there is absolutely no way you can convince everyone that "this will be better in the long run". Unless you can address why each "game breaking" change is better, to an extent that makes all the customers happy.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
21 Replies
Listening and learning
Back when we first launched the service, making it easy for people to be members of different accounts, I was the person who most strongly advocated the use of different account passwords for each. Half a year or so of listening and learning, we learned that following that advice was a serious pain for many users. Yes, there still remain attack scenarios where using the same account password is a problem. That didn't change, but our assessment of the value of telling people to do so did change.
Many people fell into one of two categories. Those who followed the different account password advice, and found it significantly annoying to do so, and those who didn't follow the advice and worried about the danger that they thought they were putting themselves in. Given this, we felt that the small security gain of using different account passwords was not sufficient to justify the problems with that initial advice.
Quite simply, I had been wrong to push for that initial advice, and my colleagues were too nice to later say, "we told you so." (Ok, they didn't need to say it; I knew.)
Knowing what unlocks what
As I described in some other thread, we had also developed (prior to the service) a cute little hack that gave people the effect of being able to open all their vaults (this in the sense of "vault" from before there accounts with multiple vaults). That clever little hack was the right thing at the time, but was designed in the pre-account days. It also had a number of drawbacks, one of which was a lack of transparency to the user of which password unlocked which thing. If you are unlocking the an Agile Keychain vault that you share over Dropbox with a family member while unlocking your OPVault that you sync via iCloud, you might forget that the first actually had a different Master Password. You could have different Master Passwords for those different things and not even know it.
What we have in 1Password 8 resolves that long standing problem. Those accounts that you want to unlock together, you give the same account password to. But if say, your work place (unwisely) insists that account password for your work account must contain exactly two emojis and the latin same for a species of fresh water phish, you can comply with that policy without having to mess things up for your other accounts. Most importantly it puts you in control of what unlocks with which password and it makes that transparent to you which does which. This is an improvement that we have long wanted to make, but before 1Password 8 there was no practical way to roll out such a change for all platforms at the same time.
So from my point of view, this illustrates one of the benefits of 1Password 8. We are in a position to make security improvements more consistently across the board.
It is amazing how 1Pwd TeamMembers still try to convince us to like v8.
Almost everything what is more than a "common bug" gets blocked.
Still my wish, my hope is that Agile realises that v8 goes in the wrong - the WRONG - direction.
I wonder how/where they get their motivation to continue. Where is this positive feedback? Or is just the money (and pressure) their got some time ago?Sorry, but I am back (decided to leave this EarlyAccess forum some days ago, but I could not stay away).
I don't know. Were users telling you they wanted 1Password to be slower, have fewer features, have a UI that doesn't match their OS, and has a ton of bugs? You tell us what the point of the release is. You've not demonstrated any major advantages, just declared that someday there will be some.
The reality is this release makes it easier and more profitable for 1Password. But don't act like this is some huge step forward for users.
roustem1Password Team
There are many ideas and many painful lessons we learn over the years when helping our customers and using 1Password ourselves. Just wanted to say that we are definitely taking 1Password 8 release as an opportunity to rethink how things are done and make them better.
If we didn't then what would be the point of the release?
1P_BenI would still argue that the situation has improved, rather than gotten worse. The thing is it is totally optional now. It wasn't before. Before you were forced to have a single password that unlocked all added accounts. Period. Now there is a choice. If your company wants to put out a blanket "no password reuse" policy, you can do that, and then folks with multiple accounts can either unlock using entirely separate passwords, or use biometrics to unlock everything together, while obeying that policy.
Ben
You're right, not a 1P8 vs 7 topic - it's about guidance. 1P should be consistent - no reuse. Now if an individual company wants to add nuance, that's fine. But if 1P says reuse as a workaround, and the company has a no-reuse policy, it causes friction. If 1P says no, and the company says do, then that advice trumps. Make sense?
- 1P_Ben
I do understand the concern about having to caveat advice, and I agree it is less than ideal to have to do so.
And, there's another issue. In an eDiscovery situation, there's a possibility that the employee may be compelled to give up their work passphrase...but now their personal vault is exposed.
How is this any different with the 1Password 8 model than with the 1Password 7 model? I would actually argue that with 1Password 8 people now explicitly have the option of not having the same password unlock both accounts, whereas that wasn't possible if you wanted to use both accounts with 1Password 7. With v7 one and only one password unlocked all accounts, regardless of what the passwords for those accounts were. With v8 if you don't want that to happen, and you want your personal data to unlock separately from your work data, you can.
Ben
Sure. So I get the nuances, I really do. The problem is that most 1P users aren't professional security people, so having inconsistent messaging complicates training and enablement. If the message is 'password reuse is bad', that's a full stop. As soon as we offer options/nuances, then where does that line end?
I have two 1P accounts, with two different passphrases. One for work, one personal. Since those don't change, remembering two isn't a big deal.
Now if you wanted to implement some type of SSO-esque system, that'd be fine. Because it's One Password (pun intended) that unlocks multiple things like Okta does. But telling people to manually set multiple passwords to be the same is dangerous.
And, there's another issue. In an eDiscovery situation, there's a possibility that the employee may be compelled to give up their work passphrase...but now their personal vault is exposed.
Happy to chat more about this.
1P_RobHey @dougl. I'd love to hear more about why you think this advice is a problem. @jpgoldberg and roustem commented in more detail about this in another thread, which may be helpful:
https://1password.community/discussion/comment/608291/#Comment_608291
