Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
The real problem behind 1P8
The biggest problem with the 1password 8 is that AgileBits are pulling a total and complete overhaul on everything. Sure a new code base is a clean break, but they are taking this as license to chang...
Listening and learning
Back when we first launched the service, making it easy for people to be members of different accounts, I was the person who most strongly advocated the use of different account passwords for each. Half a year or so of listening and learning, we learned that following that advice was a serious pain for many users. Yes, there still remain attack scenarios where using the same account password is a problem. That didn't change, but our assessment of the value of telling people to do so did change.
Many people fell into one of two categories. Those who followed the different account password advice, and found it significantly annoying to do so, and those who didn't follow the advice and worried about the danger that they thought they were putting themselves in. Given this, we felt that the small security gain of using different account passwords was not sufficient to justify the problems with that initial advice.
Quite simply, I had been wrong to push for that initial advice, and my colleagues were too nice to later say, "we told you so." (Ok, they didn't need to say it; I knew.)
Knowing what unlocks what
As I described in some other thread, we had also developed (prior to the service) a cute little hack that gave people the effect of being able to open all their vaults (this in the sense of "vault" from before there accounts with multiple vaults). That clever little hack was the right thing at the time, but was designed in the pre-account days. It also had a number of drawbacks, one of which was a lack of transparency to the user of which password unlocked which thing. If you are unlocking the an Agile Keychain vault that you share over Dropbox with a family member while unlocking your OPVault that you sync via iCloud, you might forget that the first actually had a different Master Password. You could have different Master Passwords for those different things and not even know it.
What we have in 1Password 8 resolves that long standing problem. Those accounts that you want to unlock together, you give the same account password to. But if say, your work place (unwisely) insists that account password for your work account must contain exactly two emojis and the latin same for a species of fresh water phish, you can comply with that policy without having to mess things up for your other accounts. Most importantly it puts you in control of what unlocks with which password and it makes that transparent to you which does which. This is an improvement that we have long wanted to make, but before 1Password 8 there was no practical way to roll out such a change for all platforms at the same time.
So from my point of view, this illustrates one of the benefits of 1Password 8. We are in a position to make security improvements more consistently across the board.
