[HN Gopher] 1password is considering a self-hosted option to sto...
___________________________________________________________________
1password is considering a self-hosted option to store vaults
Author : NmAmDa
Score : 257 points
Date : 2021-08-08 04:08 UTC (18 hours ago)
(HTM) web link (1password.community)
(TXT) w3m dump (1password.community)
| kenneth wrote:
| I've been self hosting 1Password for about a decade without any
| issues. There's always been a way around the subscription stuff.
| I honestly don't mind paying the subscription pricing, just
| didn't like the idea of storing my passwords on their service
| with everyone else's.
| Terretta wrote:
| You don't like the idea of storing opaque bits along with
| everyone else's equally opaque bits?
|
| So long as the secret key to these bits is yours, not theirs,
| what's the catch?
| nucleardog wrote:
| For a whole class of potential (if unlikely) situations, it
| shifts from me potentially being caught up in a mass hack,
| response to an overly broad warrant, etc to needing be
| targeted specifically.
|
| Passphrase compromised? If they're hosting, you know exactly
| where to go to access my passwords. If I'm hosting, I can
| tell you that I use 1Password and my master password and I'm
| still _relatively_ safe in that you don't even know where to
| find a copy of my password database.
|
| Encryption broken (whether algorithm or implementation)? If
| they're hosting, they've now become an _extremely_ valuable
| target as they're holding a bunch of paid-for accounts,
| credit cards, banking details, personal identity documents,
| etc. Not necessarily super-valuable in a one-off situation,
| but if you could grab a million password databases at once...
| Which wouldn't include mine, because it's off on my own
| server.
|
| Legal abuse? An overly broad warrant could vacuum up every
| database in their possession. Presumably the government can't
| open the vaults, but if they _really_ cared how sure are you?
| Would you be comfortable not changing all of your passwords
| (but can't change your identity documents...) if the NSA
| asked for a copy of your database? If my data's never in
| their possession, then I'd need to be targeted specifically
| with a warrant.
|
| For something I'm using to store all of my accounts, banking
| details (both logins as well as account and routing numbers),
| personal identity documents, MFA backups, key backups,
| software licenses, and more... my question for you would be
| more "Why would I take any additional risk when I don't have
| to?" I'd rather not be within the same blast radius as all
| the other 1Password users.
|
| Edited to add: Also, outside of the "why don't I want my data
| sitting beside everyone else's", more generally with regards
| to a hosted option is where my data goes if I have any
| payment problems, and availability of my data being within my
| control (if my server goes down, I can fix it--if they have a
| massive week long outage I just need to twiddle my thumbs
| potentially without access to... anything).
| ValentineC wrote:
| > _Passphrase compromised? If they 're hosting, you know
| exactly where to go to access my passwords. If I'm hosting,
| I can tell you that I use 1Password and my master password
| and I'm still _relatively_ safe in that you don't even know
| where to find a copy of my password database._
|
| The above argument seems to turn out the same even for
| cloud-synced vaults.
|
| If Dropbox suffered a massive hack, the malicious actor
| could take all the *.agilekeychain and *.opvault files
| stored there, brute force the master passwords locally, and
| have potentially complete control over some people's
| finances and online lives.
| nucleardog wrote:
| Absolutely. We can kinda diffuse that risk out though if
| we have these files across a bunch of different services
| (some use OneDrive, some use AgileBits, some use Dropbox,
| etc).
|
| Would we be better off if instead of one company like
| Equifax having _everyone_'s information, we had a company
| per state?
|
| That all said, I actually self-host my (now KeepassXC
| because 1Password's push to cloud) databases on my own
| hardware, so for me it's truly a solution.
| b3morales wrote:
| Defense in depth is a legitimate aspect of security. Would
| you rather keep your money in an unbreakable box on the
| sidewalk, in an unbreakable box in a stranger's shed three
| towns over, or in an unbreakable box bolted to the floor of
| your cellar with your dog sleeping by the stairs?
| karottenreibe wrote:
| Or, you know, in an unbreakable box of a business whose
| reputation depends on keeping it safe. Like a security
| deposit box in a bank? That doesn't sound unreasonable to
| me.
|
| In contrast, comparing 1password to "a stranger three towns
| over" or "the sidewalk" seems a bit unfair to me.
| post_break wrote:
| So like what bitwarden does? So far I've been happy using
| bitwarden after 1password boiled the frog with their pricing.
| danieldk wrote:
| Semi-related: this survey was announced alongside 1Password 8 for
| Windows early access. Apparently 1Password 8 for Windows uses
| Electron and there was some discussion about AgileBits wanting to
| move to the same architecture on all platforms.
|
| Does anyone know if 1Password 8 on macOS will also be an Electron
| app? Their Linux Electron app is pretty good and definitely much
| better than having no 1Password at all. However, this would be a
| sad ending for what started out as a great, efficient, native
| Mac-only application.
|
| I can understand why AgileBits would make this choice. For most
| users, Electron is probably not a big issue, if they'd notice at
| all. But as someone who loves native macOS apps, it just makes me
| sad.
| tailspin2019 wrote:
| This would be a real shame. My only complaint about 1Password
| is occasional performance blips and slowdowns. Which seem to
| have been getting worse over time (along with unreliable
| browser integration). I can't see how moving to electron on Mac
| would help that...
| gumby wrote:
| One reason I use 1Password is because it's a native app.
| Electron apps never have the affordances of the platform, so
| are frustrating to use whenever you leave the "happy path".
| Because it's so heavily used this would be a reason to leave
| it.
|
| Separately, Electron is itself a large piece of code and
| integrating it would increase the attack surface -- of a piece
| of security code! Another good reason to switch if this comes
| to pass.
| another_kel wrote:
| To be fair: 1password native app on windows was horrible and
| felt 3 times slower than 8.0(electron) beta.
| _moof wrote:
| Good lord, it's like they're _trying_ to ruin it.
| throwaway46294 wrote:
| I have heard that Linux was the start, Windows is the next one
| to get the Electron treatment, and Mac is next.
| dijit wrote:
| But the linux 1Password program is "electron" in name only;
| it's actually some kind of Rust program; I'm not 100% sure
| how it works but it's definitely compiled with cargo.
| soziawa wrote:
| What does Electron in name only mean? Either electron is
| included or it isn't. Whether you are using Rust through
| native bindings or through WebAssembly does not really
| matter does it?
| dijit wrote:
| 90% of the functionality is written in rust components
| and the UI is a very slim wrapper around those APIs; it
| seems.
|
| And even then it looks like the JS is WASM compiled from
| rust.
|
| It's not implemented in JavaScript/typescript is what I
| mean. As such it seems to be lean on my system.
| mpalmer wrote:
| If it is Electron, I don't think you can credibly call an
| entire Chromium instance a "very slim wrapper".
| selfup wrote:
| There's a chance it's using Tauri (rust)
| https://tauri.studio/en/ if it's truly not using Electron
| but a similar concept. However WASM builds in Electron
| would make more sense if they use the term Electron.
| aniforprez wrote:
| Link below to the behind-the-scenes article. I have no
| experience using the Linux app so I'm not sure of the
| performance but a lot of the core seems to be written in
| Rust compiled to WASM which is the way it's now being
| done for their browser extension. Personally everyone
| keeps cribbing about electron but I hope 1Password has
| found a way to make good on performance
|
| https://dteare.medium.com/behind-the-scenes-of-1password-
| for...
| danieldk wrote:
| No, it's definitely regular Electron: %
| tar ztf 1password-latest.tar.gz | grep "chrome"
| 1password-8.1.1.x64/chrome-sandbox
| 1password-8.1.1.x64/chrome_100_percent.pak
| 1password-8.1.1.x64/chrome_200_percent.pak
| [deleted]
| dijit wrote:
| yeah I'm aware it contains chrome, I mentioned that much
| of the functionality has been moved out and is actually
| implemented in rust, this is verifiable simply by running
| `1password --log trace`
|
| EDIT: 168MiB resident memory on my system (just checked).
|
| Though it malloc'd (but never used) 32G, that's worrying.
| aikinai wrote:
| Thanks for the warning about this. I was already disappointed
| in the direction 1Password has been taking, and moving to
| Electron would certainly be the last straw. It's totally
| reasonable that they want to cheap out on the actual software
| and expand their business into more lucrative services, but
| it's not what I personally want in a password manager. So
| hopefully someone else, maybe a lone develop that doesn't need
| perpetual growth, will make a good, standalone, native Mac
| password manager.
|
| Keychain itself is getting better and more fleshed out UX, but
| it's still not flexible enough to trust for everything
| unfortunately.
| latexr wrote:
| > So hopefully someone else, maybe a lone develop that
| doesn't need perpetual growth, will make a good, standalone,
| native Mac password manager.
|
| You may wish to look into Secrets:
| https://outercorner.com/secrets-mac/
| handrous wrote:
| I find I have to kinda budget how many electron apps I keep
| around, to keep things running smoothly. And that's assuming
| they're all halfway, sorta, well-written. That goes double
| for anything I might want to leave open, or open frequently.
| It also applies to "web app" tabs in my browser (even Gmail
| eats shitloads of memory and spikes CPU usage all the time
| for mysterious reasons, let alone things like Google Docs,
| and a bunch of SaaS dashboards are as bad or worse).
|
| If an app is Electron, it gets an extra and fairly rigorous
| level of " _do_ I need it? What are the alternatives? "
| treatment, for this reason. Native, or even QT, doesn't get
| that kind of in-advance scrutiny, since only rarely do they
| cause any problems, even if I forget about them and leave
| them on in the background for months.
| jeromegv wrote:
| Looks like you're looking for a reason but none of that was
| announced or even hinted as happening on macOS. They have one
| of the best Mac native app, I doubt it's part of their plan.
| nmg wrote:
| Savvy - for me Bitwarden's implementation of self-hosting is the
| biggest gesture of mutual trust that makes it feel so solid
| featdd wrote:
| When I was evaluating which password manager to use I instantly
| favoroud 1password, but not having the possibility to self host
| my data was non-negotiable for me.
|
| I will definitely stay up to date whether this really comes or
| not.
| faeyanpiraat wrote:
| What's wrong with their hosting?
|
| I'm happy that I don't have to manage a hardened up-to-date
| server just for this.
| manicdee wrote:
| If you stop paying them, you stop being able to update your
| passwords. Also if you can't connect to their servers, you
| can't synchronise your passwords between devices. Also non-US
| companies will have a concern about storing sensitive
| material on US-based services given the powers the US is
| giving itself regarding intercepting communications or
| seizing data centres.
| tpetry wrote:
| You are not storing passwords in plaintext on their
| servers. They are very open and document on how it works.
| Basically you give them fully encrypted information they
| can't use for anything
| srswtf123 wrote:
| Aren't they based in Canada, not the US?
| cosmojg wrote:
| Have you heard of Bitwarden/Vaultwarden? It facilitates exactly
| what you want.
| xoa wrote:
| FWIW, though it's hard to find nowadays AFAIK the standalone
| license is still offered and I still use mine with the latest
| version. You can use unlimited local vaults and network sync
| them via Dropbox (or a janky WiFi thing). The local sync hasn't
| gotten any TLC in a while but it works same as always without
| any limits.
| krull10 wrote:
| And this whole discussion is because they've announced that
| will be dropped with version 8. No more standalone licenses,
| local vaults or syncing via Dropbox/iCloud. Even this
| (potential) "self-hosted" option sounds ridiculous; users are
| going to have to run a version of their cloud server locally
| and use that for syncing instead of just having a vault they
| can sync locally or through the service of their choice.
| xoa wrote:
| Yeah, I just noticed that though too late to edit my post
| to note it :(. Sounds like they plan to nuke the native Mac
| application, the core original value proposition, in favor
| of some cross platform Electron thing as well. Oh well, it
| had a good run, but the business incentives are pretty
| inexorable forces I guess when they're aiming for a multi-
| billion valuation cash out.
|
| Although devil's advocate:
|
| > _users are going to have to run a version of their cloud
| server locally and use that for syncing instead of just
| having a vault they can sync locally or through the service
| of their choice._
|
| I don't see that as inherently ridiculous if it genuinely
| was a full standalone version with no internet
| dependencies. Lots of local software going back ages and
| ages in Unix splits up "server" and "client" sides of
| things and it can be a sensible architecture in some
| instances and does not by itself mean anything bad. Like, I
| don't see what your issue would be vs "sync locally", if
| it's all under your control, potentially on the same system
| even, how would that not be merely another way to sync
| locally just a different implementation? And I don't see
| the value of "a service of my choice" vs literally just
| being able to run it as my _own_ service. "Service of my
| choice" should mean who provides the VPS or colo or
| whatever, or what VPN I use to access my own local server.
| A true self-host eliminates the need for Dropbox or iCloud
| which is fine by me.
|
| Of course this being modern AgileBits I kind of expect a
| fairly large number of asterisks here that neuter it in
| practice. But then again that they are even asking at all
| is something I wouldn't have predicted, I guessed they'd
| eventually attempt to full force everyone into their
| subscription model and that would be the end of my 1P
| upgrades/usage. Maybe it will be anyway if the application
| starts sucking even harder moving forward, but local host
| on a normal pay model could change my mind.
| joelbondurant wrote:
| They must use the USA Fact Check algorithm to purify state
| property objects.
| LazyOne wrote:
| I've been using the Bitwarden_RS, now Vaultwarden for a long time
| and love it. It's just the backend API implementation so you
| still use the official Bitwarden clients and extensions.
| AnonC wrote:
| They made the standalone license almost impossible to find and
| get, forced a subscription on users, and made the password vault
| storage online for the subscriptions. Now this self-hosting
| survey comes as a surprise, and it would be of some relief
| if/when it's implemented.
|
| I do wonder how the licensing and pricing will be handled though.
|
| Bitwarden officially allows self-hosting for the personal use
| tiers, but it seems to have some license purchase requirements
| even for the self-hosted options (other than the free tier).
|
| Is there any password management application out there that makes
| sharing passwords or password vaults easy but is also free? I've
| looked at KeePassXC and Bitwarden. The former isn't easy to use
| for sharing and sharing permissions. The latter doesn't offer
| sharing among more than two people in the free tier.
| Cosmin_C wrote:
| Previous 1Password user here. Switched to KeePass, still
| figuring out the ins and outs, but looks quite nice in the
| options it provides.
| tqkxzugoaupvwqr wrote:
| Are you saying there is as standalone version of 1Password 7?
| Does it support vault sync via iCloud?
| bobbylarrybobby wrote:
| Yes and yes
| geerlingguy wrote:
| I use it with a vault synced via Dropbox. I'd never given
| their subscription service a second thought. Didn't realize
| it was so hard to buy that option.
| saghm wrote:
| > I've looked at KeePassXC and Bitwarden. The former isn't easy
| to use for sharing and sharing permissions.
|
| For a while, I used KeePassXC work my encrypted database file
| checked into my Dropbox storage. That allowed me to sync my
| passwords between devices but not give the cloud provider any
| way of knowing the passwords (since my KeePassXC master
| password was not stored anywhere besides in my brain).
| Unfortunately, Dropbox eventually changed their Android app so
| that synced files no longer were stored on the local
| filesystem, so adding a new password from Android or getting
| the new passwords from other devices would require manually
| uploading/downloading the file through the Dropbox app. I
| somewhat suspect this change was due to Dropbox eventually
| adding their own password management functionality to the app,
| but I didn't consider that until later, so I'm not sure how the
| timings lined up. In age case, after weighing my options I
| ended up deciding to just switch over to Bitwarden. (The
| migration was extremely easy; I was able to export the
| KeePassXC database file locally to XML file and then import
| that into my newly-creates Bitwarden account without any
| issues).
| charles_f wrote:
| KeePass2android is a keepassXC client that supports the likes
| of Dropbox. It seems to fit what you need.
|
| How does Bitwarden compare to Keepass?
| colordrops wrote:
| I thought Bitwarden is open source. Is it not a standard
| license? Can you not fork it and change its behavior?
| nucleardog wrote:
| Yes.
|
| The license check is relatively easy to bypass, and there are
| also forks and reimplementations out there that already do
| so.
| YPPH wrote:
| It's $10 per year.
|
| Is it really worth your time forking it to remove licence
| checks, when you could instead support the developers and not
| need to make any code changes?
|
| Forking the code and removing licencing checks is perfectly
| _permissible_ under the GPL. But it 's pretty _unreasonable_
| in this case.
| colordrops wrote:
| I don't disagree with you, but I was asking about the
| following:
|
| > but it seems to have some license purchase requirements
| even for the self-hosted options
|
| which doesn't appear to be completely true, regardless of
| whether you think it's worth your time or or reasonable.
| resheku wrote:
| https://github.com/nextcloud/passman is the closest one to my
| needs
|
| - self-hosted on docker
|
| - mobile app and browser extension
|
| - sharing secrets and storing files
|
| - api
| ryandrake wrote:
| I've used pwsafe[1] for years, maybe over a decade. Multiple
| platforms supported, although macOS and iOS versions are paid
| (one time payment, no subscription). Store your vault anywhere
| you want.
|
| 1: https://pwsafe.org
| [deleted]
| xerxesaa wrote:
| When looking into KeePassXC, did you specifically look into the
| KeeShare[1] feature? As long as you have some common place to
| read/write a file, you can share a subset of your credentials.
| I agree this is not as easy as hosted solution like Bitwarden,
| but KeePass was always designed to be a non-hosted solution, so
| I think this is about as good as they can do.
|
| 1 -
| https://keepassxc.org/docs/KeePassXC_UserGuide.html#_databas...
| pscoutou wrote:
| > They made the standalone license almost impossible to find
| and get, forced a subscription on users, and made the password
| vault storage online for the subscriptions.
|
| 1Password recently raised $100 million at a $2 billion
| valuation.
|
| Looks like they're going down the Dropbox path. Shame as
| 1Password used to be one of my favorite apps.
| runlevel1 wrote:
| Hidden for now, gone in the next release.
|
| Source:
| https://1password.community/discussion/115018/support-for-
| lo...
| gizdan wrote:
| You can self-host vaultwarden (formerly bitwarden_rs), which
| gives full enterprise functionality.
| fy20 wrote:
| I do this, works perfectly for sharing common passwords among
| my family (streaming services and utilities mainly).
|
| I moved from 1Password, and my main gripe with Bitwarden are
| the apps aren't as polished. If it's not too expensive I'd
| consider switching back (1Password family is $60 per year, so
| I assume this will be less).
| ziml77 wrote:
| That lack of polish and lack of improvement over the couple
| years I used Bitwarden are why I switched back to
| 1Password. Being open-source is not a free pass to ignore
| issues like that.
| ibdf wrote:
| I find this surprising. I've been using Bitwarden for a few
| years now... the mobile app is easy to use. They even make
| MFA painless by automatically copying the code after the
| password is entered. The browser extensions seem to work
| fine too. Perhaps the web app is not as clean, but I rarely
| use it.
| j1elo wrote:
| I'm paying for a Bitwarden subscription because I want to
| support their product and their vision. But I don't know,
| time passes and some much needed improvements don't seem to
| arrive.
|
| The most glaring issue (for me, anyway; I fully understand
| I'm just a sample size of 1!) they have is relying on the
| pop-up UI of the browser, which I guess is stateless (state
| is lost when the popup closes, it seems?). The decision of
| using this UI was already wrong from its inception, IMHO,
| not sure why they thought it would be a good idea. But more
| surprising is that they haven't yet moved to the much more
| reliable and user friendly method of opening their UI on a
| new tab, which was a no brainer when using LastPass. Oh
| well. They said to have this in the backlog, so hopefully
| it gets some attention sooner than later... but in the
| meantime the end users are faced with silly issues like
| this, software that loses user data should not be a concern
| in the first place, and for sure they won't care about some
| technical explanation about how the browser handles pop-up
| windows.
|
| (for anyone interested:
| https://community.bitwarden.com/t/persist-bitwarden-ui-
| and-m...)
| gizdan wrote:
| It gets worse. Their browser extension doesn't work when
| using a private window in Firefox. The GitHub issue[0]
| around it was raised in 2017. They've been blaming
| Mozilla for deprecating and subsequently removing an API.
| It's pretty ridiculous.
|
| [0] https://github.com/bitwarden/browser/issues/136
| bruckie wrote:
| Tavis Ormandy (of Google Project Zero) has a pretty
| convincing post arguing that relying on browser
| extensions that modify the DOM (which includes [almost?]
| all password managers) is a bad idea:
| https://lock.cmpxchg8b.com/passmgrs.html
|
| (he recommends using your browser's built-in password
| manager, which isn't as convenient but is much more
| secure)
| kemayo wrote:
| It'd be ideal if browsers offered standard hooks into
| their password-filling mechanisms. Let the password
| managers volunteer "I know a password for this site!" and
| fill it through the browser's standard UI.
|
| Basically, I want the browsers to implement something
| close to what Apple has for password management on iOS.
| Ideally go a bit further and expose hooks for
| creating/saving a new login, too.
|
| Unless they already do this, and nobody has actually
| taken them up on using it?
| beefjerkins wrote:
| Now that you mention it, that would a fantastic idea;
| create an extension that exposes some sort of API that
| the browser can tap into to load suggested credentials
| for the current domain.
| j1elo wrote:
| That's an amazing idea! Do you know if any browser vendor
| has this concept even in the radar? It would be very cool
| that password managers were able to do that: _manage
| passwords_ , and not have to deal with each browser's
| idiosyncrasies which if you think about it, is just a
| distraction from their actual mission of being a password
| storage.
| j1elo wrote:
| I guess it makes sense, but it's a very very unhelpful
| suggestion... we're painfully and slowly moving in the
| direction of teaching users how passwords are less and
| less useful as long as they are not random, so the ideal
| alternative is having all random passwords and using a
| vault that remembers them for us.
|
| But this whole proposition totally breaks if I store my
| Amazon password in Chrome at work, and then later I
| cannot access it in Firefox at home, or the native app in
| my Android phone.
| ronnier wrote:
| I only open the webui, log in, copy paste my usernames
| and passwords. I don't trust that my passwords are safe
| otherwise.
| tcoff91 wrote:
| The clipboard is not exactly a secure channel. Browsers
| need to catch up to mobile and provide dedicated APIs for
| password managers to hook into so they don't have to
| interact with the DOM.
| ziml77 wrote:
| I don't trust the safety of passwords going through my
| clipboard and me having to manually verify the URL.
| addicted wrote:
| I use Bitwarden in the Firefox sidebar. That provides a
| persistent state experience.
| j1elo wrote:
| Good idea! I'm however limited here by the fact that
| (Firefox at least) only one sidebar can be open at the
| same time. And for me that's occupied full-time by the
| fantastic Tree Style Tab extension. I would definitely
| find it useful if more sidebars could be open at the same
| time.
| gizdan wrote:
| Which also doesn't work when using a private window.
| afavour wrote:
| I had the exact same experience. I don't _want_ to care
| about the app UI etc but when you use a password manager as
| often as you do it really matters. Not to mention selling
| the idea to less tech-savvy family members, it really does
| have to be as simple as can be.
| hanklazard wrote:
| I self-host Bitwarden_rs and use the client apps on
| Windows, Linux, and MacOS. To me, the UI seems very
| usable, polished and attractive. It doesn't seem that
| different from 1Password, which I switched from a few
| years ago. What exactly about the UI needs improvement?
| gizdan wrote:
| Personally the UI itself is fine. The UX on the other
| hand not so much.
|
| - Firefox Extension doesn't work fully in a private
| window in Firefox.
|
| - Extension loses data when you click away from it.
|
| - Extension is hard to navigate using keyboard - e.g.
| there is no way to copy specific username/password/otp
| code.
|
| There is lots more issues.
| hanklazard wrote:
| Good to know, extensions always feel like the weak link
| in password manager security (again, not a developer so
| happy to be proven wrong here) so I don't use them. I
| always just copy out of the desktop app (Ctrl + P), still
| a really fast keyboard-only workflow once you get used to
| it.
| ValentineC wrote:
| I'm a 1Password user right now, but I've tried self-
| hosting Bitwarden_rs and like it very much.
|
| The one killer feature which is preventing me from
| switching is the ability to use multiple self-hosted
| servers at once (so I can separate family vaults from
| business) [1], but "client profiles" are likely to be
| implemented some time soon [2].
|
| Now that I've learnt that local vaults are going away in
| 1Password 8 [3], I'll probably make a move to Bitwarden
| sooner rather than later.
|
| [1] https://community.bitwarden.com/t/log-in-with-
| multiple-bitwa...
|
| [2] https://community.bitwarden.com/uploads/default/origi
| nal/2X/...
|
| [3] https://news.ycombinator.com/item?id=28107225
| tw04 wrote:
| I thought there were some features missing from
| vaultwarden compared to bitwarden. I think the one that
| stuck out to me was lack of AD integration. Any chance
| you've seen a list of what is and isn't in vaultwarden?
| My search hasn't turned anything up. Maybe they're at
| feature parity now?
| afavour wrote:
| The mobile apps were the primary problem for me.
| Regrettably it was long enough ago that I can't remember
| all the details but I'm pretty sure at the time it didn't
| support TouchID for one.
| hanklazard wrote:
| I'd say give it another try sometime! The mobile app
| (I've only used the iOS version) is very usable and has
| FaceID support for those that want it. Also, safari can
| work with the app to pull passwords quickly.
|
| I'm just really grateful this project exists. I've tried
| most of the major password managers out there and I feel
| like BW/VW is the clear winner, especially if you're
| willing to host your own server. If not, their pricing
| for an annual personal account is incredibly reasonable.
| karmanyaahm wrote:
| my less savvy family members all use bitwarden with
| sharing and don't see any major problems fwiw ymmw
| CrimsonRain wrote:
| Enpass works nicely. I can freely share vaults and keep vaults
| backed up in anyway I prefer. Two downsides:
|
| 1. Mobile is paid I think
|
| 2. Not open source
| mehanik wrote:
| Agree, I have been using it for years. It has a nice, non-
| browser based client on all platforms including Linux.
| Ecstatify wrote:
| Personally I don't recommend Enpass. They switched to a
| subscription model like every other password manager. They
| don't host your data so have no recurring expense, I don't
| understand how they can justify the subscription model. They
| have no real innovation, they added an "Audit Feature" for an
| additional EUR26.49 per year.
| tw04 wrote:
| They appear to have a lifetime option?
|
| "Enpass lifetime premium: $79.99"
| CrimsonRain wrote:
| Sorry; I didn't know. I got the "pro" version long ago for
| iOS and they have basically retained that (kinda upgraded
| for free as now I can use on all devices). I think it cost
| me $10 or something. So amazing for me.
|
| Now the same deal is $80 which I think is still ok but on
| the high side.
|
| I like their hands off approach. Password autofill/save etc
| are also far better than most other password managers (esp
| bitwarden).
| Terretta wrote:
| > _Is there any password management application out there that
| makes sharing passwords or password vaults easy but is also
| free?_
|
| For members of a relatively well-paid profession earning good
| wages from creating software, I wonder if the reluctance to
| support others earning money for quality work isn't some form
| of cognitive dissonance.
|
| // Pre-emptive "edit" before this comment has replies: Folks
| post a lot of arguments for "free" software any time there's a
| comment such as mine -- but justifications largely feel like
| post-hoc rationalizations conflating freedom of information and
| ideas with freedom from paying for value, ret-con'd stories we
| tell ourselves. I call BS -- unless one is independently
| wealthy, to spend maker time on art or craft requires one to
| either earn money or enjoy patronage. Tools for work are more
| craft than art, and deserve to earn, especially as patronage or
| maker communes are in short supply. Not to mention the exercise
| of ethnocentric privilege implicit in demanding something of
| quality in exchange for nothing assured.
| 627467 wrote:
| I'm surprised by these sweeping assumptions of what the HN
| audience is.
|
| > relatively well-paid profession earning good wages from
| creating software
|
| AFAIK 1password doesn't practice location-based pricing, so
| how can you assume that "relatively well paid" people from
| different geographies of the world can all find it
| affordable?
| Tempest1981 wrote:
| Probably a general assumption that a the cost of software
| is a tiny fraction of the cost of
| food/housing/transportation, regardless of occupation.
| jjav wrote:
| > I wonder if the reluctance to support others earning money
| for quality work isn't some form of cognitive dissonance.
|
| It's about freedom, not about price.
|
| I will not shape my life and habits around software that can
| be discontinued, or suddenly changed so much that it breaks
| my workflows. I will not use software with proprietary
| formats or which has dependencies on external "cloud"
| services that can go away at any moment. I don't need that
| kind of aggravation.
|
| Happy to pay any reasonable (or even slightly unreasonable)
| money for software, not an issue. Sell me each version as a
| stand-alone application that I can run forever without any
| external dependencies and I'll pay for it.
|
| Try to lock me into a subscription model and/or make the
| functionality dependent on an external server, that'll be a
| hard No. Even if free.
| dehrmann wrote:
| I have no idea what the cause is, but I'm surprised at how
| often I've seen people use an unlicensed Sublime Text copy at
| work.
| paulryanrogers wrote:
| My guess is it's over confidence, at least in my case. Often
| I feel like "I could do that!" Now having tried a few times
| I'm more willing to pay for tools, especially non-
| subscription ones.
| ebiester wrote:
| I agree to the payment. I disagree to the subscription model.
|
| I absolutely would try to hook users on any SaaS. However, I
| go out of my way to avoid such products. If I can pay for
| them once, I much prefer it. (For something like jetbrains,
| I'm okay with a renewal fee because if I choose not to pay
| it, I can still use the older version.)
|
| I make an exception for Bitwarden because I like the idea of
| my password manager having continual security updates.
| However, it's one of the most frustrating parts of the
| webification of services - I want to pay for things once, and
| choose if I want the expanded features at any given time.
| Terretta wrote:
| > _For something like jetbrains, I 'm okay with a renewal
| fee because if I choose not to pay it, I can still use the
| older version._
|
| 110% agreement.
|
| Further, the only thing I like less than subscriptions is
| IAP not of new feature sets but 'pay-to-play' where the
| mechanics of use are negatively distorted to gamify
| purchase impulse.
|
| I've argued -- here, since inception of IAP on Apple's app
| store -- that the worst thing Apple has done to consumers
| was normalize removing the ability to show only single
| purchase paid apps in the app store. An vast class of less
| fortunate consumers either resign to less utility or waste
| time on an artificial "grind", to encourage another class
| of "whale" to drive corporate revenues.
|
| I don't mind extracting cash from whales who can afford it.
| I do have a problem _inflicting artificial digital scarcity
| of utility or enjoyment on the masses to create the 'hook'
| for whales_.
|
| As for subscriptions, it's not clear to me that the
| treadmill of software/hardware upgrades is benefiting core
| use cases.
|
| I like paying for generational or disruptive change,
| "voting with my wallet" on what's of worth to me, but after
| a couple decades of purchasing generations of Adobe
| software only when the features mattered to my work, I
| moved from Adobe to e.g. Affinity and feature sets I own
| instead of rent when these recurring subscriptions don't
| appear to meaningfully benefit my productivity or output.
|
| For instance, it's remarkable to me how similar the
| principles are between today's (re-)emergence of Markdown
| for document composition and the early WordStar /
| WordPerfect / AppleWriter tools of the 80's. I also like
| the experimentation by these Makers in ability to purchase
| a 'pinned' feature set, or support ongoing refinement.
| (Editors whether text or code, like JetBrains mentioned,
| seem to have a jump on this clever -- and rare positive --
| use of IAP.) It's difficult to show what increased utility
| of word processing has come from the most recent 20 years
| of paying for word processing upgrades. Today's dev efforts
| suggest the sweet spot may be 30 years back.
|
| The flip side of this, economic models are still
| dissatisfying for affordability of basic bricks and mortar
| world rights such as housing. The least worst answer
| appears to be rent (with a dystopian jag into ad-
| supported!), and it may be the least worst for software is
| rent as well.
|
| Except when the ongoing annual software rents have risen to
| the same cost as one-time purchase (again, Adobe!),
| contrary to bricks and mortar where the over under is often
| 7 years of possession and use.
|
| Back to artificial digital scarcity -- I'm concerned that
| advertiser funded access to quality writing is losing
| ground to monthly subscriptions for content. Are less
| fortunate kids going to be able to subscribe to NY Times,
| WaPo, Atlantic, Guardian, National Review, American
| Spectator, and so on, for $5 a month each? (News
| aggregations such as Next Issue could resolve this, but
| even as Apple's "News+" this struggles.) Even more
| dissatisfying when a print publication goes down the same
| path as cable, first charging for something that was free,
| then eventually layering in the same ad content as when it
| was free.
|
| Artificial scarcity based IAP, data-broker supported (ad
| supported is fine, individual data for content is not), and
| the descent into the ironic sounding "gacha" model for
| software or content happy meals (utilities, clickers, news,
| etc.) -- something thoughtful has to shift before we're
| living in a future less Roddenberry than Idiocracy.
| stjohnswarts wrote:
| With applications however you are using your resources
| only. If you use a web app you are using their resources
| which they have to pay for continuously in perpetuity. To
| expect a one time fee for that and forever updates just
| isn't feasible. There is software out there for free that
| does what bitwarden does. KeePassX for example, so it's not
| like there aren't options.
| shephardjhon wrote:
| But in cyber security based software woulden't you need
| constant updates against new exploits? In something like
| Fusion 360 or Matlab or office I agree, if you dont need
| new features you shoulden't pay for updates.
| shephardjhon wrote:
| There is a lot of merit to free software and open spurce
| spftware but in this or other cyber security cases, I would
| prefer a paid option that makes it clear where the devs are
| getting thrir money from. If it is free, than the user is the
| product.
| tornato7 wrote:
| Indeed, just see the hundreds of popular free chrome
| extensions that sold out to adware/malware providers
| because they were offered $$$
|
| https://www.bleepingcomputer.com/news/security/-particle-
| chr...
| Spooky23 wrote:
| With 1Password, the subscription is really expensive, and I'm
| afraid that the bloat the company is stuffing into the
| product is weakening the security. Frankly, they make too
| much money.
|
| I've found enough bugs in the Mac product that I assume there
| are security issues I'm not aware of.
| jamesgeck0 wrote:
| A 1Password subscription costs $36 a year. Their previous
| standalone product cost $50 per desktop OS you wanted to
| use it on and had a major version upgrade you needed to buy
| again about every two years.
|
| If you needed it on both Mac and Windows, the subscription
| was cheaper.
| tornato7 wrote:
| I have the 1password family plan which I share with four
| others, collectively we pay a whopping $1/mo each.
| jrm4 wrote:
| Nope. "Password Storage" should not be a business that exists
| in the form of "if you don't pay for good password storage,
| you're not allowed to have it." Especially if it involves
| storing your password with a third party.
|
| The technology to store passwords safely has a marginal cost
| of zero (it's software). People storing passwords in third
| party places _increases_ the threat surface, always. Finally,
| it 's "ecological" in that safety/security of this sort needs
| to be evenly distributed to work its best.
|
| I'm not saying we shouldn't pay people to make things safer,
| we absolutely should. But this is a bad model for it.
| eropple wrote:
| What's your alternative?
| donmcronald wrote:
| For me it's the feature tiering and price discrimination that
| turns me off. I end up paying too much (total cost over 5
| years) for too little. If you look at the business pricing
| it's even dumber.
|
| The $2 billion valuation of 1password tells the entire story.
| They're overcharging for what they're providing and I think
| tech people can "feel" that which is why tech communities
| hate the subscription BS.
| nixgeek wrote:
| I don't really think $8/user/mo for Business is
| overcharging compared to Slack which quickly gets into $30+
| per user per month in larger shops where Enterprise Grid is
| required for its features.
|
| By your argument why can't I buy that and self-host it too,
| decide if I want to upgrade for more features myself?
|
| I also think $5/mo for 1Password for Families is incredible
| value. Zero regrets on paying for this because it
| meaningfully enhances my families personal security posture
| through elimination of reused credentials and enabling TOTP
| (sharing of code generation) on many sites we use, that it
| is cross-platform so no excuses for everyone to not use it,
| and the UX is so simple you don't need to be "tech people"
| to succeed.
|
| How much you charge and how you charge is definitely
| divisive, but 1Password feels very much on the cheaper end
| of the spectrum, not "overcharging", heck Discord Nitro is
| $5 (Classic) or $10 and gets you very little by comparison
| IMO.
| wowwtfattheend wrote:
| > Not to mention the exercise of ethnocentric privilege
| implicit in demanding something of quality in exchange for
| nothing assured.
|
| Whoa! Knowing nothing about the OP you assume that he is the
| member of the oppressing class clamoring for the output of
| his slaves? And, since you're writing this in English, I
| think it's safe to guess you're assuming the person you're
| attacking is a white, so you're basically accusing this guy
| of being an entitled white who can't give up his slave labor
|
| I was with you on the rest of the post but charges of
| "ethnocentric privilege" are a weird, racist escalation
| hiding in academic terminology there bud
|
| Occam's Razor applies here: everybody likes free shit. This
| isn't a property unique to the evil whites
| LordDragonfang wrote:
| https://en.wikipedia.org/wiki/Ethnocentrism
|
| Specifically:
|
| >In common usage, it can also simply mean any culturally
| biased judgment.
|
| Also relating to the "Global North" (who it's very likely
| that any given poster here belongs to) and "Global South",
| which _don 't_ have anything to do with skin color.
|
| Given you've created a throw-away to comment this, I
| suspect you know you're actually the one making a "weird
| escalation" and are aware that you're race-baiting in a
| non-genuine manner.
| staticassertion wrote:
| > For members of a relatively well-paid profession earning
| good wages from creating software, I wonder if the reluctance
| to support others earning money for quality work isn't some
| form of cognitive dissonance.
|
| Yep! People see open source as a goal, rather than a
| sustainable product being a goal.
| api wrote:
| > Is there any password management application out there that
| makes sharing passwords or password vaults easy but is also
| free?
|
| If there isn't something out there that is free, there are two
| options:
|
| 1. Make one.
|
| 2. Stop complaining.
| mohammedhdotio wrote:
| I've been using psono for a few months now https://psono.com/ .
| D-Nice wrote:
| Vaults, self-hosting, all these needless complications imo for
| what should be simple. Just give me a secure deterministic
| password from a website address + master pass combo.
|
| That's exactly what my project, https://app.srspass.com aims to
| do.
|
| Even though I have a super redundant NAS setup, I'd really hate
| to depend on a vault and have it all disappear due to some
| disaster. With SrsPass, I just remember one password, have a
| recovery/backup phrase written somewhere that it gives me which
| adds 128-bit of entropy to each generated password and boom,
| that's my password manager. Stateless, deterministic, and by
| using argon2id, PHC winner, on the client side it is doing what
| most password backends should be, but often aren't doing, which
| is strong memory-hard password hashing.
| kdmdndnsk wrote:
| I'm sorry, maybe I'm just dense, but how can the output of your
| generator be deterministic if you add entropy?
|
| Further, if it's deterministic, how is this different from just
| running your password through a hashing algorithm and then
| using the hash as your password? The only extra information an
| attacker has to figure out is what hashing algorithm you used
| and he can generate all of your passwords from your memorized
| one.
|
| Right? That or I don't understand what you are describing.
| mormegil wrote:
| I think there should be (and probably already is) an FAQ page
| explaining why a "stateless password manager" is not a great
| idea for a common user. I guess the answers to this SE question
| might be a good start:
| https://security.stackexchange.com/q/214301/2530
| MrStonedOne wrote:
| > To clarify, in 1Password 7 we had two types of vaults: vaults
| used with the 1Password.com service and what we called "local
| vaults" or "standalone vaults" which were synced however you
| decided to, typically Dropbox or iCloud.
|
| > Assuming we're talking about the same feature, then the answer
| is no, they are not implemented as the new releases do not have
| support for local/standalone vaults and 1Password 7 will be the
| last version to support them. The new apps rely on the server to
| perform a lot of the heavy lifting so we will not be adding
| support for local vaults as they existed in earlier versions. ...
|
| "We took away a feature that let people not pay us a subscription
| for no reason and are now maybe gonna think about re-adding it
| but making it more complex to setup so nobody uses it and we'll
| get more money."
|
| Can anybody tell me why HIBP still supports them?
| Nullabillity wrote:
| Same reason that they presumably supported them in the first
| place: money?
| giorgioz wrote:
| Is the 1Password Support Community website built with something
| public like a SaaS or open source project?
| https://1password.community/
| moepstar wrote:
| That one seems to be built with Vanilla Forums:
| https://vanillaforums.com/en/
| [deleted]
| frugalmail wrote:
| Was so happy when I moved from 1password to Bitwarden. Far more
| reasonable pricing and a better experience IMO.
| PaulKeeble wrote:
| Bitwarden_rs and keypassxc are what dominate in this space at the
| moment, with bitwarden_rs being the self hosted option directly
| where keypass is local but usually combined with file
| synchronisation software like NextCloud. Both are pretty good and
| get the job done without having to put passwords into another
| companies care.
| Macha wrote:
| Heads up, bitwarden_rs rebranded to vaultwarden a few months
| back: https://github.com/dani-
| garcia/vaultwarden/discussions/1642
| _moof wrote:
| Too little, too late. I used 1Password for ten years, but I've
| switched to a different password manager and I'm happy with it.
| nahname wrote:
| What did you switch too?
| pacomerh wrote:
| I use KeepassXC selfhosted, very happy with it
| arthur_sav wrote:
| You used to be able to do that when they still had licenses.
| iambateman wrote:
| I understand that 1Password is a business and it's their
| prerogative to make money.
|
| In 2014 I switched to self-hosted password management with 1P and
| it changed my life. Today, my 1P vaults are a daily,
| indispensable part of computing. There are thousands of records
| and my overall security is dramatically higher.
|
| Fast forward a few years and I heard that they had introduced a
| subscription.
|
| Why?
|
| It's not their fault: everyone does it. But is this really a
| subscription service? The applications on my computer and phone
| have worked smashingly well for years. Is there enough of an
| ongoing need for development as to require a subscription? I'd
| rather pay a periodic upgrade fee as maintenance is required.
|
| At the same time, independent and decentralized password
| management makes sense. I don't want AmaGooSoft holding my
| passwords to everything.
|
| In any event, I will continue to use older versions of password
| management to save on the subscription.
| tchalla wrote:
| Also, why should you lose access to features because you
| stopped subscribing? You paid for them and now you don't want
| to support future features. Why should you lose access to past
| ones?
| aborsy wrote:
| Keepassxc on Dropbox works well for individuals.
|
| Do Bitwarden or 1password add to this?
|
| They seem to be for enterprise.
| helloworld11 wrote:
| Frankly, given all the major data leaks of recent years and
| months, and not to mention ransomware incidents against even
| large, supposedly well-secured organizations, I fail to see how
| anyone with a modicum of security awareness could recommend or
| use a centralized password manager platform of any kind for their
| own security. People mention "convenience" but i'd say fuck that.
| Convenience is also how many seem to justify the total sell-off
| of their digital and financial privacy.
| soziawa wrote:
| A direct link to the announcement post and the survey /
| announcement signup:
| https://1password.community/discussion/comment/604038/#Comme...
|
| After hiding the standalone license this would put a lot of trust
| back into 1Password.
| clajiness wrote:
| Thank you for the link!
| Hackbraten wrote:
| Link to the relevant survey: https://survey.1password.com/self-
| host/
| cosmolev wrote:
| I am still on 1Password 6 because it is the last version with the
| self-hosted vault.
| yreg wrote:
| Same here. It's a neat app, I don't feel like I'm missing
| something.
|
| The main bummer is no Safari extension, which (together with no
| RES) is preventing me from using Safari as my main browser.
|
| Looking back at the times ~10 years ago, it was a pretty good
| investment to buy software licenses before everything went
| SaaS.
| miked85 wrote:
| 7 will be the last version to support a local vault - I am
| using it now.
| geerlingguy wrote:
| I'm on 1Password 7 and am syncing my local vault through
| Dropbox. I don't pay any subscription...
| yreg wrote:
| How did you do that? Did you port license from an older
| 1Password, or is there some way to buy 1Password 7?
| bleachedsleet wrote:
| Not the parent poster, but this can be done from inside the
| app. They hid the link, but the purchase flow is still
| available from inside 1Password.
| yreg wrote:
| Thank you, I'll check it out.
| geerlingguy wrote:
| Yeah this is what I did.
| mlindner wrote:
| Please let us know how you did this. I'm stuck on 6 because I
| didn't want to pay a subscription.
| DavideNL wrote:
| I wonder whether they are considering this because people are
| leaving 1Password for Bitwarden, which has a self-hosted
| option...
|
| Personally i would never pay for a 1Password subscription. I did
| buy all the standalone versions/upgrades, since day1.
| jeromegv wrote:
| There might be some anecdata on hacker news but 1Password user
| base has been constantly growing.
| notafraudster wrote:
| I used 1password for about ten years. Every interaction I had
| with the developers was pretty hostile. Even if they encouraged
| self-hosting and version-based upgrading instead of a SaaS, I'd
| still stick with a competitor. At this point I'm irrationally
| bothered by the fact that it's a 100+ staff company just to make
| a product that's no better than it was when they had 10 staff and
| is now more expensive.
| devy wrote:
| What are the good competitors you recommend? Dashlane?
| arepublicadoceu wrote:
| > I used 1password for about ten years. Every interaction I had
| with the developers was pretty hostile. Even if they encouraged
| self-hosting and version-based upgrading instead of a SaaS, I'd
| still stick with a competitor. At this point I'm irrationally
| bothered by the fact that it's a 100+ staff company just to
| make a product that's no better than it was when they had 10
| staff and is now more expensive.
|
| I have no idea why you're being downvoted for expressing your
| experience and opinions. So I will just add another data point
| to corroborate your experience and (probably) be downvoted
| together.
|
| I've also been a long time user who paid for every upgrade, and
| every issue I had with them I received a hostile response or a
| completely dismissive one. Not sure which is worse.
|
| This made me jump ship last year and now I'm a happy bitwarden
| user.
|
| No, it's not perfect as you can see in others comments around
| here but at least I don't have the constant nag that their
| values are misaligned with mine: forcing a subscription model
| down my throat at almost 4x the amount of money that bitwarden
| asks with fading support for standalone licenses and local
| vaults.
| PragmaticPulp wrote:
| > At this point I'm irrationally bothered by the fact that it's
| a 100+ staff company just to make a product that's no better
| than it was when they had 10 staff and is now more expensive.
|
| Supporting more customers and larger scale is inherently more
| expensive, but I still don't understand how the product feels
| like it peaked about 5 years ago and has been treading water
| ever since.
|
| I don't mind paying $50 or even $100 for a good password
| manager that I could rely on for several years. However, it
| feels like these moves toward subscription software are aimed
| at extracting $300 or more from me for the same time period,
| all while failing to provide a decently updated experience.
|
| I do routinely pay $150/year or more for other software
| packages like JetBrains IDEs, but those are constantly updated.
| With 1Password it feels like the move to subscription was a
| step backwards in features with a huge step up in long term
| price. No thanks.
| dawnerd wrote:
| Just to add another data point, I've been with them since
| almost day one and every interaction I've had has been very
| nice. They even got my data out of a backup when something
| weird happened when switching from a business to family plan.
| (I might be a weird edge case since my account shows as both
| family and business a custom domain).
| paulryanrogers wrote:
| If they can get your data out then do they have access to
| your keys?
| gokhan wrote:
| Most probably encrypted data out of a backup for you to use
| after unlocking.
| shitloadofbooks wrote:
| I'm absolutely loving 1Password. The Kubernetes Operator is slick
| and painless. Syncs with 1Password and stuffs the passwords in
| standard Kubernetes Secrets, meaning anyone can understand what's
| going on versus something like say Vault.
| sofixa wrote:
| > Syncs with 1Password and stuffs the passwords in standard
| Kubernetes Secrets, meaning anyone can understand what's going
| on versus something like say Vault.
|
| Vault is much more ( and better ) than just password storage,
| but isn't that hard to use either.
|
| Kubernetes Secrets aren't great or very secret, so just dumping
| stuff there from 1Password seems like... Of very limited
| utility. Having static secrets across multiple clusters and
| visible from a web UI, that's it?
| thisdrunkdane wrote:
| Is this using the m2m API they recently introduced? Where you
| host a kind of API shim in your infrastructure? To me the
| pricing of it seems pretty steep if you want to give each
| service it's own key?
| celeritascelery wrote:
| I always assumed that they didn't have the keys to unlock my
| vault, so even if something was compromised it is all encrypted
| with no way for them to access it. What is the advantage of self
| hosting?
| miked85 wrote:
| The key word here is _assumed_. I am not saying they have
| access, but considering the implications if someone else could
| access all of my passwords, I would rather not take the risk.
| cdumler wrote:
| TLDR; Big reason is policing is going to get a lot more
| invasive; however, I have found the very positive reflection
| that my in-house services are far more reliable.
|
| I have the advantage that I am a programmer, so I can deal with
| a bit of reading install guides and arcane configuration. I was
| surprised to learn just how reliable things can be. Open Source
| tends to move forwards, so I don't have features taken from me.
| In recent memory, both 1Password and Fantastical have taken my
| features in the name of subscriptions. I installed ZigBee home
| automation with a Hubitat. It has never failed me. Internet and
| Wi-Fi can be down and things still work. The unreliable part is
| Google Nest (invalidates tokens every now and then) and Apple
| Siri (randomly can't do things at times). In short, I can
| automatically scan and OCR documents, have file services, movie
| and music, and more, and it all just works.
|
| /rant mode enabled
|
| It has become obvious to me that the law is quickly becoming
| snitch based. With so much information being hosted online,
| it's just too tempting a target to not use it for other
| purposes. Google and Facebook are just the leaders in where
| this is going. There is just no reason for law enforcement to
| not scan for dissonant behavior at some point, just as they
| roam the roads looking for violators. As more jobs become
| remote, the argument will be "the roads of the 21st century are
| on the Internet." Difference before is if you get pulled over
| on the road, you can log it. You know when and where it
| happened. You have evidence of the encounter. You can see what
| was used against you and who.
|
| The new system you requires you to try to prove your innocence.
| You won't know when or where you were targeted. You are not
| allowed to inspect the software or see the matching hash
| information. You must open your phone to prove the file is
| innocent, at which is is legal for the police to capture data.
| Finally, it is NOT against the law for law enforcement to lie
| to you [1]. This utterly stacks the deck against you.
|
| All of this could be avoided if at the time of the event you
| could record what happened and challenge it, because ultimately
| law enforcement is a money making scheme. Cops are the largest
| thieving group in America, so treat them like it[2]: a car
| alarm doesn't stop them, it's just means most thieves will
| choose an easier target. So, private services doesn't stop a
| cop, but following cloud events is a lot easier than trying to
| get into my house.
|
| My sincere hope is that the cloud keeps them busy enough to
| stay far away from me.
|
| [1] https://www.youtube.com/watch?v=_IZlrf8CiM4 [2]
| https://www.washingtonpost.com/news/wonk/wp/2015/11/23/cops-...
| ceocoder wrote:
| Not having to rely at all on someone else's infrastructure-
| including ssl certs. Not worrying about credit card expiring or
| any pivots in business.
| dmitriid wrote:
| proper link to the post:
| https://1password.community/discussion/comment/602482/#Comme...
| lisper wrote:
| I've never understood why anyone who takes security seriously
| would even consider a non-self-hosted (and non-open-source)
| password manager, especially after the recent Apple shenanigans.
| If it's not open-source and self-hosted then your security is
| _entirely_ dependent on the good will of your provider. If they
| decide to screw you, they can. And it 's not just the good will
| of the people running your provider _today_ that you have to bet
| on, it is the continued good will of whoever ends up running your
| provider tomorrow or after they get acquired. It seems like a bad
| bet to me in the long run.
| YPPH wrote:
| Convenience.
|
| A self-hosted password manager really shouldn't be exposed to
| the internet. If you are making it accessible over the
| internet, it's a _far_ greater security threat imo. You 're
| just not going to be able to keep it up to the same security
| standards as a large production install, like what the
| Bitwarden folks have going.
|
| Needing to VPN or SSH tunnel into my home network each time I
| need a password is _far_ too inconvenient.
|
| Not to mention the spared effort in not needing to regularly
| back up your vault or worrying about keeping the service
| available.
| miked85 wrote:
| That is why the local vault option was the best in my mind,
| and then using DropBox/Resilio/etc to sync. It is very
| unfortunate that they are no longer supporting local vaults
| in the next version.
| lisper wrote:
| If it's properly encrypted you should be able to publish it
| on github and still be more secure than entrusting it to a
| third party.
| YPPH wrote:
| Publishing your vault of passwords on a public GitHub
| repository seems like a pretty bad idea, no matter how well
| you trust the client-side encryption code.
|
| I'm no expert on the subject, but I suspect these password
| managers use a sophisticated mechanism of authentication
| (for accessing the vault) _as well as_ encrypting of the
| actual contents of the vault.
|
| The effect of this means that Bob's encrypted vault cannot
| be downloaded by an attacker without the attacker first
| authenticating to the server.
| lisper wrote:
| And why do you think that authentication + encryption is
| going to be more secure than encryption alone? Either
| way, there's a secret. If you know the secret you can
| access the data and if you don't you can't. The UI/UX
| trappings of the mechanism don't change this fundamental
| dynamic.
|
| What _does_ change the dynamic is if you allow a third
| party to control the code that you run.
| YPPH wrote:
| 2FA is engaged at the authentication stage, so knowing
| the vault passphrase may not be sufficient.
|
| Further, allowing anyone to download my encrypted vault
| just feels really uncomfortable and unnecessary.
| lisper wrote:
| You can use 2FA to encrypt. OK, it would be 2FE, not 2FA,
| but it's the same idea. Just encrypt using a Diffie-
| Helman key derived from a secret contained on a device.
| (Of course, if you're going to do this, you could just as
| well keep the vault itself on the device.)
|
| > Further, allowing anyone to download my encrypted vault
| just feels really uncomfortable and unnecessary.
|
| It is unnecessary. I said you _could_ publish your vault
| on github and still be more secure than a third-party
| provider. I didn 't say you _should_ do this. Of course
| you should try to keep your vault away from prying eyes.
| But you should not rely on this for your security. You
| should only ever rely on one thing for data security, and
| that is the integrity of your secrets, which should be
| small enough to be stored in your brain or in a device
| that allows them to be used without being read (2FA /E).
| That's the _whole point_ of encryption.
| pvg wrote:
| _if it 's not open-source and self-hosted then your security is
| entirely dependent on the good will of your provider._
|
| It's because neither of these conditions are really true -
| you'd have to assume that source code is only way to assess the
| security of software and that end-to-end encryption doesn't
| actually work.
| lisper wrote:
| That depends on what you mean by "end-to-end encryption
| doesn't actually work". Of course E2EE works in principle.
| The problem is: how can I know that the code I am running is
| in fact a properly implemented E2EE system if I don't trust
| the vendor and I can't audit the code?
| pvg wrote:
| If you don't trust the vendor, don't let them handle your
| passwords, obviously. But the security properties non-open-
| source code are routinely analyzed and vulnerabilities
| found, etc. Plus the track records of the various
| solutions, a cartesian product of open/closed source,
| 'hosted' or not, etc speak for themselves.
| lisper wrote:
| > If you don't trust the vendor, don't let them handle
| your passwords, obviously.
|
| The problem is you not only have to trust your vendor
| _today_ , but you also have to trust them _tomorrow_.
| Every vendor is one acquisition or compromised senior
| executive or engineer [1] away from becoming
| untrustworthy even if they started out being perfectly
| trustworthy. Assessing present trustworthiness is hard
| enough. Assessing future trustworthiness is obviously
| impossible.
|
| [1] They don't even have to be compromised. All they have
| to do is make a bad decision. Apple, the company that
| built an entire marketing campaign on trust, is now
| installing spyware on its devices.
| discobean wrote:
| too little too late
| epmaybe wrote:
| Am I doing something wrong by having my passwords stored in
| iCloud?
| easton wrote:
| Not if you don't use Windows or a non-Safari browser on macOS.
| If you're all in on Apple it's fine.
| encryptluks2 wrote:
| There are so many good open source alternatives that already
| offer this they probably no longer have a choice. Which password
| software would you want to choose, the open source one offering
| superior privacy or the paid one that only adopts better security
| when they start losing a lot of customers.
___________________________________________________________________
(page generated 2021-08-08 23:02 UTC)