I am a big fan of 1password. I was very unhappy with the transition to subscription only, and tried bitwarden. After months of futzing around with it, I went back to 1password.
I did so after reviewing their audit results, awhat they documented about their architecture, and after they added great support for Linux. At the end of the day, not everything is a conspiracy - and their model appears to be incredibly secure.
I would like the self-hosting option (that like Bitwarden, will still require a subscription), but a big part of what I am doing is sharing credentials with family. 1Password does a great job there.
Honestly at the end of the day, everything else is about your value proposition. I didn't know or realize that 1Password had shifted to electron as asserted elsewhere. I guessed that there was a new version given that linux was supported but it made no difference for me. Great for them. Likewise, they are far more secure then me editing a password file. Eventually the market will decide here. If people really care about swift versus javascript, then it will penalize them eventually.
That said, people arguing that dashlane and others are better then 1password, given that dashlane has access to your passwords, I can't imagine that this is a choice that makes any sense given the basic requirement of a password manager (keep my passwords safe).
Please, if you haven't already, fill out this 1Password survey. They are considering self-hosted vaults but want more data on who/how it would be used:
> That said, people arguing that lastpass is better then 1password, given that lastpass has access to your passwords
Don’t get me wrong, I hate Lastpass with an unprecedented rage for something that should be a simple utility (I’m forced to use it at work and it’s a time sink), but I don’t know where you get that and would like a source.
Are you sure that the passwords that were the object of the study came from the password manager itself? The paper that is referenced says this in the introduction:
> In this paper, we seek to fill in the gaps by gathering and analyzing a large collection of leaked password datasets across multiple years and various online services
> Virginia Tech researchers led by Dr. Wang have collected a number of publicly available password datasets from the Internet in January 2017. The datasets were obtained from various online forums and data archives.
It looks like they just used already leaked passwords.
I did so after reviewing their audit results, awhat they documented about their architecture, and after they added great support for Linux. At the end of the day, not everything is a conspiracy - and their model appears to be incredibly secure.
I would like the self-hosting option (that like Bitwarden, will still require a subscription), but a big part of what I am doing is sharing credentials with family. 1Password does a great job there.
Honestly at the end of the day, everything else is about your value proposition. I didn't know or realize that 1Password had shifted to electron as asserted elsewhere. I guessed that there was a new version given that linux was supported but it made no difference for me. Great for them. Likewise, they are far more secure then me editing a password file. Eventually the market will decide here. If people really care about swift versus javascript, then it will penalize them eventually.
That said, people arguing that dashlane and others are better then 1password, given that dashlane has access to your passwords, I can't imagine that this is a choice that makes any sense given the basic requirement of a password manager (keep my passwords safe).
-- edited correction - dashlane, not lastpass.