Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


1Password's gone bad - recommendations?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

1Password's gone bad - recommendations?

raindog308raindog308 Administrator, Veteran

I hadn't noticed that 1Password has moved to a subscription-only pricing. $180 for the next 5 years? GTFO. Was going to gift the app to my wife but I just burst out laughing when I saw the price and now it's time to move on.

LastPass was awful when I tried it, but it's been a while, but they've been bought. Might have to go back to pwsafe or KeePass. Anything else?

«13456

Comments

  • WSSWSS Member

    I don't mind LastPass. It keeps syncronizing between different browsers and platforms incredibly simple. KeePass requires too much care and feeding when I can have LP for $12/yr.

    Thanked by 1Hxxx
  • jarjar Patron Provider, Top Host, Veteran

    That's only for using their sync service isn't it? I use it every day with Dropbox sync, no extra cost.

    Thanked by 2yomero MacPac
  • HarambeHarambe Member, Host Rep

    Mac or Windows? I see 1Password Standalone as a $65 in-app purchase option for the Mac app. https://itunes.apple.com/us/app/1password-password-manager-and-secure-wallet/id443987910?mt=12

  • jarjar Patron Provider, Top Host, Veteran

    @Harambe said:
    Mac or Windows? I see 1Password Standalone as a $65 in-app purchase option for the Mac app. https://itunes.apple.com/us/app/1password-password-manager-and-secure-wallet/id443987910?mt=12

    iOS and android apps are still usable without this subscription too. Looks like their site is misleading really. Implies you have to subscribe but I mean, I have the latest apps and no account with them.

  • MikeAMikeA Member, Patron Provider

    LastPass is great, and it's completely free now for device syncing. Would recommend it... Their chrome app works great and I've had issues with other password manager browser apps.

    Thanked by 1kalimov622
  • HarambeHarambe Member, Host Rep

    @jarland said:

    iOS and android apps are still usable without this subscription too. Looks like their site is misleading really. Implies you have to subscribe but I mean, I have the latest apps and no account with them.

    Yeah, I think they're in a weird transition phase. I'm sure they'll only allow subscriptions at some point in the future, but right now you can still do standalone on Mac (and sync via Dropbox/iCloud) and there's a 'standalone version' download link for Windows (not sure if you can purchase a license in-app there).

  • jarjar Patron Provider, Top Host, Veteran

    @Harambe said:

    @jarland said:

    iOS and android apps are still usable without this subscription too. Looks like their site is misleading really. Implies you have to subscribe but I mean, I have the latest apps and no account with them.

    Yeah, I think they're in a weird transition phase. I'm sure they'll only allow subscriptions at some point in the future, but right now you can still do standalone on Mac (and sync via Dropbox/iCloud) and there's a 'standalone version' download link for Windows (not sure if you can purchase a license in-app there).

    Last time I downloaded it for Windows it just never even bugged me about a license. Was a bit ago though.

  • bapbap Member

    Your brain, free as long as it actives.

  • raindog308raindog308 Administrator, Veteran

    I don't see new non-subscription licenses for sale on their web site..? Forums seem to confirm they're only doing subs for new customers.

    I could still gift the app for mac but safe to assume that's going away.

  • jarjar Patron Provider, Top Host, Veteran

    I don't think I ever bought from them direct but yeah, they make it sound like they'll be updating clients later to require accounts. Either that or just hoping to catch suckers who land there before the App Store.

  • jarjar Patron Provider, Top Host, Veteran

    Never mind, does look like they're just hyping the subscription by making it look like the only path:

    https://support.1password.com/why-account/

    Good, no worries then. I mean I'd pay for it anytime, but not shaking anything up right now.

  • WSSWSS Member

    @jarland said:
    That's only for using their sync service isn't it? I use it every day with Dropbox sync, no extra cost.

    When I signed up, you needed "Premium" for it to support different operating systems. A few months later, they made it free.

  • YmpkerYmpker Member
    edited March 2017

    Im using Enpass and quite happy so far :)

  • alfredalfred Member, Host Rep

    I still use 1password right now (subscription).

    I thought about building my own just using something like S3 for storage but after reading AgileBits blog I realized there were quite a few small security-related issues that probably should be addressed, like avoiding keyloggers...

    I'm still considering though. If I build it just for myself nobody's going to attack it right?? :P

  • jarjar Patron Provider, Top Host, Veteran

    @Ympker said:
    Im using Enpass and quite happ so far :)

    Really is the next best thing for someone who enjoys 1Pass.

    Thanked by 1Ympker
  • @bap said:
    Your brain, free as long as it actives.

    That's if you use one password among many sites, if one of the sites you visit and are a member of gets hacked? Your done.

    It's as simple as Googling your username and finding what other sites you visit, the internet is a very dangerous battlefield my friend.

    Back on topic, I personally use LastPass and highly recommend it. KeePass is also one of the ones I recommend too, I know one of my friends who set it up so it works with AD Authentication and it's also external facing for when he goes onsite or someone in his company does, quite clever. That reminds me, I need to ask him how he got it to work!...

  • bohdansbohdans Member
    edited March 2017

    I use 1Pass, but also don't like the push to subscription model.
    I bought it outright, because I like the fact the data is not on their servers.
    I like the look of Enpass, but scared about using a closed source, Indian based, recent (~1yr) released app without any audit.

  • Also, you can still purchase standalone licenses here: https://agilebits.com/store

  • JamesKJamesK Member
    edited March 2017

    Have you tried Sticky Password Premium? Currently 50% discount is going on it which provide price $15 for it. You can compare it's features to other password manager at here http://www.pcmag.com/article2/0,2817,2407168,00.asp

  • johnnymattjohnnymatt Member
    edited March 2017

    Honestly i would stay with Keepass even if LastPass is 2 steps forward because i have control of my cute kdbx database all time. Ou dont have passwd sync (for me its a plus, less security problems) with Keepass out of the box and as you know its compatible:

    • Windows/Linux
    • Android/Amazon Tablets
    • Firefox/Chrome (thanks to plugins)

    You have a decent autocomplete (FF > Keefox) and if you want to update your password just connect one sec the peripheral you want to update to your last kdbx.

    Lastpass is too much bloatware (last android version, my single opinion) but my thought is only because im so addicted to keepass that everything else with more functions is ... useless.

    Thanked by 2Four20 bitseeker
  • jiggawattjiggawatt Member
    edited March 2017

    $180/5y is $3/mo - that's not unreasonable for software that

    • is expected to be secure/audited
    • requires active maintenance to support changes in the platforms/browsers
    • is developed by a full team in the 1st world

    I'm flummoxed that the gracious leader of the LET commentariat class @WSS would even contemplate, let alone suggest, LastPass: https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/

    Bad regex parsing is an amateur coding mistake. It's unacceptable when CloudFlare does amateur coding - but it's not a problem when it's the company storing all your passwords?

    (Edit: take a look at LastPass' bug bounty payout too. That's probably less than 1/10th of what the FSB would pay, even under heavy State budget cuts. Is it not worth paying for security?)

  • If FSB were interested in that he would already have it and without paying.

    As for the OP question: passwords are so yestercentury. I always for everything use the same password because statistic have led me to the assumption that anyone finding out my always-the-same-password for one site will, assume that I use another one for another site, first try all other imaginable passwords there, hehe.

    Moreover I do not trust lastpass and similar sites. That while I always use "1/O" as password. Having a letter, a number, and a special char in it is very secure; but - and that's where the story gets hot - my password can also be read as "one divided by zero" which is exactly what an OCR reader might give as result, if a mischievious site first takes a picture of my password in their database and then OCRs it ... and BANG division by zero exception! That'll be a lesson for them evildoers.

  • bsdguy said: If FSB were interested in that he would already have it and without paying.

    That's incredibly naive. This isn't the movies - the FSB doesn't magically make information appear to them because they are Russian villains. They are watching the West's agglomeration of data in awe and they are seeking to exploit that through very practical methods.

  • sinsin Member

    I only ever use Keepass.

  • @jiggawattz said:

    bsdguy said: If FSB were interested in that he would already have it and without paying.

    That's incredibly naive. This isn't the movies - the FSB doesn't magically make information appear to them because they are Russian villains. They are watching the West's agglomeration of data in awe and they are seeking to exploit that through very practical methods.

    a) what do you really know about FSBs capabilities?
    b) what makes you assume that the security at e.g. lastpass isn't so lousy that one needs high-class hackers?

  • jiggawattjiggawatt Member
    edited March 2017

    a) what do you really know about FSBs capabilities?

    They advertise and actively recruit skilled computer specialists and lure them with better flats, more money and a dismissal from mandatory military service. I don't know if they are getting anyone good, though I assume they have Bogachev.

    b) what makes you assume that the security at e.g. lastpass isn't so lousy that one needs high-class hackers?

    I think LastPass security is lousy, based on the exploit I provided above. Are you insinuating that the FSB isn't interested because it's not challenging enough to exploit?

  • @johnnymatt said:
    Honestly i would stay with Keepass even if LastPass is 2 steps forward because i have control of my cute kdbx database all time. Ou dont have passwd sync (for me its a plus, less security problems) with Keepass out of the box and as you know its compatible:

    KeePass for me too, hosted on my own VPS with webdav, sync's with Windows, Android and iOS. And no one else has my passwords :)

  • bsdguybsdguy Member
    edited March 2017

    Ad a) every intelligence service tries to get good people. Plus: better flats, etc. must come from old sowjet times.

    Ad b) No, I'm not trying to say (let alone insinuating) that FSB isn't interested. Look at what I wrote. I'm saying that they wouldn't pay lots of money to get at lastpass's database; it's simply neither needed nor effective.

    That said I think you have a wrong and probably usa of a impregnated image. FSB, unlike some western services, is professional and they don't work hard (or pay high) to grab just whatever they can get ahold of.
    I happen to know a little about Russia and IT and I can tell you that they are certainly not behind western services in capabilities, particularly when it comes to tao.

  • raindog308raindog308 Administrator, Veteran

    jiggawattz said: $180/5y is $3/mo - that's not unreasonable for software that

    I hear what you're saying but it's the subscription that kills it for me. I paid $65 so obviously I'm willing to pay. But the idea that I could never stop paying and if I did, my data becomes no longer available (or becomes read-only which I think is the case here) is unacceptable.

  • Awmusic12635Awmusic12635 Member, Host Rep

    raindog308 said: I hear what you're saying but it's the subscription that kills it for me. I paid $65 so obviously I'm willing to pay. But the idea that I could never stop paying and if I did, my data becomes no longer available (or becomes read-only which I think is the case here) is unacceptable.

    They still very much sell the one time fee version and have said they intend to continue to support it. The subscription was for those who don't want to have to manage sync themselves.

Sign In or Register to comment.