https://blog.1password.com/privacy-preserving-app-telemetry/
Will you consider switching to alternative password managers like Bitwarden due to the introduction of the new telemetry system in 1Password?
It allows you to move objects using your mind.
That's telekinesis
Is there much difference?
Will you consider switching
I use mSecure so doesn’t impact me.
Most products have telemetry to help with product decisions. However, with a password manager it feels like a bit of a breach of trust having an outbound request with each use.
It's a shame as I think 1password is one of the better password managers.
They would need to spell out exactly what was collected and how the data is handled for me to consider it. Regardless, I would opt-out if possible and if there is no opt-out I wouldn't use the product.
Customer accounts are not included for now. Once we’re confident it delivers on our privacy standards, we’ll announce a timeline for rolling telemetry out to customer accounts. At that point, we’ll also provide guidance on how you can opt out if you’d like to.
You can opt out of it.
If you're just headline skimming you might think the company has turned from good, privacy-respecting to suddenly evil but taking the time to read the entire article instead of the 3 dot points that OP has provided, you'll see that there's a legitimate reason for doing so and it's actually entirely optional.
Bitwarden is still better though, and I say that even though I've paid for 1Password before.
an outbound request with each use
I don't see that specified anywhere, it doesn't appear very likely IMO (very inefficient to start).
At this stage, they're just dogfooding this with their own staff. The post says:
We’ll be sharing a deep dive into how our new system works at a later date.
I imagine those interested will be able to learn a lot more before it potentially applies to us, and we can opt out if we believe it necessary.
True, there would likely be some batching of events. It's an electron based app, AFAIK, basically a webapp in it's own browser.
Just jumped. I'm not paying 1password a premium for them to collect data, I don't care how they dress it up.
I've returned to BitWarden.
I've returned to BitWarden.
Returned as in you left BitWarden? If so, out of curiosity what drove you to switch away from BitWarden?
I got given a 1p gift card.
£0.01 seems a bit stingy, even for an OzBargainer!
Where is the I do not use password manager option?
Mister Sunak has plenty of mates in Delhi…..
Wut
thanks for negging
On every US dollar note it says: In God we trust.
Yeah fine blessed are the believers…..
What?
I can understand AgileBits dilemma - if the only way they know how we use their product is when someone bothers to complain - if the only time they know about a software crash is when someone leaves a nasty review - it's going really handcuff their developers in making a better product. Simple things like how many people use the browser add-ins to add new sites (and which browsers?) versus using the full client - and on what OS - is going to significantly help them prioritise fixes/improvements.
Understandably they say that they won't be tying this to any account or data from that account, the proof of how serious they are in this privacy focus is only going to be properly evaluated when we see more detail. In some ways, they should have left this announcement until they had that detail available, but then I guess people would accuse them of being secretive, with some dastardly plan.
To answer OP, sure - if they turn all evil with this then I will reconsider my subscription - but in the meantime, I'm leaving my pitchforks in storage.
Summary: Users are requesting standalone non-subscription licenses, avoiding Electron to prevent Chrome bugs, and demanding control over their vaults without relying solely on cloud storage. In contrast, 1Password seems to be oblivious to these user demands, suggesting the use of telemetry as a solution to understanding user needs.
Even ChatGPT can figure this out
Sorry, I was referring to them improving the product they have.
I wasn't concerned about improving the imaginary product that some (yes, I know, quite a few of their former customers) wish they had.
What are you talking about they had:
but got rid of it.
I don't have a need for a password manager coz I use the ShortKeys app to replace complex passwords with simple, predetermined, 3 character codes, which makes it very easy to do your own management.
For example, instead of having to remember & type in a complex password such as 470325hH* ,
I simply type in a predetermined code such as "1pp" and voila, the password is automatically typed in.
I can assign different 3 character codes for different passwords
… e.g. "1pp", "1pq", "1pr" etc
No mucking around with password managers.
ShortKeys is also useful for any other text strings such as usernames, so that instead of having to type in a username like "George", I simply type in a predetermined code such as, for example "1ge"
I just couldn't do without Shortkeys now, coz I also use it for many other, often quite long, text strings as well, so it's one of my essential apps.
Is there a small risk that you could accidentally expand a password where you didn't want to, eg in a document, email, etc?
The app serves a different purpose and isn't really useful for passwords.
It doesn't appear to support:
Your system also doesn't scale well, IMO. When you have a large number of accounts, it would require memory of unique codes for each set of credentials if you don't want to leave yourself vulnerable to credential stuffing.
"The app serves a different purpose and isn't really useful for passwords."
Serves me fine. Also has multiple uses. I could not survive without it.
"Sync between computers"
HUH? Why would you need to log onto more than one computer at a time?
"stronger encryption"
HUH? You can make the password as complex as you like. What are you driving at?
"Serves me fine. Also has multiple uses. I could not survive without it.
Glad it serves your purpose. There's no way that i'd recommend that over a password manager.
HUH? Why would you need to log onto more than one computer at a time?
Computer. phone, tablet. You'll find that most people use more than one device.
"stronger encryption"
One benefit to password managers is that the information is strongly encrypted. This isn't to do with the passwords themselves - more the way they are stored.
Are your macro files encrypted?
My instant, knee-jerk reaction was to hit "Yes I'd leave 1P" on the poll.
Having read the full post, my answer for now is No.
The reality is they can make stealthy, privacy-breaking changes at any time.
But by making this announcement, they instead chose to do a full writeup of what they're doing, why they're doing it, what their next steps are, and how it affects us now and possibly in future. And a way out.
Could they still do sneaky underhanded privacy-breaking things with all of that? (And their post is really just a bit of virtue-signalling?)
Oh yes.
But I've been with them over many years, since the MacHeist days in fact, and while I actually agree with all your (imho valid) points re Electron, off-cloud vaults, non-subscription option, etc., they've not (yet) violated trust when it comes to two things that really matter to me: security and privacy.
Having said that, Bitwarden etc may offer 90% of what I need for a fraction of the cost. I've just not seriously considered how to transfer 2,000-something items across. That and so many things work well for our family.
Can you explain why this might be concerning? Sorry for the noob question.