Existing users, log in.  New users, create a free account.  Lost password?

Mac OS X  |  Security / Privacy  |  Password Managers  |  1Password  |  A Fantastic App, But It Needs to Change Focus

1Password

1Password

Store your important information and log into Web sites automatically.

Version:  3.0.1

   [ Views: 292 ]

A Fantastic App, But It Needs to Change Focus

Feedback Type:  Commentary

Contributed by: marmaladewanker Thursday, April 24 2008 @ 08:26 AM PDT

Product Platform: MacOSX

Used Product For: Over One Year

Recommend Product: YES

This commentary will get buried.

But I'll share my thoughts for the few hours that they remain front-and center. 1Password is an outstanding app. I bought it. You should, too. But its development is headed in the wrong direction. Here's why:

My1Password
  • Ugh! This is their new thing. It's a "secure" Web site where you can store all of your passwords and data and have access to it anytime and anywhere. But guess what? Nobody trusts their personal data with some sweaty teenagers playing Quake DM on some machines in Duluth, Iowa! Do you think I want someone else to know how many pron DVDs I bought over the past six months? Or how many orders for online prescriptions I place at my local pharmacy? Nobody does. And I don't care how "secure" or "private" you claim it to be. Someone will crack it. Someone will figure things out. And I don't want my data to be there when they do. Nothing's as safe as my own data on my own machine, blocked from incoming or outgoing connections. The market for My1Password is slim.
A Cracking Contest
  • 1Password should have a "cracking contest." The purse is $5,000 and every geek from here to Gujarat, India gets a chance to try to break your encryption, your software update process. Everything. I want to know that your development is bomb-proof. I want to see if any of my data can seep out during a software update or other activity. But I'm not smart enough to crack your code myself. So, give the nerds a chance to break it. Then, announce the results of the contest (even if you have egg on your face), tell everyone you'll fix any problems and then make 1Password even better. I'll even PayPal a few bucks for the cause.
A Blackberry Flavor of 1Password or Mobile Phone Access to Your 1Password Keychain
  • Selfishly, I'd like to see a way to access my own personal 1Password encrypted keychain data (that I upload to my own Web server via FTP, thankuverymuch) from my Blackberry. From Opera would be great. But an integrated app that just works on the Blackberry as well as it does under OS X? A dream come true, baby! But there's a snowball's chance that that will happen anytime soon.
Summary, boys? Dump the My1Password pipe-dream. Start a "cracking contest" and show the world you're not afraid to let geeks hammer your software to find its weaknesses. Then, make your encryption stronger and better and meaner and faster. Continue to do this, to show us consumers you care about our data. Resume/Start development of a Blackberry-compatible version of 1Password so that the other 50% of the market can use it during their daily lives. And guess what? You may have yourself a whole slew of new customers.

I love 1Password. Turn the ship around. Thanks for reading.   

4 of 9 users found this helpful.

Rate this Commentary

Was this Commentary helpful? Yes | No

Comments

4 comments |

A Fantastic App, But It Needs to Change Focus - robbyx--2008

I agree 1000%. I'll NEVER use the My1Password. No thanks!!!

Reply to This

Thursday, April 24 2008 @ 09:58 AM PDT


A Fantastic App, But It Needs to Change Focus - dteare

Thanks for the feedback!

Just for completeness, the my1Password service is completely optional, just like .Mac is. We wrote my1Password as an alternative to .Mac based on user feedback. Many users also wanted access to their data while on a PC.

Thanks again for your feedback and helping us set the priorities of the next release!

P.S: Version 2.6, our newest release, took over a month of development time and had no my1Password improvements, much to the chagrin of many users who want us to push it harder.

--Dave Teare
Co-author of 1Password

Reply to This

Sunday, April 27 2008 @ 06:05 PM PDT


Re: Contest Idea - Agile Web Solutions

I love your contest idea and if you have any experience (or passion) in organizing an event like this then please contact us via e-mail and we will work together. We can certainly work as a sponsor and provide all the prizes.

Unfortunately, I suspect that the contest prize is not a biggest expense there. The task of setting up and promoting the contest website, defining the contest rules, preparing the legal papers and selecting the judges is the major obstacle for a medium development- and customer-support focused company like ours. Also take into account that most of the encryption and data protection is based on existing Mac OS X technologies provided by Apple. The keychain services code (CSDA) used by 1Password is open source.

Last note, if you remember, the famous CanSecWest hacking contest where the MacBook Air was hacked via Safari exploit was not organized by Apple even though it will be much easier for a big company. In fact, Apple is not even on the list of sponsors.

Reply to This

Sunday, April 27 2008 @ 07:03 PM PDT


Re: Blackberry Support - Agile Web Solutions

One more note, about Blackberry. I can't tell you the exact date because I usually get it wrong but we hope to get Blackberry application completed in the next couple of months.

Reply to This

Sunday, April 27 2008 @ 07:08 PM PDT