21 comments

[ 3.6 ms ] story [ 38.4 ms ] thread
The comment I directly linked to comes from one of Orion's founders. It's a good tl;dr of what's happening.

"Orion founder here. Just to confirm that 1Password team never made an effort to contact us or work on this with us. We are open to help.

As far as I can see, this feature request has simply been ignored for almost a year, while being one of the most requested features from 1Password users on this forum?

I am sure everyone would appreciate a decent explaination of what is going on."

I'm not a 1pass user, but perhaps the explanation is that its a niche browser and they don't have the bandwidth for it right now? This is the first time I've ever heard of Orion browser. Should they also be building plugins on every other non-major browser? There are several bigger than Orion
Orion browser supports the WebExtensions API, and Chrome or Firefox extensions work with it. They don't actually need to build anything, they just need to flip a switch to enable the extension to work with the Desktop client.
> they just need to flip a switch

Do they have to support it going forward ?

Can the user “just need to” use another browser?

The explanation is a PM at 1Password decided it wasn’t worth prioritizing, likely for good reason.
Cool except "most requested features from 1Password users on this forum" is not a measure of what proportion of 1password users that is, only that there is a very noisy cohort. It honestly wouldn't surprise me if the people filling the forum with these requests represented 100% of users of both Orion and 1Password.

Noisy users != most common and/or largest proportion of users.

[edit: Oh wow, I just went to the website, and it only offers a beta download. So this is a tiny browser that doesn't even have a stable release demanding that they're supported as though they're a major one with a significant number of users?]

The only successful exploits of password managers has been through browser plug-ins... why is there so much demand for them? KeePassXC supports auto-type (will enter your username and password) with one keystroke; BitWarden supports super-easy copying of your username, password, and TOTP code. So having a browser plugin would save me much time and cuts by 100% the time spent worrying if the browser plug-in is secure.
Convenience is the only reason. I wonder if the sweet spot is a macro on the desktop clients, that will insert the username, then the password, then submit for you.
That exists!
Which password manager out of curiosity? I assume the issue with the browser plugins is tricking the Password Manager into auto submitting passwords.
properly working browser extensions also act as a measure of phishing prevention, as they will only fill your credentials automatically on the correct domains.
Other than that it's a niche browser with a tiny marketshare and it would increase their workload to first make it work and then keep it working?
If you read through some of the comments in the thread, the "niche browser" argument doesn't really make sense given that

1) 1Password supported Arc browser, which is in closed beta, with a miniscule fraction of Orion's userbase 2) Other than an allowlist of sorts so the browser extension can communicate with the Desktop agent, there's no technical reason why the effort would outweigh the benefits (for the users)

The effort may outweigh the costs if there are higher value projects this would be prioritized against (including the on-going support burden)

For example, a project that made Chrome users 1% better off is probably worth far more to the overall 1pw user base.

(1) Where do you find usage numbers? Both are niche

(2) No, the cost of supporting a browser is the cost of supporting that browser's users. Even if the entirety of the changes required to enable it is simply adding "com.kagi.orion" or some such to a plist, there's a cost to responding to every "it doesn't work here" message. Arc looks to be VC funded so it seems plausible they could have a commercial agreement with 1password, or it's possible that they raised 17 million to make a chrome wrapper and so have exactly chrome's web extension implementation which would reduce support costs to zero (though I do wish someone would give me 17million for some random project :D )

lol like tech companies are so consistient with their products nowadays
Makes sense to not spend resources and money on a browser that is used by so few.
(comment deleted)
"No reason"?

It sounds like work to create and support an extension for a browser with a statistically negligible number of users, further reduced by the number of people with 1password.

By this definition 1password has also chosen not to work on freebsd, BeOS, Serenity browser, ... for "no reason"

Why should I care? They're two for-profit companies at an impasse, I'm not going to get mad on behalf of anyone here.
The founder of Orion jumping on what a community support employee has to say to drive publicity is really frustrating. I am willing to bet that the person commenting from 1P -- who likely has limited insight into what is actually going on with the product team -- is dealing with a confluence of corporate drama now.

Before this thread, I hadn't heard of Orion as a browser. I can't find any estimates of its market share. A naive look into search trends finds that it's extremely unpopular:

https://trends.google.com/trends/explore?geo=US&q=orion%20br...

Any sane PM will take this into account. You have a finite amount of resources. Noisy customers aren't indicative of actual customer interests.