Tell HN: 1Password 8.10.8 update corrupted data

60 points by clumsysmurf ↗ HN
Saw there was an update for 1Password on Mac, and accepted the update. After it restarted, and I logged in, a banner said:

"Some changes could not be synced with your other devices. View Offline Items"

Clicking on View Offline Items crashed the app a few times, but eventually after some tries now shows Offline Items.

I have no other devices and there are now a number of (old) items in the Offline Items section. That section did not exist (for me) before.

These are logins created months ago, so I wonder if they were never synced, or what is broken now. In any case, it seems its gotten itself into a bad state and cannot sync properly any more.

32 comments

[ 3.1 ms ] story [ 86.4 ms ] thread
1) Thanks for the heads up 2) Is this the beta channel? or official builds? 3) You've already notified 1Password of this possible bug/risk?
This is the official channel. I just posted it here ASAP so others may decide to hold off a little.
Hey there! Blake from 1Password here; hope you don't mind if I chime-in.

The reason you didn't see the offline items section before today, is because this was just added in latest version of 1Password for Mac (8.10.8) that coincidentally also released today: https://releases.1password.com/mac/8.10/#1password-for-mac-8...

It's common to see items temporarily go into that offline items list (sometimes only for a second) prior to it being synced to your 1Password Account, but as soon as that sync is complete, it should disappear from that list.

Are you only noticing older items in that offline items list, or are newly created items also showing up there? Likewise, if you search for the items you're seeing in that offline list in your 1Password Account, do you happen to see an entry that matches and contains the same information?

Hi Blake,

Thanks. The items that appeared here were created in 2022 (when I set up these work accounts in my "Work" vault).

When I have 'Offline Items' selected, pressing the Cloud button with slash results in brief animation, like its syncing, and then the original error shows. The items stay as-is, there is no change.

Good news is, I have gone through them manually and don't think I have lost any data (they seem identical, but duplicated, in the Work vault).

Have you logged in at [not including link for security, go figure it out] 1Password? They have a full online experience, it’s basically the app.

See what’s there first. Might assuage your fears.

You’ll need your ‘Secret Key’ which you can find in the account settings in the app. The menu item is something like ‘set up another device’, I’m not on my Mac just now.

Good luck. Scary. I backed our vaults up a while ago and put them on an encrypted USB drive. Need to refresh them.

Hmm it’s probably worth the two minutes a month it’ll take to log in online and check that your latest items are there. I’ll set up a recurring reminder.

Can I just say how disappointing it has been watching 1Password progressively get worse as the years go by? I have been a customer for over a decade and have contemplated moving on.

They used to be the app I would point to for awesome design principals for iOS and Mac. The V8 release has made the UI more cumbersome and it feels like a half baked release.

The one bright spot is they have improved their windows version quite a bit and I admit the team based manager is useful, if expensive.

I still use version 7 for this reason. V8 had some improvements but was overall a regression, and their response to feedback wasn't inspiring.

Sad thing is, I still haven't found anything better. As far as 1Password has fallen, it's still better than the competition I've tried (including Bitwarden) by a country mile.

(comment deleted)
I'm also "stuck" on version 7. Fortunately, so far I haven't found any reason to upgrade.
SSH key server.

Seriously. I like getting authorization for the SSH keys that I have permitted. I haven’t yet modified the agent config which can from the Agent perspective prevent the presentation of unrelated SSH keys for given servers.

https://github.com/maxgoedjen/secretive

> Secretive is an app for storing and managing SSH keys in the Secure Enclave

1Password SSH support works on multiple platforms and allows you to import your own SSH keys. Secretive does not. (I have used Secretive and have an unsatisfactorily rejected issue about the way it hijacks all possible uses of the SSH agent. It’s disappointing, but I also understand it.)

I still hate the 1Password 8 UI and reject all of Dave Teare’s apologia for the UI garbage (if they either added multi-window or multi-tab support, then ~80% of my complaints would go away; if they eliminated the stupid Electron defaults for ⌘0 [mainly], ⌘-, and ⌘+ because resizing on the fly is something I never want to do with a password manager another ~10% of my complaints would go away; the rest won’t go away until they remember that Electron pseudo-modals are complete garbage and they need to DIAF).

I mostly interact with 1Password via the CLI and the browser extensions, since most of my passwords are already where they should be as I’ve been using 1Password since ~2006 (when it was 1Passwd and they were writing on the Switcher’s Blog).

You can always specific specific IdentityAgents in ~/.ssh/config for hostnames, to limit Secretive to specific hosts, but you are right, the cross platform support is completely missing.

However, I feel good knowing my private key can't be exfiltrated from my laptop, which is a guarantee that 1Password can't make at all.

Yes, and in this way if I felt that I needed to, I could have an SSH key in Secretive and the rest in 1Password SSH agent.
I think that's coming soon when autocomplete will break in browsers. I love 1Password 7, but don't want to upgrade to 8 for a number of reasons (including reviews, monthly charges, having to trust the 1Password cloud - sorry that's just too enticing for a hacker)

I wish someone from the 1Password team would push to keep 1Password 7 in maintenance mode, without a subscription model. Just keep it working - I'd be happy to pay to keep it alive and kicking.

Have you tried Proton Pass? I only learned of it recently, but it appears to have something similar to one of the 1Password features I use heavily: masked email.

I'm in no way affiliated with these folks btw, but I am curious to hear if anyone has used it.

https://proton.me/pass

ProtonPass looks neat. I’ll be interested in seeing if they add a Go SDK and/or CLI for it so that it could be integrated into chezmoi (Tom is currently adding support for Hashicorp Vault Secrets in beta, but I’m doing some testing of vlt).

I find the Fastmail / 1Password masked email integration to be janky, and wish that 1Password could find a way to integrate with Apple’s iCloud email masking, but no such luck.

Looks interesting. No Safari extension at the moment, though, so it's a non-starter for me.

The lack of a desktop app is also not ideal. I use the 1Password app a fair amount.

One of the reasons I still use 1PW7 is that it's a native app. The move to Electron is a major culprit of the downgrade in quality 8 has seen. Unfortunately, the majority of its competitors are also Electron garbage.

Totally piling on here. Removing the password generator with copy/paste functionality is a stunning example of HIPPO Human Factors egotistical maniacs attempting to engineer reality. There are many websites that simply don’t work with their “generate & fill” workflow. My bank, for example.

It’s frustrating enough for me, but for my wife whom I’m trying desperately to onboard into the world of password management, this is an impossibly impassible scenario. She basically has to reset her bank password all the time to log in. Which makes standard human interactions like “did you receive that deposit yet” excruciating.

And then on the 1Password forums, all the employees are these self-righteous pricks that summarily dismiss their users as being uncooperative, when the reality is, they removed working functionality and replaced it with garbage that just doesn’t work.

If you weren't aware, you can open the edit view for any particular entry to just change the password there.
But you can't tab between fields when in edit view any more because every version since 5 has been worse than the last.
What are the minimum features you need to be satisfied?

For me, it's the password generator, easy tagging/search, and the autocomplete in form inputs. I also like the multiple content types (sw licenses, passwords, random other info, credit cards, etc.). I don't need really anything else.

> Removing the password generator with copy/paste functionality

Not sure I get what you mean?

I agree.

I think the turning point was when someone leaked the corporate license and acquisition deal talks with Apple was underway.

1password shouldn’t have raised money. $622M+ now?

It would be great if Apple simply built out keychain access to support more data types and family sharing.

https://finance.yahoo.com/news/exclusive-apple-deploy-1passw...

> ... It would be great if Apple simply built out keychain access to support more data types and family sharing.

... and a Linux version, and a Windows version, and a Chrome extension, then another one for Firefox, maybe Edge, oh and certainly an Android app.

> It would be great if Apple simply built out keychain access to support more data types and family sharing.

Sharing is coming to iOS 17, which is a bit surprising due to the general push-back on scope creep. I don't think additional data types are impossible, but the structure of Keychain and general philosophy both mean those are more likely to be spread out through the system (secure notes via notes app, credit card info via safari form fill and wallet, and so on).

Decade user as well, and like Les Meserables, V8 killed the dream I had. Not enticed by any other options available and on 8 since know holding on to v7 would just delay the inevitable and make the switch that much harder. They removed so many small features that made such a large difference in my day to day to use. And since no change after all this time it seems that’s how it will be. Went from a product I loved to a simply a product I have to use (for now). But that kind of relationship is not what you want with customers since they when they screw up on something they won’t have users giving them slack or supporting them. And all just waiting for an option that is as good or close enough to jump ship to that shows signs that will grow in the direction the user base is after. Like many apps like Spark and such they are growing towards to enterprise base which pays much and fewer so easier to support. It’s too bad but it is what it is.
I'm surprised no one from this community has decided to take on PW management as a problem. Is there some underlying complexity outside of cross-browser support for autofill functionality, and the security aspect? It seems a relatively straight-forward problem to solve if you're a dev in the security space, but maybe I'm missing something. It also seems like there's only a minimum set of features that people are really wanting, and 1Password has seemingly arbitrarily decided to remove those features. Why not just fill the gap in the market and make bank?
> Why not just fill the gap in the market and make bank?

The existence of 1st party platform and browser options and freemium competition are great from the perspective of having password managers available to the masses, but make a new product entry very difficult from the "profitable business" perspective.

There's also a bug atm where it'll reject your password on iOS if you have a hardware key attached to your account. Won't tell you that's the issue, it'll just make you think you're typing in your credentials wrong. Spent the better part of an afternoon on that with support.
Another reason why good old KeePass file, synced via Google Cloud & backuped twice a day is better approach to passwords.

I appreciate many online services, but I don't like them being the only owner of my data and/or abstracting away the fact that my data are files in the end.

This is not corrupted data. It is data already existing that has been unsynced for some reason for a while, and recent updates have exposed it without proper tooling to resolve it in the UI (this is the mistake, IMO).

See https://1password.community/discussion/140860/offline-sync-i... and https://1password.community/discussion/140774/offline-change....

After reading the second discussion, I submitted a support request and received instructions that more or less matched the first discussion. I didn’t care about the items (they are all items that I had explicitly deleted in the last four months) so I found some time when I could log out of both vaults and then logged back in (fortunately, I only needed the master passwords because). All of the items were gone.

IF YOU NEED THESE ITEMS, open a support request and DO NOT do what I did. Include a link to one of the discussions I showed above. You should get a response relatively quickly, and they’ll tell you what I just said — and if you need them, you will get additional instructions that should recover the items entirely.