4 comments

[ 5.7 ms ] story [ 27.9 ms ] thread
The 'problems' 1password faces... Apple has solved. I quit using 1password around 3 years ago, but at the time they were going all in on SaaS and quietly memory-holing the local-first vault approach that people were using them for. You know, letting people reference a sqlite db on icloud, google drive or whatever and that can be synced. 1Password cites credential leakage and security as a reason for for not implementing MCP, but they're giving the impression that MCP is the issue. Mind you, 1password has a very similar model to lastpass, that had 16bln creds leaked.

But seriously, Apple is actually in a better position to let mcp into their services if they wanted. The user credentials are all bound to your physical devices, which in turn cooperate to give a measure of identity to you. You don't need to let MCP have full access to everything, the secure enclave can generate short-lived certs. I'd be surprised if passkeys weren't able to do that already.

  I quit using 1password around 3 years ago
I haven't checked recently, but 1P may still the best option for WE vs I.

  1password has a very similar model to lastpass, that had 16bln creds leaked.
Except that 1P has been very security conscious since day 1 (which is a freaking long time ago!). Maybe an insider could give us some dirt...
Why does a password manager even need an MCP server?
1Password demonstrating definitively why they don't deserve your money and in fact deserve to die. They have one job, but still chase trends like "AI" that are not related to their reason for existence.

"But agents!" you may say. "Agentic AI is changing the shape of work" they say. Bullshit, I say.