Skip to content
Thoughtful, detailed coverage of everything Apple for 29 years
and the TidBITS Content Network for Apple professionals
27 comments

1Password 7.4

AgileBits has issued 1Password 7.4, a maintenance release with a variety of improvements and a healthy dose of bug fixes. The password manager adds support for Voice Control in macOS 10.15 Catalina, snaps the 1Password mini window to the center of the screen when dragged near the center (and reattaches to the 1Password icon in the menu bar when dragged near it), remembers whether you last viewed the category list or the vault list in the sidebar on launch, alphabetizes the duplicate passwords pop-up menu, immediately updates the item list when dragging items to other vaults, resolves an issue where 1Password failed to remove cached files after deleting an item, fixes a bug that prevented the “Compromised Websites” Watchtower service from being enabled from the main window, and addresses a multitude of crashes. ($64.99 standalone app from AgileBits or the Mac App Store or a $2.99- or $4.99-per-month subscription (TidBITS members receive 6 months free), free update, 50.8 MB, release notes, macOS 10.12.6+)

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 29 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About 1Password 7.4

Notable Replies

  1. Thanks Agen. Version 6 still going strong here on El Capitan and Mojave.

  2. Alec, have you either refused to upgrade to Safari 13 or gone to another browser? Safari 13’s security features basically assassinated 1Password Mini

  3. Safari 13 doesn’t affect users before High Sierra or Mojave. Even on Mojave here (one multimedia computer out of five work computers I personally use) I have Safari 12.1.2. I block 1PasswordMini and don’t use any of the 1Password cloud features. Cloud sharing of passwords we use Bitwarden which is $12/year for personal use and $2/month per user for teams. There’s even an enterprise version at $3/month which allow on-premise hosting. All of this is much more attractive than 1password’s extortionate $8/month per user for teams (four times more expensive: 1password basic business is not nearly as powerful as Bitwarden’s teams version, no groups for instance) or even $36/year for personal account. The only decent value in cloud version from 1password is the family account at $5/month but that pricing has not been steady in my opinion. Since my family in this case would be two people (the under contingent don’t have their own password vaults) that plan is not particularly good value.

    1password is one of the companies who has used subscription and cloud services as a way to really fleece their customers. It’s a pity as once upon a time they were one of the good guys when they were a growing and not greedy company.

    I still use perpetual license 1Password 6 very actively with local sync (literally, with my flash drive, it’s automatic) for material I don’t want in the cloud (banking, credit card info, etc).

  4. Alec, thanks for that. Your long response makes clear what your short 1PW 6 “endorsement” did not, that you’re no longer (for entirely justifiable reasons, as you clearly demonstrate) in Agile Bit’s target market. I’ve skimmed a recent PC World online review that is similarly disparaging of 1Password’s evolution from a breakthrough product to one that may be too much living off its laurels, and I think that’s not widely enough known, particularly in the Apple ecosystem market (although I have to say I’m impressed how well Agile Bits seems to have been able to slip password posting into iOS and integrate it with Face ID).

    And, as you’ve said, 1PW for families probably is reasonably priced.

  5. At this point. Reluctantly.

    1password has chosen to abuse its users. My point is that the standalone license (which 1password desperately try to hide and avoid selling) can actually be useful, for those of us who are legacy 1password users. The other point is that there are reasonably priced alternatives which work just as well or better than 1password. I have a team of twenty-five people on Bitwarden and we have literally zero issues with the product/service. All the browser extensions work well, the sync works perfectly.

    The only caveat about Bitwarden (which applies to most of the password managers, we chose a replacement carefully) is that as it’s a US-based company it’s liable to the Patriot act and subsequent privacy-destroying legislation. 1password is Canadian-based so theoretically they are not liable to that legislation. On the other hand, with the existence of Five Eyes and the general aggressive stance of the US alphabet soup agencies regarding any tool which could provide a user any privacy, it’s unclear if 1password have been able to resist pressure to allow backdoor access from the authorities.

  6. Interesting… unfortunately I have been lax about FINALLY going with a real password manager… Keychain and google have been doing a somewhat passable job, although it’s my apple id password outside the browser that I seem to always have to enter manually. ny references between LastPass or Dashlane? My needs are pretty simple and I’m a totally lone wolf!

  7. I have used 1 Password but some time ago shifted to Dashlane. It’s good- not perfect and they have good support.

  8. In contrast to the purple prose in some of the posts above, I think that AgileBits is a good company doing good work. I know the founders and the CEO fairly well and have talked with them on numerous occasions. We also used to work with them on Joe Kissell’s Take Control of 1Password book.

    Like many other companies these days, they chose to move to a subscription model for sound business reasons with monthly recurring revenue versus spiky upgrade revenue. Nevertheless, they still do offer standalone licenses for both upgrades and for new purchases. Because standalone licenses aren’t the focus anymore, they’re not running a standard download store; it’s all handled in the app itself:

    Those were both the top hits in Google searches on things like “upgrade/buy standalone license for 1Password 7” so they’re easy to find.

    All that said, although Tonya, Tristan, and I use 1Password for Families for shared passwords (and they both use it for their own stuff), I personally rely more on LastPass because I prefer its behavior with automatically filling and submitting passwords on Web sites to the workflow that 1Password uses. My understanding from Joe’s Take Control of Passwords is that Dashlane and others will also get the job done, so there’s plenty of room for personal preference. Without getting mean.

  9. Adam, I see you cut and pasted AgileBits’ standard reply to those who object to customers who object to their new business model. So, I’ll do the same What follows is my letter to Dave Teare.

    Dave,

    *I’ve been using 1Password since version 2 (or 3) and liked it from the beginning. *

    However, Agilebits has been moving marketing targets in probably more lucrative directions. Those of us who use 1Password for simple, secure password storage are being left behind. I do not need the advanced features of 1Password 7. I’ve paid for each upgrade through 1Password 6 and find paying an annual subscription for features for which I have no need unreasonable.

    I suggest you use two revenue streams: one for your customers with greater needs, and another using the old model for those with simple needs.

    I don’t want to leave Agilebits. Please reply.

    The reply, not from Dave, was in so many words, tough. Acquisitiveness.

  10. To be clear, I didn’t copy and paste anything—I was just explaining the situation as I see it.

    It sounds like Secrets might be a good option for you, since its developer seems intent on keeping it simple and not following a path of corporate growth.

  11. Adam, I didn’t mean to imply that you are somehow “in cahoots” with AgileBits, only that your language mirrored the response I received. I apologize for not being clear and putting your reputation in jeopardy.

    Thank you for suggesting Secrets.

  12. No worries—just like to make sure there are no misapprehensions that I’m carrying water for AgileBits, which was also why I clarified that I personally use LastPass more.

    It’s interesting watching AgileBits, since they’ve been tremendously successful, and that brings a completely different set of tensions with it than those that less-popular developers have to deal with. Success isn’t easy.

  13. AND it seems there’s a new entry into the field… I don’t know much yet, but I have come across posts by a bunch of folks who seem to like what BitWarden does… it’s free and open source (although I have no issues with paying SOMETHING for the right product, like Mike Bombich’s CCC). Anyone have any experience?

  14. Very happy with 1Password on all my Macs, PCs, and Android phone. (No iOS devices) Just billed for another year at $35. It’s a bargain AFAIC.

  15. nls

    I agree! That’s less than we pay every month for our home security service, and the odds of someone breaking into your online accounts is hundreds, maybe thousands, of times greater than a home burglar breaking in!

  16. 1Password may priced okay for individual use. Bitwarden is $12/year for families, up to five people. For teams, Bitwarden is $5/month for first five users and $2/month for each additional user. I.e. $35 for a team of twenty. 1Password is $60/year for families (five times more expenisve).

    For teams, 1password is $7.99/month per user (if you want to have custom groups and per vault permissions, a necessity in a company) which works out to $160/month for a team of twenty. This is 4.57x more expensive than Bitwarden. A company using Bitwarden over 1password would save $1500/year. This is enough for two employees to attend an important marketing conference or to buy new equipment.

    I have both 1Password (local perpetual license edition) for certain information I don’t want online at all and have trialled the subscription service. We use Bitwarden actively with a team of twenty. Bitwarden is as good or better than 1Password in a shared environment across OS X, Windows, iOS, Linux and Android.

    I have no affiliation with Bitwarden at all, except as a satisfied customer or with AgileBits, except as a dissatisfied customer (the avaricious pricing model after fencing in enough Apple users like myself). AgileBits started like the name says, as an agile responsive scrappy company. Somewhere along the line they decided to jump in and hire huge marketing teams and go for enterprise pricing.

    If you or your organisation don’t need endless handholding and non-stop marketing-feel good emails, there’s no technical reason to subsidise AgileBit’s recent inefficiency or gourmandise.

    LastPass started as an efficient organisation as well until it was sold to a company who just buys applications with an established client base and quintuples prices while cutting back services in 2015. In turn LogMeIn, Inc. has been merged and sold (first to a Citrix company) and then to private equity companies Francisco Partners and Evergreen Coast Capital Corp, i.e. filials of vulture funds. Logmein quadrupled LastPass prices in 2016, losing many customers including us.

    It was hard work finding a reliable, lightweight and secure solution to share passwords among a team. Sadly the excellent open-source tools like Keepass and its cousins do not work well for sharing password sets. Before we found Bitwarden, we tried Passwork.me which can be self-hosted, but it didn’t scale reliably to even the number of users and passwords we have to manage (company of twenty).

    Personally I’m a fan of small software companies who control costs and pass the savings onto their users. I’m very tired of the cliché “hey, this piece of software just costs you a Starbuck latté per day/per week/per month”. I use hundreds of applications over the course of a year, about one quarter of which are FOSS or donation-ware (I often donate or fund), two thirds of which are shareware/small publishers. I’m very happy to enable smaller developers to make users lives’ better. I’m not happy to help greedy developers make shareholders richer.

  17. One thing to remember is that AgileBits is a pretty good-sized company at this point, with closing in on 200 employees.

  18. Adam, thanks for pointing that out. That’s a bit my point. AgileBits has added a lot of staff. Why do they need more staff? To do more marketing. Why do they need to do raise prices? To afford a larger staff. It’s a bit a circle which results in higher and higher employee counts but higher and higher revenue requirements. In the end, the end user is not paying for better software but for a larger AgileBits empire.

    It’s not the size of the team which determines the quality of the software (I’m sure you’re familiar with Frederick Brooks’ seminal work The Mythical Man Month). Michael Tsai manages C-Command Software more or less on his own. Perhaps Tsai has a small team of helpers (I hope so). SpamSieve alone may have done more to improve Apple users lives than 1password, certainly my own. Tsai manages to do well with great software, fair pricing and word-of-mouth.

    Fair pricing and word-of-mouth was the original formula for AgileBits as well. AgileBits could probably be more profitable with lower prices, less staff and more enthusiastic word-of-mouth. Convincing people pay premium prices for ordinary software is a very expensive business.

  19. nls

    I feel like I am in a minority of one when it comes to software pricing and loyalty to proven products. When I got into computing in the 80’s, commercial software programs typically sold for $300, $500, $750 and $1000 a shot, “followup patches” were free but when the next full version of the software came out there was seldom a discount for existing users because the new version was always touted as a “top-to-bottom reworking.”
    Now software is often available for sale for the price of a cup of coffee no doubt due to the economy of scale involved in sales by internet download with no pressing of individual disks, cardboard or retail brick and mortar stores and yet people still complain, whereas I have been with 1Password almost from its early introduction as an innovator and find their present pricing to be well worth the price and a deserved reward for creating a whole new class of software protecting all of us; and I have no intention of jumping ship from AgileBits.
    And yet I wonder as to the lack of loyalty. When I first met the creator of TypeIt4Me it was over CompuServe and I have stuck with it as a perfect text expander now sold by his son, yet people seem thrilled to tout and praise and rush to purchase imitators selling virtually identical software for much higher prices.
    It is all a puzzle to me. Although I am now up in years and retired I still think that innovators - not imitators - deserved to be recognized and rewarded, and I say this strictly as a consumer who was never in the business of software production or sale and couldn’t write a line of code, but I am glad to pay for the software created by ingenuity I do not personally possess.

  20. Thanks for sharing your positive experience with Bitwarden, it’s particularly helpful coming from someone who has used 1Password. I’ve thought about switching me and my wife to Bitwarden but it doesn’t support Touch ID, something we’ve come to appreciate.

  21. I don’t have hard numbers on this, but my impression from talking with Dave Teare and Roustem Karimov in December 2018 is that most of the employees are support staff. Which would be expected for a company with a very large number of customers. And if you read through the silly titles on their Team page, a large number are support-related.

  22. Yes, Bitwarden does support TouchID, absolutely no problem after the initial login to the application with your passphrase. Had it working on an iPhone 8+ across four or five browsers and apps. I’ve had some trouble with FaceID. The workaround is to create a numeric pin for quick access when in applications. The numeric pin won’t work unless Bitwarden is already open and unlocked (with passphrase).

    With any of these password managers, there’s serious decisions to be made about tradeoffs between security and convenience. The most convenient (unlock device, all passwords available in all apps) is inherently the least secure while the most secure (unlock password manager with two-factor identification for ever access to the password manager, lock time in five minutes or less) is impossibly inconvenient.

    Bitwarden lets you make your own decisions about access requirements and lock time. Which is the best way to go, as there’s no one size fits all for security unfortunately. Most users won’t tolerate any inconvenience for the sake of security. Just getting users to stop using the same one word password across all websites is progress (this isn’t theory: I conducted internal security audits in our software firm where everyone knows the security risks with both LastPass and Bitwarden audit tools).

    In any case, Bitwarden does integrate fully with iOS and Mac OS X, with browser extensions for at least Safari, Chromium, Firefox, Chrome, Opera… Most of our team use Macs.

  23. nls

    I agree. Most of their staff appear to be engaged in either code maintenance and improvement and/or support.
    In today’s world, what company uses their own personnel for marketing? Marketing is done by contract with outside companies whose business and expertise is in marketing.
    Even though I have been retired for years, I consider the cost of 1Password to be trivial compared to the trust I put in it and the peace of mind it provides in return. Not to mention my belief in supporting innovators not imitators.
    Disclaimer - I have no connection with AgileBits other than as a longtime satisfied user going back to its earliest introduction.

  24. That’s good to know, what I’ve read is Bitwarden does not yet support Touch ID on Macs. Bitwarden on the desktop is an Electron app (which in itself is not great but not a dealbreaker) and apparently requires Touch ID capability to be in Electron first. The good news is Electron v6 came out last year with support for Touch ID and following GitHub links from the Bitwarden community forum, Bitwarden updated to use Electron v6 at the end of January.

  25. Hi Curtis,

    There’s no real need for TouchID support on Macs, as one unlocks Bitwarden with the main login passphrase and then one doesn’t have to unlock it again until sleeping or restarting the computer or whatever the end user chooses as a trigger. None of my Macs have TouchID and I’ve never felt frustrated by Bitwarden on desktop. As I pointed out, on iOS devices with FaceID Bitwarden doesn’t support FaceID which makes a second shorter pin code for fast access in a browser or other application more or less a necessity. Very keen to see FaceID support.

    TouchID on iOS devices works just the way you’d hope.

  26. Further close observation of Bitwarden on my iPhone 11 on 13.3.1 reveals that FaceID works and works well for authorisation for the main application. It’s the extensions which require adding a short pincode for easy access (my main password for use on the website and for logging in on desktop application is long and complex).

    As the main security on an iPhone X, XS, XR, 11 is FaceID at the front gate, I’m currently comfortable using a shorter numeric pincode for Bitwarden extension access. I hope FaceID is added to the extensions soon too.

    A capable and secure Bitwarden application with good workflow on iPhone swayed me from LineageOS (open source Android) to iOS. On Android, I wouldn’t be comfortable keeping passwords at all. With complex unique passwords, a mobile device without any way to easily log in would be much less useful. No doubt it would be possible to keep passwords securely on Android but I’m certain a secure workflow would be pretty rough (full passphrase to access them).

Join the discussion in the TidBITS Discourse forum

Participants