Skip to content
Thoughtful, detailed coverage of everything Apple for 32 years
and the TidBITS Content Network for Apple professionals
47 comments

1Password 8.0

AgileBits has published 1Password 8.0, a major new release for the password manager that brings a modernized design and a new Quick Access floating panel that provides access to your 1Password data by pressing Command-\ (backslash). The new Universal Autofill feature now enables you to autofill usernames, passwords, and 2FA codes directly in macOS apps as well as Web browser logins. The Watchtower dashboard gains a real-time personal security score, detection of vulnerable passwords, and alerts for inactive 2FA and compromised passwords. The release also brings resizable Large Type, multi-line text fields, crypto wallet and SSH key item types, a light sidebar in Light mode, the capability to view and restore recently deleted items, and more. 1Password 8 is available for current subscribers and will automatically migrate your accounts from 1Password 7 after installing. ($35.88 annual subscription from AgileBitsTidBITS members setting up new accounts receive 6 months free, free update, 2.9 MB, macOS 10.15+)

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 31 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About 1Password 8.0

Notable Replies

  1. You can’t make a silk purse out of a sow’s ear. The CEO can wax poetically about the new interface. But even a casual glance at the preferences of 1Password (didn’t want to create a new account) shows me that Electron remains something foreign to macOS. I still wonder about the reasons for choosing Electron.

    Edit: 320 MB is the size of the app now.

  2. They mentioned this in their blogs. Originally, they were hoping Apple’s new Catalyst developer tools to build one app for MacOS, iOS, and iPadOS. Unfortunately, Catalyst still needs a lot of work.

    1Password was originally a MacOS program, got ported to the iPhone, iPad, Windows, Linux, and Android. At the same time, they had the ability to use private storage, iCloud, Dropbox, and I believe Android’s cloud services to store your password database. It’s a lot of work for a one product company.

    And, the competition is getting tough. Both Apple and Android have built in password managers. Both now offer 2FA management. Both offer connection to Have You Been Pwnd’s database of password break ins letting you know of possible password security breaches.

    Making development easier, so they can keep adding features is an important issue. The Electron platforms solves that. A single codebase for Windows, Android, Linux, and Mac reduces the work five platforms to just two. They have a code line for iOS/iPadOS and one for everything else.

    Removing all the various storage options for the database helps. And a subscription based service means dealing with just a few releases. If a bug is found, you fix the most recent release and tell everyone to upgrade. Plus subscription services gives you a steady income stream to keep your application up to date.

    My main job for the last four decades was getting development teams to simplify development because that’s the best way to improve the program.

    When you’re working on three different platforms and supporting four different releases and have customized customer code all over the place (“It’s just some JavaScript.”), your development gets sloppy. Bugs fixed reappear. New bugs are found. Testing gets harder to do. (“It worked on my machine.”) Customers are complaining. And your reputation goes down the drain.

    Telling the company to update all customers to the latest release, merging code and removing one off options is hard to do. It’s expensive, but I tell development it’s way more expensive to continue down your current path.

    I don’t like the fact MacOS is no longer a true Mac client, but I understand. Maybe if Apple gets its act together and finally unifies Mac and iOS development, 1Password will be able to return to a true Mac app.

    We may not like the Electron underpinnings, but why 1Password did it is not that hard to understand.

  3. I agree completely with Beatrix…v8 is terrible. Loss of features, lousy UI, no user accessible backup and restore of data, forced subscription. The basic problem here is that they sold a big chunk of their company to the VC crowd and those people want ROI…and 1PW the company quite obviously shifted their business model to corporate big $$ accounts and away from individual users. Everything they’ve done with v8 smacks of lowering costs and making things better for enterprise users at the expense of individual users.

    While David has some points about costs and code base complications and such…the basic problem is that they don’t care about individual users any longer…and no matter how much the CEO claims they do when people tell you who they are you should believe them as they say on reddit. There are just way, way too many lost features and complete dependence on their cloud for your data in v8 to even consider using it for a lot of security conscious people.

  4. As a longtime 1Password user, I will stay with 1Pwd7 until it no longer works, at which time I will go elsewhere. Agilebits’s greed has lost me as a customer.

  5. Interesting discussion. I see both sides. I do have the feeling that they are not concentrating enough on small macOS and iOS users.

    The Apple competition is real. They do eventually make good enough products to kill off competitors in many areas. Evernote seems to have had a similar arc. Was much better than Notes, but Evernote added too many features and Notes got good enough. I changed over a year or so ago. I think I only missed one feature of Evernote.

    Dropbox. Still using it, but iCloud is improving. But not quite yet for me. iCloud is much slower to sync. I can use Dropbox to transfer files from one computer to another. It’s usually a minute or so, iCloud can be a long time. But I’ll probably drop Dropbox at some point.

    We’ll see on 1Password. I had some recent problems on my M1 MBP. But they went away on their own.

    I got into this thread to see if anyone was seeing 1P 8 in the App Store. I’m not seeing it and that isn’t a good sign for 1P. Don’t announce the new product if it’s not available to significant number of your users. That’s were I most recently purchased it and don’t want to use the download. Neil Laubenthal What features went away in version 8? Staying with the old version probably won’t be a good idea for too long.

    I looked quickly at other managers. Nothing jumped out as better. I don’t want to use any of the ones that require lots of setup. And having sharing with my wife and our two iPhones and four computers is necessary.

  6. Like you, I am not aware of an alternative password manager that is as full-featured as 1PW.

  7. Catalyst is a bit of a red herring because it already is being superseded by SwiftUI.

    Catalyst enables porting to Mac an iOS app built with the old UIKit framework for iOS that predated SwiftUI.

    SwiftUI is a newer framework that is intended to be Mac/iOS agnostic. Although SwiftUI omits many user interface features that distinguish Mac from iOS, Apple is making a lot of progress and seems to be prioritizing SwiftUI rather than Catalyst.

  8. Right, it wasn’t actually Catalyst that AgileBits was using, it was SwiftUI. The idea was to minimize the code bases among the many client OSes they support and they hoped to use a shared code base between iOS (developed with SwiftUI) and MacOS. But SwiftUI on MacOS would only work with Monterey (and maybe Big Sur), so they planned to use the Electron code used for Windows and Linux for users on older versions of MacOS. Unfortunately, late in the development cycle they discovered that SwiftUI was still requiring a lot of custom code on MacOS, so they decided it was too late to re-write in AppKit for MacOS and instead abandoned the SwiftUI MacOS port and just used the Electron code base for now.

    I don’t think they’ve said if they will continue to use Electron on MacOS going forward or will wait for SwiftUI to be more dependably port between iOS and MacOS in a future release.

  9. Subscription only and no vault location besides their servers…so no DropBox or local only vaults. But the biggest loss for any competent computer security user is the complete lack of a local backup and restore capability in the users control. They use a MySQL or some other database which…maybe…gets backed up by Time Machine but the daily backup to a location of the users choice of the complete vault is gone…as is restore from that backup. Vi is totally dependent on their servers for backup and restore. They haven’t provided any detailed info about what their backup strategy is beyond …trust us…and eliminated the ability to do your own. You can export an unencrypted file but that’s it.

    I did a pretty complete survey of alternatives and when/if v7 dies I’m shifting to Enpass as the best alternative.

    I could live with the subscription and lousy client…but relying solely on them for backup of the most important data you have is fundamentally stupid.

  10. I was using the free version of Enpass and just recently upgraded to the Enpass Lifetime Premium.

    1PW6 still works other than the browser plugin. This made it easy to migrate date from 1PW to Enpass. Between Enpass and macOS Keychain integration with Safari I don’t need to look any farther.

  11. Neil Laubenthal Thank you for the run down. And david_blanchard saying that migration was easy.

    The pricing page mentions a promo code. Anyone? Although the pricing is reasonable.

    The pricing page also touts their Enpass for business. Are they going down the same path?

  12. no vault location besides their servers…so no DropBox or local only vaults. But the biggest loss for any competent computer security user is the complete lack of a local backup and restore capability in the users control. They use a MySQL or some other database which…maybe…gets backed up by Time Machine but the daily backup to a location of the users choice of the complete vault is gone…as is restore from that backup. Vi is totally dependent on their servers for backup and restore.

    I remained silent in these last months while reading rants against 1PW8.
    But now I have it, and I’m very happy.
    Yes, the look & feel of Electron is not as nice as it could be, but really…
    So, you are happy to give your data to Dropbox but not to 1PW?
    You don’t like TM backup strategy, like for any other app on the Mac?
    –e.

  13. I’ve been using 1PW8 for a few months. The program works well even if it looks a bit different. They seem keen to keep on refining the functionality and new look.

    For those who want to back up their vaults: it’s easy to do. Go to File:Export. Or use a script to automatically back up via 1PW CLI. I trust 1PW to have better backups than me. (Anyone who relies solely on TimeMachine should review their backup process.) Password history is part of the app, so it’s easy to see previous values.

    For people who share passwords (families etc.) there is nothing better. It’s easy to help kids and parents manage their accounts including resetting the master password. Of all the subscriptions I pay for 1Password is at or near the top of value.

  14. For those who want to back up their vaults: it’s easy to do. Go to File:Export. Or use a script to automatically back up via 1PW CLI.

    Well said. It is important also to re-encrypt the exported file as well.
    –e.

  15. I’ve switched to 1PW8 and it actually works pretty well. It’s fast and the password filling in apps works better than 1PW7. There was a lot of fear that this was an Electron version with shared code between platforms and these types of applications tend to look awful and are painfully slow. (I’m looking at you, Slack). However, the long beta process has allowed AgileBits to hone the application.

    I’ve switched to subscription from buying and owning versions long ago simply because it keeps me up to date with the latest security fixes. When it comes to password storage, I want the latest security fixes. Plus, if I really like a piece of software, and depend upon it, I don’t mind paying for it.

    Besides, I have the family subscription plan. My wife and grown kids, my daughter-in-law, and my sister all use it. It makes it very easy to share my Netflix password with the shared vaults.

    It was nice to be able to choose how you want to sync passwords, but it’s a feature few customers cared about. It added complexity to both support and programming. There were several projects that I worked on where I insisted on cutting back options like this. We had customers complains, tell us we destroyed the app, and they would take their money elsewhere. What few customers we did lose, was more than made up in the simplification of development and support. It allowed us to add more features that attracted new customers.

    I’ve heard similar complaints before about how a company abandoned its users. When the Mac suddenly surged in popularity, many old Mac people were ups that Apple seemed to be catering to these new customers (ewww!) rather tha the ones that stuck with Apple through the bad times. And again when the iPhone became a bigger part of Apple than the Mac.

    Maybe I’m an old dog and seen a lot of changes in computing. Long ago, we all use to argue about which programming language is the best meaning features and syntax. All information you needed was stored on your computer and you programmed to manipulate that information and display it for the user.

    People ask me about the best language now and I tell them Python. It’s not because Python is great. I actually hate the syntax and the way it does things. However, all the third party APIs are for Python and if you have a question, you’re guaranteed you’ll get an answer on StackOverflow fast. That’s what’s important in a programming language today.

    I really can’t see the reason for all the vitriol spewed at 1PW8. Yeah, it changed and I might have to adopt, but in many ways, it works better than 1PW7. AgileBits has a new set of important customers they cater to, and I might not get all the attention I believe I deserve. We saw this with the Mac too. I’ll stick with 1PW until I decide that I really don’t need a password manager anymore.

  16. I could deal with using the 1PW servers instead of DropBox…but the latter let’s me backup my DB folder which contains a full encrypted copy of the vault. 1PW servers do not allow this and v8 has no backup and restore capability.

    Of course I have TM…and presumably it backs up whatever database the local cached copy of the vault is in…unless the fact that the file is open deters TM from getting it. But there is no way any non technical user or most technical but not database guru users can easily backup and restore their own copy of their vault to a location of their choice. Leaving backup of the most important data solely to some black box in the cloud is foolhardy…snd @PW the company doesn’t care about that or bother to include that option in the v8 app…they simply say ‘trust us’ which is nuts.

    They also claim that their super duper Secret Key…which is just a second password when you get down to it…is so much more secure than the Master Password nd your Dropbox password…which simply isn’t true. Assuming one uses sufficiently complex and (mostly) long passwords for both then either option is plenty secure…and the difference between a trillion centuries ans 2 trillion is simply meaningless.

    I don’t like the Electron app…and don’t like the ‘their server only’ option… ut I could live with that. I already have a subscription but my main vault is on DB and the subscription is just one part of my backup scheme, not the main vault…so I can live with that too. Depending solely on some undefined backup scheme on their end with no bootstrap ability to have my own as well is a bridge too far…and their export an unencrypted file is not a backup and can’t be restored anyway.

    I’m not willing to give my data solely to 1PW…obviously some cloud service is needed for sync but that should be under the users control…and their marketing BS doesn’t change that.

  17. An unencrypted copy is not a backup…and you can’t restore it as the master copy if necessary. Their backup scheme might be just fine…in fact it almost surely is…but I’m pretty sure it isn’t any better than my personal scheme…and they provide zero info to users on what they do…which doesn’t engender a lot of trust on my end. The script access might work… ut if it just exports 5he same unencrypted file it is still useless…and the vast majority of people have no experience with either scripting or CLI interface.

  18. I guess you mean automatic backup? Since there is a manual way of making backup according to other people in this thread.

  19. Incorrect. There is an export function that makes an unencrypted copy of the data for transfer to another program…with no facility to authoritatively restore that data if necessary. There is no easily accessible to the user way to backup the local cached copy of the vault or to to restore your data. Unencrypted export files…are not a backup In V7, you can export a full, encrypted, and zipped copy of the vault which can be unzipped and used as the master copy if it becomes necessary…that is a backup.

    TM…probably but nobody knows…will backup the whatever database is used files… ut where they are and how they can be restored is not something 99% of users can accomplish. Trusting 1PW servers as the only backup makes about as much sense as saying ‘I have BackBlaze so no other backup including TM or clones or whatever is necessary’.

    Any competent sysadmin or user should realize that a cloud only backup system to something you have no control over is ridiculous.

  20. Apparently, you can’t export documents stored in your vault, so it’s not a perfect solution. That said, if you’re currently using 1PW 7 and storing your vaults on AgileBits’ servers, you’ll be no worse off with 1PW 8 in this respect.

    I think what some find annoying is AgileBits’ response to the inability to make a proper backup. The company’s claim is you’ll have a local copy of your data on every device you use, so that’s effectively a backup. Of course, anyone who uses IMAP for their email knows this is not a backup. If you accidentally delete an item in one place, it gets deleted everywhere. AgileBits never addresses this objection when people bring it up.

  21. I spent some time looking through the 1Password Mac forum this morning to see how the new version has been received. Here’s a list of some of the complaints. I haven’t actually tried 1PW 8 yet, so I haven’t verified the accuracy of each item:

    • no easy way to make a backup – export gets you close but it’s not perfect
    • no “never suggest in browser” — with 1PW 7, you could hide rarely used items. 1PW 8 shows every matching entry.
    • no integration with 3rd party software like LaunchBar
    • can’t disable autosubmit – if you autofill the login info, it’s also submitted. This behavior causes a problem with pages with captchas, for example.
    • search behavior changed – the way you looked for items before may no longer work. For example, one user used to search for “vpn” to bring up the entry for “openvpn”. That no longer works in 1PW 8.
    • quick search is a poor replacement for mini — for example, you can’t fill CC or name info using quick search.
  22. Fwiw, 1Password subscription vaults archive anything that you delete, so it’s pretty trivial to get them back, plus edited items keep a history, which you can restore if you’ve overwritten the wrong item, for example.

  23. blm

    Wow, thanks for that. No 1PW8 in my future for a while.

  24. Another annoyance with p8 I haven’t seen mentioned:

    For some reason, the Chrome 1p extension uses a different keyboard shortcut than safari’s, so you have to remember what browser you are in at all times. The shortcut cannot be changed to cmd-\ in the chrome extension (!!!)

    With 1p7, you could download a “classic” extension that has the correct shortcut. This is no longer an option with 1p8.

  25. Weird - I just used Chrome for the first time since installing version 8 and Cmd-\ remains the hot key to fill the password field. (I did remove the existing 1p extension and then added in the one pointed to by the app.)

  26. After 3 horrible days using 1Password version 8, I was able to find version 7 was still lurking in the Mac App Store, and I re-installed it.

    I encountered several problems with version 8. It didn’t just become inconvenient to use 1P, it crippled my productivity. It kept making itself the active app while I was editing documents. Like, several times a minute!

    I’ll stick with Version 7 for a few months. Maybe forever. They made far too many changes to the interface in a single upgrade. Using the product is very different from version 7.

    Caveat Emptor

  27. Please understand that your experience is not typical. I somewhat reluctantly began using 1Password 8 several months ago after a long history of 1Password use going back to the first version. There have been many negative comments about v8 on this forum, most about data backup and accessibility. However, I have found v8 seamless and easier to use than v7, as do members of my family. It may not be a ‘native’ Mac app, but it does work well for me. Try contacting Agilebits to sort out your glitches. They have helped me in the past. FWIW.

  28. I tried working with them. sent several emails for different problems. Got a reply to one. The proposed fix didn’t work. No further response to that or other emails.

    Fine if it works for some people, but others should know that the downside is crippling if you run into the problems I’ve encountered. I running latest MacOS.

  29. I sorta agree…tested out v8 twice and it works. I personally prefer v7’s working methodology better but that could be because it’s different and I would obviously adapt over time if I used it. The non native app is a minor annoyance and most people that don’t like v8 have that one down on their list of dislikes…and again most people can live with it if they have to. Forced subscription (due to the influence the VCs have on the decisions of management no matter how much lipstick management tries to put on the pig) and dropping of DropBox or local storage (because it’s too hard to make v8 work with outside storage cloud vendors, again due to money) are much higher on the list of no go’s…but the lack of any ability for the user to backup their own data and independently of 1PW the company restore that data just goes against the grain of every single security principle and every single backup principle pretty much ever. That last one will be the killer for most people that leave the platform IMO. If they fix the backup/restore problem then whether people stay with 1PW and v8 or shift to something like Enpass…which has all the same features that v7 has and v8 lacks…is a lot closer decision.

    I realize that companies need to make money…and I also realize that the company owners got greedy and (a) sold part of the company to VCs no matter how they dress it up in management-speak, (b) shifted to a different business model including subscriptions and being aimed primarily at business users instead of individual users…because that’s where the money is. What I don’t like about the approach is that all of the management-speak BS is just lying to users.

    People that aren’t using v8 have examined the totality of the issues and likely a lot of the things they’ve said on their site…and decided that the costs outweigh the benefits. Heck…I would consider going back to Password Wallet instead except that’s a 1 man shop and he has largely stopped supporting it with any new features, the sync is a pain, it lacks features users really require like having attachments to records, and the pain in the butt method of auto entering usernames and passwords along with him not being interested in providing browser plugins. My wife still uses it…I have a subscription that I use as one of the many backups in my family IT system…but I along with a lot of other people are not interested in v8 due to it’s issues.

  30. A VC firm may now own 1PW, but that’s the way of the world. As I have said here before, I don’t mind paying a subscription for software that I use regularly and that needs regular updates. Having been a programmer constantly asked to update out of date software gratis, I will gladly pay for updates. Seldom used software, not so much. My $0.02.

  31. Electron I could probably live with; haven’t bothered trying because see below.

    Pay for upgrade preferred but I can reluctantly live with subscription.

    No local vault under solely my control (and my responsibility) = no 1Password 8 for me.

  32. I’d already stopped using local vaults. 1Password was the last thing for which I still used Dropbox. Plus given that my password database is always on multiple devices I have no real concern about losing the data. That would require 1Password and all my devices to fail simultaneously.

    I was reluctant to take out the subscription initially, but it has proven to be very useful now that my children are getting old enough to need to manage passwords.

    I use Visual Studio Code, which I believe also uses Electron, and it runs for weeks at a time without any issues. So I don’t have any particular concerns about 1Password using Electron.

    At this point the only change in v8 that is a problem is the behaviour of the search. But plenty of people are asking them to re-instate the previous behaviour as an option.

  33. Actually…if one of them becomes corrupted it can easily be just about instantly synced and corrupt all the other devices as well…His is why being able to save an encrypted copy of your data elsewhere that can be restored is critically important. Sync means you really only have a single copy.

  34. I just upgraded (?) one of my Macs to 1Password 8. The experience has been horrible.

    Anybody else out there having trouble?

    Their support responses historically have been good. Not so much at the moment.

  35. Are things horrible only on the one you “upgraded”? Did the “upgrade” make things worse on your other Macs that shared vaults?

  36. no problems on the Mac running 1P version 7. Database is OK.

    Version 8 is functionally unusable. Seems to be related to the Safari Extension. There’s more to tell, but first I want to find out if anyone else is having severe problems.

  37. It’s not clear what the specifics of your issue with the 1Password extension is. But I also had issues with the Safari extension. It seemed to do nothing at all after upgrading to 1Password 8. I found this message in the 1Password forum. This short process worked well for me.

  38. I think the problems are related to the extension and how it works with the app. Sometimes, I click on the extension icon and it presents a picture of a locked vault with a spinner. It never goes away. meanwhile the app is running and the vault is open. But occasionally it works OK.

    most recently, I was typing a doc and the 1P app kept activating itself and I wound up typing in its Find field. This happened several time per minute. I quit the app and it still kept happening. I turned off the Safari extension and the problem ceased.

    1P is largely unusable for me at this point.

    I’ve submitted several emails to Agilebits and only one response. and the suggested fix did not work.

  39. I have Safari 15.5 and 1PW 8.7 I recall the latest upgrade was a bit baffling but I have the two apps working together as expected. This may be because I have a membership, for which I think the step was a little cleaner. Wish I had taken notes, but the point is it works for some. And I find this release better than the previous.

  40. I’ve been using 1Password since version 7. I refuse to upgrade to version 8 because:

    • They rewrote it using the Electron framework
    • Requires a subscription
    • You can’t host your vault locally. It’s part of your subscription.

    I’m trying Enpass which was an easy conversion from 1Password. I can host the vault wherever I want (keeping it on Dropbox). There are subscription plans available or a one-time license fee (which is steep at $79). I’m using the free version on my Mac, which I think is limited to one vault. Next, I’ll see if it’s still free on two Macs. When I add my iPhone, then I’ll probably pay up.

    I’m running 12.4, and it’s been working better than 1Password7, which was being flaky in the Brave browser, and generally was having trouble filling in username/passwords on lots of web sites.

  41. Has anyone any experience yet with 1PW 8 and Firefox? I’m sticking with v.7 until I hear that

  42. I don’t use FF all that often, but I just started it and applied the FF updates that I’d missed. Then after restarting, I deleted the existing 1Password extension and downloaded and installed it again, and it’s working fine for me. Ctrl-\ fills password fields, in fact the 1P extension behavior to show the user name/password in login fields works just as well for Safari.

  43. I use Firefox for about 1/3 of my browsing. The 1Password 8 extension and application worked immediately after installing the application. For me, this version’s browser extensions seem more reliable that previous versions.

  44. For the same three reasons, 1Password and I, after a long and stable relationship, will be parting company when version 7 is no longer supported on whatever the then current version of macOS is. We’ll try to explain it to the kids.

    For what it’s worth, I’ve been mostly using iCloud for password support for a few years now, and hope, in the next year or so, to own a Mac that will support a keyboard with Touch ID, so I’ll have that or Face ID on all my Apple hardware, except my  TV 4K, which could really use one of those.

  45. Thank you, Doug. I installed 1PW8 and the browser extensions for Firefox, Safari and Vivaldi. So far everything seems pretty normal!

  46. I don’t understand this hatred for Electron.

  47. I think you’re misunderstanding what the issues are for those who don’t like v8. Electron is on the list… it it isn’t the main issue for me…and I suspect it isn’t the main issue for a lot of people.

    Forced subscription, no standalone license for users who want one, forced use of their and only their cloud service, a deliberate decision to exclude both local vaults and other cloud storage, and the complete lack of a backup and restore process under the user’s control to a location of their choosing are far worse. As a long time computer security and sysadmin…it is simply appalling that a company so ostensibly focused on security would deliberately force users into a single backup situation. Yes…the user has multiple devices…but corruption of the encrypted blob on one device gets immediately synced to the other devices, their servers, and their backups…and user is now SOL potentially.

    Electron is way down the list. People understand why they did what they did…they just don’t like it.

Join the discussion in the TidBITS Discourse forum

Participants