switch from LastPass to 1password

[chadwhitacre]

LastPass has a below-average user experience. 1password looks better at first blush:

https://agilebits.com/onepassword/

[chadwhitacre]

http://www.asecurelife.com/dashlane-vs-lastpass-vs-1password-vs-roboform-vs-keepass/

[chadwhitacre]

I have a renewal email for LastPass sitting in my inbox, is why I brought this up now.

[citruspi]

For what it's worth, I've used 1Password in the past, and personally, I think it has a much nicer interface and a better user experience.

I would definitely support a change from LastPass to 1Password.

My only concern is that 1Password doesn't provide a Linux solution. It's possible to use 1Password on Linux using scripts that can read from the vault, but you cannot write to the vault.

In addition, while 1Password does have a Windows offering, it's not up to par with the OS X offering. Having said that, it's probably better than LastPass.

[chadwhitacre]

@rohitpaulk mentions https://www.meldium.com/ at https://github.com/gratipay/inside.gratipay.com/issues/468#issuecomment-171676898.

[chadwhitacre]

LastPass is looking somewhat less terrible with their recent upgrade. Closing.

[EdOverflow]

Reference: https://github.com/gratipay/gratipay.com/issues/4384

[chadwhitacre]

Coincidentally, ...

Your LastPass Enterprise Account Will Expire Soon! Just a reminder, your LastPass Enterprise subscription will expire in 31 days.

Company Name : Gratipay

As a thank you for being a customer of LastPass Enterprise, your upcoming account renewal will be at your current, grandfathered rate for your next subscription period.

To renew your account at your current rate, please update your subscription here: https://lastpass.com/dashboard

We hope your team is taking full advantage of the powerful administrative and security features in the Admin Console, with everything your company needs to manage shared logins, enforce policies, and help your team be more productive every day.

You can view your Enterprise account details at any time, just log in to your Admin Console: https://lastpass.com/dashboard

For more information about available plans and pricing, please see our FAQs.

[chadwhitacre]

Your LastPass Enterprise Account Will Expire Soon! Just a reminder, your LastPass Enterprise subscription will expire in 8 days.

Company Name : Gratipay

As a thank you for being a customer of LastPass Enterprise, your upcoming account renewal will be at your current, grandfathered rate for your next subscription period.

[etc.]

[chadwhitacre]

Our LastPass account expires tomorrow.

Looking at options: 1password, Meldium, Dashlane, etc.

https://en.wikipedia.org/wiki/Comparison_of_password_managers https://en.wikipedia.org/wiki/List_of_password_managers

Tavis:

There's a bunch of obvious vulnerabilities in Dashlane, I'll report them later this afternoon. KeePass and KeePassX both look sane.

Haven't heard you report anything on 1Password. Clean bill of health so far?

I've sent them some vulnerabilities, but it's not the worst I've looked at.

KeePass{,X} are non-user-friendly free software.

[chadwhitacre]

KeePassXC seems to be the most active in that line.

[chadwhitacre]

But sharing passwords with each other would mean storing a file in Dropbox or something. That sounds like a non-starter to me.

[chadwhitacre]

The Meldium website keeps freezing on me.

Meldium is owned by LogMeIn, same company as owns LastPass.

Automatically creating user accounts for new collaborators sounds interesting, though.

[mattbk]

But sharing passwords with each other would mean storing a file in Dropbox or something. That sounds like a non-starter to me.

But the file itself is encrypted...?

[chadwhitacre]

followers (k)	twitter
101	https://twitter.com/1Password
39	https://twitter.com/LastPass
22	https://twitter.com/dashlane
1	https://twitter.com/Meldium

[chadwhitacre]

@mattbk Yeah I meant more in terms of usability.

[mattbk]

FWIW, I use KeePass in Dropbox and access it from multiple devices using different software and it hasn't been a problem.

[chadwhitacre]

Well, we could certainly do that for less money.

$/mo	thing	notes
6.00	LastPass	I don't really understand how LastPass billing and user management work. We have three licenses, which are $24 per year. But then we are able to share passwords with people "Outside Enterprise" and that doesn't seem to affect the price. 😕
27.93	1password	$3.99/mo/user
29.00	Meldium	/mo for up to 20 users

[chadwhitacre]

P.S. Enpass looks like a non-floss KeePass (local storage only, no cloud). Free as in 🍺.

[chadwhitacre]

KeePass or KeePassXC?

[chadwhitacre]

I've signed up for the 1password trial, and I've invited @mattbk @clone1018 @rohitpaulk.

These folk were in our LastPass but haven't been active lately, we can bring over as necessary: @citruspi @JessaWitzel @webmaven @eswat.

[chadwhitacre]

To save an extra $3.99/mo, I'm going to use the main 1password account for myself for now vs. creating separate accounts for vendors@ and whit537.

[chadwhitacre]

Actually, let's try this:

Securely sharing with people outside your team is easy!

Invite them as Guests by clicking the blue button.

Guests can be added to only one vault at a time; they don't get a Personal vault or automatic access to the default Shared vault. Learn about sharing passwords and other items with guests.

[chadwhitacre]

Like a doofus, I wasn't careful enough with the master password and am now locked out of the new account I was setting up. I've pinged them to see about recovering that, otherwise I guess we start over. If we can really make this work for $3.99/mo then I think that's a no-brainer. The product itself is quite sturdy so far, and Tavis' judgement is encouraging.

[mattbk]

KeePass or KeePassXC?

KeePass, MacPass, and Keepass2Android.

[chadwhitacre]

I've set up a new account with a different subdomain, invited @whit537 @mattbk @clone1018 @rohitpaulk as guests. If we recover the previous account we can close it and switch the subdomain back.

[chadwhitacre]

Alright, I just successfully signed into our Dropbox account using my personal 1Password guest account and the 1Password Chrome extension. The password that came over from LastPass didn't work so I created a new one.

[chadwhitacre]

I've spot-checked a few more logins and they all worked (Digital Ocean, MaxCDN, Typography.com) with the Chrome extension and my guest login.

[chadwhitacre]

[chadwhitacre]

Like a doofus, I wasn't careful enough with the master password and am now locked out of the new account I was setting up.

They let me delete the old account, after which I was able to rename the new one. We are all set. 👍

[citruspi]

I got this email from Meldium 20 minutes ago... 😆

Today, LogMeIn is announcing plans to retire Meldium from its current line of products. We understand this may present challenges for you, but you don’t have to go just yet – your Meldium account will remain active until July 5, 2017 – and we have an alternative solution for your password needs.

In an effort to unify our password management offerings, we took the best of Meldium and built it in to LastPass to deliver an intuitive experience. With unlimited password storage, auto-fill, form fill, device sync, and more, LastPass is the free, simple and secure way to manage your passwords.

Before the date above, you’ll want to move all your passwords out of Meldium and into another solution, such as LastPass. To help with the transition, we've put together step-by-step instructions on how to download and get started with LastPass.

You still have time to evaluate your options before your Meldium account expires on July 5, 2017, but we recommend that you log in now to start moving your passwords.

Thank you, The Meldium Team

[chadwhitacre]

Lol, what timing! And it looks like we dodged another bullet. :-)

Thanks, @citruspi! ☺️