Popular password manager 1Password is trying a new distribution model. Instead of letting you pay for the 1Password app on your Mac or PC and pay again to upgrade to a new major version, AgileBits now has a new plan — for $2.99 per month, you can download and use all the 1Password apps for as long as you subscribe. This comes in addition to the existing model.
If you’ve been following 1Password lately, you know that the company behind it recently released 1Password for teams and families so that multiple people can use 1Password and share logins and passwords.
AgileBits is re-using the same idea for individual users with this new monthly subscription service. For a long time, 1Password cost $49.99 on a computer — shortly before introducing this new subscription model, the company increased the single license price to $64.99. On iOS, the app is free but you can pay $9.99 to unlock more features. So $3 per month seems like a fair price if you take into account the regular license upgrades for major new versions.
While one-time licenses are still available, you can now choose a subscription instead and use the 1Password app on your Mac, PC or phone with all features — major updates are included. People who sign up to a subscription now get six months free. AgileBits tells me it will continue to provide both models with the next major update. But after Adobe, Microsoft and countless of other software companies, it looks like subscriptions are here to stay as many people now opt for subscriptions instead of one-time purchases.
In addition to iCloud and Dropbox, if you subscribe, you’ll also be able to use 1Password’s servers as the syncing backend. The main added benefit is that you’ll be able to access your 1Password vault from any browser.
So how secure is the 1Password backend? The company has a detailed security page describing how the multi-key decryption system works. In short, 1Password can’t see your passwords. You need to enter a password and an account key to unlock your vault.
The idea is that this account key acts as a sort of two-factor authentication system. Once you authorize a device, you don’t need to enter your account key every time you unlock your vault. But if you want to authorize a new device, you need to pull up an authorized device to find the key in the 1Password settings.
AgileBits also recommends writing down this account key on a piece of paper and storing it in your home. This way, if you lose all your devices at the same time, you can still log into your 1Password account from a new device. In many ways, this encryption system reminds me of bitcoin paper wallets. You are in charge of storing the private key in a safe place and it isn’t supposed to be stored digitally anywhere. In 1Password’s case, you won’t need it often so it should be a secure, yet convenient, encryption system.
Correction: An earlier version of this article assumed that AgileBits would slowly switch to a subscription model exclusively. This is incorrect, AgileBits doesn’t plan to stop the one-off licenses and upgrades. I apologize for the mistake.