Security Experts Upset at 1Password’s Push to the Cloud
Over the weekend, a number of security researchers took to Twitter to voice their anger at AgileBits’ decision to push its popular password management service 1Password to a cloud-based option.
Motherboard reports that even though the company has no immediate plans to remove local vault storage, security researchers noted 1Password is quietly shifting to a subscription-only model that stores passwords on remote servers. Security researchers previously recommended 1Password because of its local storage feature, which some believe is more secure than keeping data in the cloud.
With local storage, malicious attackers looking to gain access to saved passwords would have to break into a specific device. Cloud storage alternatives, like 1Password.com, leave personal passwords vulnerable to attacks against the service itself.
AgileBits will not “remove support for local/Dropbox/iCloud vaults from the software” in the immediate future.