Introducing 1Password 7 Beta for Windows

1Password 7 for Windows is almost here! πŸŽ‰πŸ™Œ Today marks our first beta and you’re invited to join in on the fun.

This is a massive release where quite literally everything has changed. And with support for local vaults, everyone can enjoy the awesomeness that is 1Password 7 for Windows.

Read on to see what all the hullabaloo is about and I think you’ll find our excitement is quite contagious. πŸ™‚

Incredible New Design

Our design team has been working their tails off making 1Password 7 for Windows the best it can be, so it seems fitting that we start by showing how great 1Password 7 looks.

The awesome starts with the lock screen.

1Password 7 Beta for Windows Lock Screen

Once you unlock 1Password with your Master Password (or Windows Hello), you’re in for a delightful surprise. I’ll let 1Password speak for itself here.

Main window view from 1Password 7 Beta for Windows

From the typography to the rich icons to the layout, everything has changed. Yet the soul of 1Password remains, so you’re able to jump right in and find everything you need.

The new sidebar is not only gorgeous but it’s more powerful, too. It allows you to navigate between your categories and tags just like you always could, but now your vaults live there as well.

All your vaults, all in one place

Easily browse account vaults and standalone vaults with 1Password 7 Beta for Windows

Organizing your items into vaults is a great way to keep your items tidy and share them with those who need them.

Vaults are so nice that you’ll find yourself adding lots of them. Thankfully the sidebar makes it easy to see every vault you have at a glance. If you want to zoom in and see all the items in a vault or an account, just click on it. When you’re ready to zoom out again, click All Vaults to see all your items.

Between my AgileBits business and Teare family accounts, I now have over 50 vaults. Being able to switch between vaults and accounts makes it super simple to stay focused on the task at hand. Which is perfect for those days when I need to find my mom’s PokΓ©mon password. πŸ™‚

Small passwords. Large passwords!

If you spend as much time looking at computer screens as I do, your eyes will love our new Large Type. Passwords have never looked better!

Large Type Viewer in 1Password 7 Beta for Windows

This is great when you need to type a password into another app. But for browsers, 1Password mini will take care of this large task for you.

1Password mini is always by your side

To keep up with their bigger sibling, 1Password mini has a new design of their own and has learned some new tricks as well. As always, mini will automatically find the logins that are most relevant to the website you are on, making it super easy to sign in.

Quickly fill logins using 1Password mini in 1Password 7 Beta for Windows

And if a website has been breached, mini will alert you so you know which of your logins need to have their passwords changed.

You can also open logins directly within your browser. And as an added bonus, your password will also be filled automatically after the page opens, making 1Password a great way to bookmark websites.

Designed for everybody

We wanted to create 1Password 7 for everybody and be as inclusive as possible. That started with allowing you to sync your vaults yourself as well as supporting 1Password accounts.

1Password also speaks your language and has been localized into 9 languages, including FranΓ§ais, Deutsch, Italiano, ζ—₯本θͺž, ν•œκ΅­μ–΄, PortuguΓͺs, Pyсский, and EspaΓ±ol.

Localised 1Password 7 Beta for Windows speaks many languages

Being able to use 1Password in your language is great and it’s even better on High-DPI displays. 1Password 7 has full support for HiDPI in Windows 10 so it looks incredible on 4K monitors and other high density screens.

And for those of you who rely on assistive technologies, rest assured that 1Password 7 is fully accessible. Accessibility is near and dear to my heart and I’m looking forward to seeing your feedback on this beta.

Why hello there, Windows Hello

We also added support for Windows Hello so you can unlock 1Password using your fingerprint or simply your smile. This works great in the main app as well as in mini.

Windows Hello support with 1Password 7 Beta for Windows

To keep things as secure as possible, the first time you unlock 1Password you will need to provide your Master Password. Windows Hello will then be able to unlock 1Password afterwards.

Pricing

1Password 7 is included free with every 1Password membership. This includes individual accounts, as well as anyone who is part of a family or team. If this is you, you’re all set! Jump to the next section to get started with the beta.

For standalone license holders, 1Password 7 for Windows will be a paid upgrade. Once 1Password 7 for Windows is officially released later this year, a new license will be required and will cost $64.99.

If you join the beta you will get access to a special discount to show our thanks for helping us get the beta polished. The code hasn’t been written yet, but in the next few months an upgrade window will appear, giving you the opportunity to purchase your license for just $39.99.

So join the beta, give us your feedback, and save! Here’s how…

Join our beta family

Intrepid testers who enjoy being on the cutting edge can jump right in by downloading the beta today.

Download the 1Password 7 Beta for Windows

Please see our release notes for known issues and join us in our discussion forum to let us know what worked great and where we need to improve.

We wouldn’t be here without you so thanks again for all your help! 😘

1Password 7 for Windows (beta)

Dave Teare Founder of AgileBits

251 replies
Newer Comments »
  1. Francois
    Francois says:

    Looks great!

    Will there be 2FA with SMS or OTP available? Other password managers have this very important security feature.

    Reply
    • Dave Teare
      Dave Teare says:

      Thanks Francois,

      I’m glad you like what you see! 1Password for Windows has never looked better, which made it a lot of fun taking screenshots while getting this post together. πŸ™‚

      As for 2FA, in many ways the Secret Key that comes with every 1Password membership is a second factor and better against more threats than 2FA is. You can see how your Secret Key protects you for more information. With that said, many folks feel much better when they can see the changing numbers in a typical approach to 2FA, so we will be adding support for exactly that. We’ll be announcing more about that here in the coming weeks.

      Take care,

      ++dave;

    • Michael Carlyle
      Michael Carlyle says:

      SMS 2FA is not secure. I hope 1PW doesn’t implement that method, since security is at the core of what 1PW stands for.

    • Dave Teare
      Dave Teare says:

      I agree with you 100%, Michael. Every time I see a service promoting SMS 2FA I die a little inside. What we have in store is so much better. And our Secret Key is stupendously awesome already, so do be sure to check that out if you haven’t already.

      ++dave;

    • Kate Sebald
      Kate Sebald says:

      Hey Brett! In the simplest terms, 2FA is based upon needing both something you know (your password) and something you have (a physical device or key) to authenticate. This seems to point to SMS being a good second factor (something you have), but consider where these 2FA codes are being sent. They’re being sent to your phone number. In theory, that phone number goes to your physical cell phone that you have in your hand, but that’s not always the case. Much link the link, https://www.google.com can redirect you somewhere else entirely, your phone number is not inexorably tied to your device. Your phone number is also public knowledge and thus difficult to protect and easier to exploit.

      To illustrate, there have been numerous anecdotes about account thieves transferring phone numbers with social engineering. One example, is an attacker calling the support lines for cell carriers and indicating they’re at the carrier’s store working with a customer and need that customer’s number transferred to a new device. If these carriers handle identity verification well, then they will quickly realize this person is an impostor, but unfortunately they don’t always do so. Google is rife with instances where support reps have transferred phone number to devices in an attacker’s possession without proper verification. Once your phone number goes to their device, they can nullify that second factor if you’re using SMS as that code will go to their device, not yours. With SMS, you are relying on the security practices of your cellular carrier to keep that second factor in your possession, and don’t have the power to do much to protect yourself from their errors.

      If you use an authentictor app, including 1Password, the secret used to generate your one-time password (OTP) for a site or service is stored on the device itself (and encrypted in your vault when syncing to other devices, in the case of 1Password), so your OTP is not being sent anywhere at all. For that reason, accessing your authenticator app requires physical possession of, or access to, the actual device you have it installed on. The mere fact that delivery cannot be redirected when using an authenticator app makes them much more secure than SMS, but you also have control over further security precautions to protect your authenticator app. You can set a passcode or use biometrics to protect your device, or use tools like iCloud or your Google Account to lock or wipe your device. Both of these precautions can protect your device should it be lost or stolen. Your can also use Travel Mode to remove sensitive items, including their OTP codes, from your devices while traveling as another example.

      These is ultimately just one example of where SMS can be problematic and it’s largely based upon what I’ve learned from our security team in my time here, so I’m sure there’s more that can be said on the topic. In fact, I was so convinced this must be something Jeff Goldberg, our Chief Defender Against the Dark Arts, had talked about before, I went spelunking in our discussion forum for a post. Alas, I came up empty, so perhaps it’s something I can convince him to talk about in more detail in a future blog post. Not only is it a fascinating topic I’m sure all of you would be interested to read about, I’d be delighted to learn more about it myself. In the meantime, I hope my example helps you better understand why SMS isn’t the best choice for 2FA. And, if you’re looking to make a change and the sites you use have options to use something different, 1Password is here to help. 😊

    • Brett
      Brett says:

      Wow, that’s intense. I never really thought about it like that, but I see what you mean. Thanks for the info, Kate!

      I really wish I could move from an OTP fob I have for a site we use at work to an app (something like, 1Password, perhaps).

    • Kate Sebald
      Kate Sebald says:

      Hey Brett! No problem at all! Honestly, I’ve always disliked SMS 2FA even absent any security concern. I love having my OTPs available everywhere, so definitely prefer 1Password when I have the option. Being able to paste my OTP on my PC is way more handy that trying to type what’s on my phone. I’ve been spoiled. 😊

      That said, while apps can be more convenient than fobs since they can sync to multiple devices, security-wise, your fob is likely just fine. Of course, I don’t know every system out there, of course, but fobs like the old school Blizzard authenticator from the earlier days of World of Warcraft usually generate their codes locally. They’re a solid choice, just a bit less convenient. πŸ‘

    • Dave Teare
      Dave Teare says:

      You’ve very welcome, Ryan! I’m glad you noticed. πŸ™‚

      Thank you for your patience while we got our ducks in a row here. It took a while but I’m pretty happy with how things turned out.

      We love you too! 😘❀️

      ++dave;

    • Dave Teare
      Dave Teare says:

      Thank you, Phil! 😘

      I have some great news to share on the Mac side of the world, but it needs a bit more time in the oven still. Let’s let today be about Windows and we can talk Mac more next week. Hint. Hint. πŸ˜‰

      Take care,

      ++dave;

  2. Paule
    Paule says:

    Is WLAN Sync part of 1Password 7?
    I will never ever sync all my passwords using a cloud service – that’s why I’m still using 1Password 4

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Paule,

      No, WLAN Sync is not in this beta and it will not be included in the final 1Password 7 release. At least not the initial 7.0 release anyway as we just have too many other things that need to be completed in the relatively short timeline that we’ve set for ourselves.

      To be completely honest I wanted WLAN Sync to be in 1Password 7 for Windows simply so I didn’t have to say “no” to customers like yourself. Alas it was not to be. After many internal meetings and planning sessions, we needed to cut several features in order to make this 1Password 7 release possible.

      One of the main reasons WLAN Sync wasn’t developed for 1Password 7 is we already support syncing to our 1Password membership service, along with Dropbox, as well as folders that you can sync yourself to other PCs. Adding a fourth method seemed like overkill, especially since we simply don’t know how many people use WLAN Sync. We do not include analytics or other spyware of any sort in 1Password so we simply don’t know how many people were using WLAN Sync in version 4. Anecdotally the answer appears to be “not that many”, but I admit that is a rather unsatisfying and unscientific answer.

      To help us gauge interest in this feature, we’ve set up a special WLAN Sync newsletter for those who need this option to sign up to. Please sign up as it will help us determine if there is enough demand for this feature, as well as giving us a way to contact you in the future if and when it becomes available.

      With that said, I’m curious to know more about your needs and requirements. Many times we are able to help find a better option depending on what the issue is.

      Is it that you prefer your data not to be in the U.S.A.? If so we have additional data centers in Montreal, Canada as well as in Frankfurt, Germany. Choosing either of those will keep your data out of the United State of America if that’s important to you.

      Or is WLAN Sync “required” because of firewalls or corporate policies at work? Firewalls can often be configured to allow 1Password memberships, and while we admittedly can’t do anything regarding internal corporate policies, our 1Password membership service is SOC2 certified, HIPAA compliant, and adheres to GDPR regulations. Often times companies with very strict regulations who think they can’t use 1Password change their tune once they learn this.

      Interestingly enough, we have a huge energy company in Germany using 1Password and I doubt it possible to find any company with more strict corporate controls than a German infrastructure company. Once they learned about our compliance certifications and our datacenter in Frankfurt, they were more than happy to adopt 1Password across their entire organization. If this is what’s driving your needs, our sales team would be happy to talk with your security and infrastructure teams to help them get 1Password approved for use within your company.

      Other times it’s a feeling of security as there is a misconception that WLAN Sync is more secure that storing your data “in the cloud”. It’s just a misconception, however, as our security design for 1Password memberships is unparalleled.

      Our security starts will all your data being end-to-end encrypted using both your Master Password and your Secret Key. The Secret Key is generated for you during signup and consists of 128 bits of random data that is combined with your Master Password while encrypting your data. This greatly increases the security of your data while it is stored on our servers because your Secret Key is never sent to us. It means that even if an attacker managed to steal a copy of your encrypted data from our servers, it would be infeasible for them to ever decrypt it, even if you use a weak Master Password.

      When combined with Secure Remote Password and all the other things described on our Security page and White Paper, you can see why it’s easy for me to argue that our 1Password memberships are more secure than WLAN Sync.

      Our open and transparent design allows me to sleep well at night even with millions of users entrusting us with their data. But of course it’s not just use they trust. It’s also the mathematics of encryption and the security design we have chosen. Together along with our $100,000 bug bounty, I do manage to sleep quite well at night. What keeps me up at night is customers who are managing their data themselves without the data access protection provided by our membership service, but alas, that is another story.

      Last but not least, it needs to be said that WLAN Sync was hard to use as well. I remember when I used to use it I would always find myself without my data because I forgot to sync before leaving my house. It was a huge relief when I switched to securely syncing my data to the cloud as my data was always available when I needed it.

      Writing a sync solution is hard enough, but to write one that we don’t even use ourselves would be even harder. We love working on 1Password and creating features that we use as much as our customers. It’s for this reason that I hope we don’t need to add WLAN Sync, but again, depending on demand we might reconsider this decision. So please do sign up to that newsletter if needed.

      Looking back I see I’ve written 927 words and I’m still typing, so I apologize for giving you so much to read. It’s an important topic, however, so I wanted to make sure I touched on every aspect of it. I hope you manage to read this far and that you found this helpful.

      Take care,

      ++dave;

    • Paul
      Paul says:

      Thank you Dave for the detailed answer – wlan Sync is not the most comfortable way to sync but easy enough.
      I see that you take security serious. Millions of passwords stored in one central place are still very attractive for criminals.
      I would prefer to keep my passwords stored locally and you support a local password store – but why if you cannot get the passwords transferred to your mobile devices?

    • Dave Teare
      Dave Teare says:

      Good morning, Paul. β˜€οΈ

      I like how you said that. You’re right, WLAN Sync is “not the most comfortable way to sync”. It resonates with me as it’s not so much about WLAN Sync being incredibly hard to perform but rather being uncomfortable about forgetting to sync everything before leaving home.

      Regarding security and being a target, I have no doubt that we’re a target, but it’s not for your passwords. It would be for the thrill of trying to break into an incredibly well defended system. Your data and everyone else’s is encrypted by your Master Password and your Secret Key, both of which are never sent to our servers. With the Secret Key in particular, it becomes infeasible for an attacker to brute force their way through to the original data. If this wasn’t true I would lose a lot of sleep at night, and those who know me would tell you that I don’t give up a good night’s sleep for anything. πŸ™‚

      As for a local password store, I think you’re referring to the ability to sync to a local folder, is that correct? If so, the idea behind folder sync is you’re able to sync your data between your PCs using any method you desire. There’s many tools that do this in many ways, including those that depend on the cloud and those that do everything within the confines of your local network. You’re right, however, that 1Password for iOS and Android have no way to sync with a local folder on your PC, so they would not be able to participate.

      Take care, Paul. I see another comment from you above so I’ll be talking again with you soon. πŸ˜€

      ++dave;

    • Dave Teare
      Dave Teare says:

      I read an excellent post from our Chief Defender Against the Dark Arts today that I wanted to share. Jeffrey Goldberg wrote an essay of his own in his On WLAN Sync in 1Password 7 forum post that does a deep dive on WLAN Sync and why we are not supporting it in 1Password 7.

      I recommend you check it out for a different perspective on things.

      ++dave;

    • Sebastian
      Sebastian says:

      If there is no WLAN Sync, how do I sync my Vault to my iPhone? I ever only used my Windows PC for this matter and with that, WLAN sync. To get the files on my Mac I sync a folder between my pc and mac (without using an intermediate server).

    • Dave Teare
      Dave Teare says:

      Good morning, Sebastian.

      In order to get your data to your iPhone with 1Password 7 for Windows you will need to use our 1Password membership or store a standalone vault on Dropbox. There is no way to sync to iPhone or Android within the confines of your local network.

      I tried my best to explain in my reply above to Paule why using 1Password memberships is the better way to go. I think Jeff Goldberg summed it up best in his On WLAN Sync in 1Password 7 post:

      Our security is layered, relies on end-to-end encryption, maintains privacy by design, and focuses on real defenses instead of theatrical ones. We want you to have as much control over your own data as possible, while still making things work for you.

      ++dave;

    • Dietmar
      Dietmar says:

      I totaly agree that WLAN Sync is a must have. There are several other products on the market, but 1Password is the only one that supports this feature.
      And if you don’t want that your data is leaving the home network, for me it is the only soluition to sync between my IPhone, IPad and my PC.

    • Dave Teare
      Dave Teare says:

      Thanks for letting us know WLAN Sync is important to you, Dietmar. I hope you added your name, email, and reasons to the newsletter linked above so we can keep track of things.

      ++dave;

  3. David Samson
    David Samson says:

    That is the greatest news I have seen today! :)

    If I install 1Password 7 for Windows Beta and I use a standalone vault, is there any data conversion implied to vault file?

    Since it’s synchronised via Dropbox and use on my iPhone as well, will it still be working?

    Finally, in case I don’t like it (hopefully not!), is it possible to revert to 1Password 4 for Windows?

    Thanks and keep up the good work guys!

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey David! Hooray! I’m totally stoked you’re excited. I’ve been biting my tongue for weeks waiting for this announcement. I almost slipped a few times, but don’t tell Dave or he’ll stop telling me secrets. πŸ˜‰

      There is data conversion if you’re using the Agile Keychain data format. 1Password 7 will automatically convert your Agile Keychain data into the OPVault format when you open your vault. Although I wouldn’t anticipate any trouble, making a backup before a major upgrade is never a bad plan. As for syncing, Dropbox will still work across your devices and folder sync to your Dropbox folder will be set up automatically in 1Password 7 when you open your vault from Dropbox.

      I almost don’t want to answer your last question because I’m sure you’ll absolutely love 1Password 7 and never want to go back in a million years, but in case I’m wrong you can definitely go back to 1Password 4. Uninstall 1Password 7, open your vault again in 1Password 4 and you’re done. And no matter your thoughts on 1Password 7, be sure to share them with us! This is only the first beta, so there is much more awesome to come and your feedback helps us make sure we’re headed in the right direction. πŸ’–πŸ˜Š

    • Kate Sebald
      Kate Sebald says:

      One more thing, David! As a wise man just reminded me, if you are using Agile Keychain, you’ll also need to point your other devices to the newly minted OPVault 1Password 7 creates. What happens here is 1Password creates a new copy of your vault in OPVault format, so your other devices will still be pointing to the old one and you’ll need to tweak ’em to make sure they stay synced up. πŸ‘

  4. Kevin
    Kevin says:

    This is like Christmas for us standalone users. I greatly appreciate all the work you have done to keep supporting us. So excited for this.

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Kevin! πŸ‘‹

      It really does feel like Christmas, doesn’t it? πŸŽ„ Not just for you but me as well. πŸ™‚ Seriously, it was a pleasure writing this announcement post. I’m looking forward to many more!

      Take care and please do let us know how the beta treats you. There’s quite a few other surprises in this release that I just didn’t have room to cover in this post. And quite frankly, the change log is too long to read so you’re better off just using the beta and seeing for yourself! πŸ˜‚

      ++dave;

  5. DaKi
    DaKi says:

    GREAT!
    At last a Windows Version with local vaults and a standalone license!
    Both things are a “must-have” for me to use 1Password as my password vault!!!

    Reply
    • Dave Teare
      Dave Teare says:

      Awesome! I’m glad to hear that you’re as happy as we are! πŸ™Œ

      Please take the beta a spin and let us know how it goes. I think you’ll fall in love pretty quick! πŸ™‚

      ++dave;

  6. Kristian
    Kristian says:

    Looks really great! And finally – after years of waiting – multi language and HiDPI UI is arriving to windows users. Thank you!

    Reply
    • Dave Teare
      Dave Teare says:

      You’re very welcome, Kristian! I’m super excited that you’re excited. πŸ™‚

      Please give the beta a test drive and let us know how it goes. Take care,

      ++dave;

    • Dave Teare
      Dave Teare says:

      Awesome! I’m glad you enjoyed Windows Hello. I personally use the camera and it’s pretty cool. All I need to do is smile. πŸ™‚

      ++dave;

    • Dave Teare
      Dave Teare says:

      Hi Daniel,

      Yes, licenses are purchased per-person, per-platform. It means you can install it on as many PCs and Windows devices as you can afford. πŸ™‚

      I hope that helps! Take care,

      ++dave;

Newer Comments »

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.