"We won’t be collecting your saved passwords, passkeys, usernames, and any URLs associated with your items. Your private information is just that – private.

All event data will be de-identified and processed in aggregate before it’s used for analysis. "

It sounds like they plan on releasing the technical details in the coming days/weeks. I’m curious how its de-identified and processed.

  • g0nz0li0@beehaw.org
    link
    fedilink
    arrow-up
    13
    ·
    2 years ago

    Tough place for 1Password, who clearly want to be able to collect data to maintain a competitive edge, but have an audience of security conscious users who may not be comfortable with this. But as always transparency is appreciated.

    • wet_lettuce@beehaw.orgOP
      link
      fedilink
      arrow-up
      6
      ·
      2 years ago

      It’s also incredibly important to note that they are making this explicitly opt-in. So none of that ‘dark pattern’ mumbo jumbo with the tyranny of the default–where companies opt you in and most users dont realize they have to opt-out.

      All in all they are going about this the right way it seems. The devil will be in the de-identifying technical details imo.

    • sunbeam60@lemmy.one
      link
      fedilink
      English
      arrow-up
      7
      ·
      2 years ago

      Almost every product tracks user behaviour. It’s how they utilise that data that should concern us. In this case, this doesn’t concern me at all. I’ve already decided to trust them with my passwords.

      • Sleepkever@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 years ago

        Exactly. They are being transparant, it looks like it will be an opt-in when the time comes and are already telling you why they are collecting data. Now if they will tell you exactly what data they will be collecting in a short way before asking approval this is a textbook example of how analytics data collection should be done.

  • chaotic_goody@beehaw.org
    link
    fedilink
    arrow-up
    3
    ·
    2 years ago

    Just leaving a comment here since I haven’t seen anybody else mention it: participation is optional for Individual and Family plans, and at this time it will not be applied to Team and Business plans.

      • renard_roux@beehaw.org
        link
        fedilink
        arrow-up
        2
        ·
        2 years ago

        I switched from 1Pass (no subscriptions, please) to BitWarden recently, and I’m super happy with it ❤️

    • chaotic_goody@beehaw.org
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      2 years ago

      If you’re not willing to trust what they say about the anonymity of the telemetry system, or to opt out, then I think you wouldn’t be happy trusting them with all your passwords in the first place!

      If you’re willing to stick to Safari, then I think using Apple Keychain is best, especially since they’ll be adding sharing this year.

      • sunbeam60@lemmy.one
        link
        fedilink
        English
        arrow-up
        4
        ·
        2 years ago

        Yeah this is what I don’t get. They already hold your most precious secrets and now you don’t trust them with a telemetry system?! Seems an odd order of concerns to me.

        • ironsoap@lemmy.one
          link
          fedilink
          English
          arrow-up
          4
          ·
          2 years ago

          Telemetry, even scrubbed, can provide enough meta data to de-anonomize the user. If the goal is to reduce your threat vectors, than it’s a valid concern.

          Given data breeches are increasing, the less data that is collected the better.

    • sunbeam60@lemmy.one
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 years ago

      Come on - this is 1Password we are talking about; I think they’ve earned a little bit of goodwill given their past behaviour. Transparency is key. Keep in mind that they could do almost whatever they want without telling us.

    • ZickZack@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      You can use keepassXC and “self-host” your passwords on any cloud-storage you want (it’s just a file after all), but if you are using 1Pass at the moment, I don’t see an opt-in anonymized telemetry system as a reason to switch.

  • andrew@lemmy.stuart.fun
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    2 years ago

    Before it’s used for analysis or before it’s sent to the server? The wording there isn’t exactly confidence inspiring.

    It’s not about what they gather and how they use it today. It’s about what they still have when they feel pressure to make more money.

  • Qazwsxedcrfv000@lemmy.unknownsys.com
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    It is no doubt a good thing for them to at least try to be “transparent”. I hope it is really their intention. I was a customer but I have migrated to selfhost Bitwarden (with Vaultwarden) already.

  • Jeze3D@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    I recently switched from Bitwarden to 1Password and don’t regret it one bit. Their app is substantially improved over Bitwarden. Layout is significantly more intuitive and autofill works better than Bitwarden on iOS/macOS.

  • HTTP_404_NotFound@lemmyonline.com
    link
    fedilink
    arrow-up
    0
    ·
    2 years ago

    I’ll stick with my bitwarden / vaultwarden.

    100% self-hosted using vaultwarden. If- my vaultwarden server goes down, everything remains synced to my browsers, mobile devices, and other clients.

    Autofill works fantastically well, and it can also replace authy for managing 2FA keys.