It really doesn't. I'm a full time linux user and I can tell you the support from both lastpass and 1password is abysmal. I have to copy and paste my passwords from both of those platforms using their half-baked browser plugins that rarely work with linux clipboards.

Interesting. Lastpass works perfectly for me on Debian based Linux, and I have friends that use it on arch. I can't speak to use on other distros though.

Same, Lastpass works just just fine for me on Solus in both Firefox and Vivaldi.

I think that parent is referring to standalone apps, not in browser extensions.

I use 1Password via the CLI (https://support.1password.com/command-line/) on Linux (well -- FreeBSD) Desktop all the time. I wrote a wrapper for the CLI (https://github.com/dcreemer/1pass) to make it a bit more ergonomic to use with things like FZF.

I used to use "pass" like others here, but did not like the Android experience.

*edited to add: and we use the 1Password team account at my day job -- and are satisfied customers. I'm sure other products work well too -- just my one data point.

afaict, the 1password cli app is just a client for their API and has no offline mode, so if I can't reach 1password's servers, I can't access any of my secrets.

I believe the browser addons do not share this shortcoming, though.

You are correct - that's the main reason I wrote the 1pass wrapper mentioned above. It mirrors the data locally (in a gpg-encrypeted cache).

You're correct that the Linux support for 1Password is severely lacking, which is why I called that out in my evaluation.

LastPass, on the other hand, is in a different category. It _claims_ to have full Linux support, and for a long time they did, but more recently -- as you point out -- copy/paste in their browser plugins stopped working properly when the binary component of the plugin is enabled on Linux. Since the binary plugin component is required to work with attachments, Linux users have been forced to choose between working copy/paste and the ability to manipulate attachments. They've known about this bug for many months and have not fixed it. In fact, this is one of the unfixed bugs which drove us to finally evaluate alternatives to LastPass.

It's interesting to me that you've had trouble using the 1password browser plugin on linux; it isn't quite as handy as having a native app as you do on OSX, but I've never had any trouble at all with it.

I also find 1password browser plugin fairly crap. Sometimes it doesn't play nice with chrome, sometimes it doesn't show the correct logins so I have to open the plugin, navigate to it, and then do two copy pastes.

Both Lastpass and 1password browser plugins worked totally fine for me on Linux. My only complaint re: 1pass is the lack of native Linux app — you can't do mildly complicated things in the browser extension like edit credentials. On the other hand, LastPass doesn't have a native app.

LastPass doesn't have a native app because it doesn't need one -- when the browser plugin and web vault are working properly, they provide all available functionality on every platform. The problem is that the plugin does not always work properly; see my other comment about copy/paste problems on Linux, a bug which LastPass has known about for many months and not fixed.

I run Arch full time with i3, and I have no issues with lastpass. I use both browser plugins, and lastpass-cli which I have had no issues with[0]

[0]: https://github.com/lastpass/lastpass-cli

There is an official lastpass cli, but I don't know how well maintained it is. https://github.com/lastpass/lastpass-cli

Interesting. Browser plugins, by nature, include source code. I wonder if there's an easy fix. Can you describe the issue in a little more detail?

Password managers usually use native messaging, ie a native helper app

https://developer.chrome.com/apps/nativeMessaging

I took a shot at building a browser plugin for 1pass [1] a little while back.

Turns out, the hardest thing is not the crypto or the browser to app communication, but parsing the HTML to accurately find the login forms. If I remember correctly, the browser plugin on Mac actually sends the entire HTML to the app for parsing. The parser is probably quite complicated and they avoid reimplementing it in extensions that way.

[1] https://medium.com/@paulsc/making-a-1password-client-15dd39a...

Of course that also protects the IP :)

Also, great post. I love reading reverse engineering stories.

That page says, "Requires Google Chrome or Firefox," and the download link takes you to the Chrome web store. I'm not sure the poster considers that full support.

That's somewhat fair, although the 1Password X page (which is what AgileBits calls their in-browser version) describes it as being comparable to the native versions, which to me goes against OP's statement that

> full functionality can’t be dependent on an app which is only available on Mac OS and/or Windows.

The existence of 1Password X means that full functionality is not _dependent_ on a MacOS/Windows app. The argument that there should be a graphical (because there _is_ a multi-platform CLI), native app for Linux, which does not depend on any browser, is a perfectly valid one -- but it is also an argument that I don't believe they've made.

1Password X is definitely not comparable to the native versions, and the statement was "full functionality can’t be dependent on an app which is only available on Mac OS and/or Windows."

> The argument that there should be a graphical (because there _is_ a multi-platform CLI), native app for Linux, which does not depend on any browser, is a perfectly valid one -- but it is also an argument that I don't believe they've made.

I think they're making that argument.

I have no experience with the mac app but 1Password X is certainly better than the native windows app.

There is substantial functionality which is only available in the native app, not in 1Password X, and therefore completely unavailable on Linux.

If the 1Password X claims that its functionality is comparable to the native version, then it is lying.

How many Linux users don't have chrome or firefox installed?

I think the article would be a bit more accurate to say there's not native client support for Linux.

There are applications besides web browsers that require passwords. For example, password-protected documents, or encrypted archives. A password managers that requires, or only supports, web browsers is incomplete.

A password manager that is only usable in a web browser may be annoying to use for non-web-related tasks, but presumably you can just switch to your web browser, open up the password manager, and then search for what you need within it. It's not like the password manager is restricted to only giving you access to the passwords for the current site.

Regardless, 1password X does not provide the full functionality of the native apps, so it's fair to say a Mac or Windows app is required for full functionality anyway.

None of my headless servers have Chrome or Firefox installed.

They offer a CLI for this case.

How is this different than just trusting the browser to handle saved passwords in an encrypted manner?

As they note on the table, support is poor, but it exists

I thought they were based out of Toronto, Canada.

They have literally one support person in Australia.

My apologies, I was mistaken.