image

1Password

1Password Review

By: AgileBits, Inc.

Visit Website

Overview

1Password provides a secure password manager and password generator tool that you can use on various platforms, including Windows, Mac, iOS, and Android. It features strong password generator, browser extensions, vault organization, watchtower, and more. The software is provided by AgileBits Inc., a privately-held security software company founded in 2006 and based in Ontario, Canada.


Detailed Review

1Password is a password manager provided by Agile Bits Inc. which is a Canadian software company.

The name of the product comes from the context that once you start using the manager, you will need to remember only one password, which will be the Master Password. Hence the name 1Password.

We are sure that most of you already guessed the origin of the name part, but we still needed to do our job of informing you.

Pros

  • Multiple Storage Categories: The manager helps the user to easily save a lot of data in the vaults without making a mess of the information. There are multiple categories already available in the client which make it very easy for the user to sort them. The user also gets the ability to create a custom section in the vault on his/her own.
  • Multiple Platforms: There are absolutely no boundaries when it comes to using the client. 1Password is available across so many devices and platforms that the user will hardly ever find a device on which he/she won’t be able to use the password manager. The desktop client is available on the Linux and the ChromeOS platforms as well along with the other major platforms. It is almost impossible to beat the accessibility options that 1Password provides to its users.
  • Multiple Vaults: The client comes with two different vaults already created in it. These two vaults are called ‘Private’ and ‘Shared.’ As the names suggest, the first one is for the user to store personal information while the latter is for the user to store the information which he/she intends to share with others. On top of these two vaults, the user has the option to create more vaults as per the requirement. This feature makes it very easy for the user to organize data for various contacts in his/her account.
  • The Watchful Watchtower: The Watchtower in the manager not only points out the weak and reused passwords but also keeps an eye out for what’s happening on the internet. It tells the user about the vulnerable passwords based on the various breaching incidents happening across the internet. The Watchtower also informs the user of any unsafe websites that he/she might be using. All such features on the Watchtower make the service very safe to use.
  • Two-Factor Authenticated: The password manager can be wrapped under one more security cover by employing Two-Factor authentication. Employing 2FA on the password manager takes off a lot of burden from the Master Password. The user can also rest assured of the fact that there is one more line of security that needs to be breached if in case the Master Password gets compromised.
  • Custom Made Strong Passwords: The password generator in 1Password churns out strong passwords for the user to make sure that he/she is using the best techniques to keep any account safe. The generator comes with a lot of settings which let the user make changes in the passwords as per convenience. Ability to decide the length of the password, and the freedom of choosing between the characters and words in the password are a few of the upsides of the password generator.
  • Expiration Alerts: The password manager also reminds you of your expiring documents and cards saved in the vaults. If you have filled in the information about the expiration dates of the documents saved, then the manager will inform you about the expiration of the document in due time. The general notification time for most of the documents is two months. The user is alerted nine months before the expiration date in case of passports.
  • Strong Security: The security measures undertaken by the service provider to keep the user’s passwords safe are among the best ones available. The use of AES 256-bit encryption makes it impossible for the attacker to view the contents inside the vault without the deciphering key. The use of PBKDF2 strengthens security even further. It makes the iterative processes of a brute force attack tougher. Breaching the security fortress of 1Password is not an easy task at all.
  • Extremely Private: Security and privacy go hand in hand for most of the services, and so is in the case of 1Password. The robust security ensures that none of the user’s data gets into wrong hands. The manager never transfers the user’s data on the internet without encrypting it. The extent of privacy can be judged by the fact that even the 1Password team cannot access any vault without the Master Password.

Cons

  • Not Intuitive: 1Password has not presented its users with one of the most intuitive clients, and there is always a chance for a new user to feel lost amidst the plethora of options available on the client. It is also not intuitive in the sense that sometimes it is very confusing to perform simple tasks on the client, and the user may feel the need to refer to the guides available on the support page at every step of the way.
  • Inefficient Dealing with Emergencies: There aren’t many functional options available to the user in case of emergencies on 1Password. User depends heavily upon the emergency kit provided by the manager. We are not a very big fan of the model that 1Password is currently using to deal with emergencies, and we also feel that it takes the user back to the conventional options present before the rise of password managers.

Overview

1Password is amongst the more popular password managers and enjoys a big userbase.

The manager is available for both families and enterprises. In this review, we will be majorly focused on the manger intended for personal use.

The expectations are high from 1Password for sure, but this does not mean the manager will get special treatment of any kind.

We will be thoroughly vigilant during the whole review, and not let any shortcoming go unchecked.

The security mechanism employed by the manager, the storage schemes, the monitoring of accounts, the ease of use, and a lot more things will be covered under the scope of this review.

This review will also be informative for the readers, and we are confident that the review will broaden your knowledge on the subject matter of password managers.

Easy accessibility

There is no doubt that the internet has become a vital part of our lives and most of the enterprises make use of the internet to provide their services.

We, as the consumers also use the internet to interact with the enterprises, and most of them require us to create a user account to identify us in the subsequent interactions.

Password managers help keep things safe and in order in such scenarios. But it is also imperative that the password manager itself is easy to access so that it does not end up adding to the confusion instead of reducing it.

Ease of access and ease of use become very important in such a case. We will be discussing the ease of use along with all the sections all through the review. Let us now focus our attention on the ease of access.

1Password is a big name among the password managers, and therefore, you can expect them to have a bigger and a broader presence on the internet.

The service provider took care of the preferences of all the sections of users by providing client as well as the web application.

You can download a desktop application for Windows, MacOS, Linux, and even the Chrome OS. The mobile applications are available on the App Store and Google Play.

Browser extensions make it easier to use the browser extension, and 1Password browser extension is available for Chrome, Firefox, Safari, Edge, and Opera web browsers.

Since the password manager is available across so many avenues, you should not face any issue related to accessibility.

Data synchronization across all these portals gives the user a lot of flexibility between the devices. We are satisfied by the ease of access on the 1Password across all the different modes.

Safe Storage

There is a lot of information other than the passwords which needs safe handling. Documents such as passports and driver license also come into the category of sensitive ones.

Access to credit card and bank account details at the time is also very important. Same can be said for the social security number, policy numbers, etc.

People sometimes come up with dumb ways to make sure that all this information is readily available to them when they need it. The methods include noting down the details in a diary or a device, mailing the details to oneself, etc.

Diaries and devices can get lost, stolen, catch fire, and a lot of other bad endings. Storing details in the emails is also not very wise as the information leaves a print on both the device as well as the internet, and even a noob hacker can even sometimes get access to it.

The solution demands for an avenue which has robust security, easy accessibility, and complete privacy. 1Password is one such solution.

1Password allows the user to store information in the various categories of a vault. The user can choose to have more than one vault in his/her profile.

It is an easy task to add a new vault in the account, and there is a guide on the support page of 1Password to help in the case.

There is a lot that can be stored in this password manager. 1Password allows storage of up to 1 GB of content on the manager. Most of the prominent password manager services allow storage of up to 1 GB of data.

Let us have a look at the various categories and how these categories make like easier for a 1Password user.

Logins

The primary task of a password manager is to store the login credentials and readily avail them to the user when he/she needs it.

‘Logins’ is all about storing such credentials. There are plenty of ways by which you can add entries into this section.

The easiest one is to use the autosave feature of the manager. When you login into an account, the manager will offer to save the details for you. All you need to do is to allow the manager to save the details for you.

The other method is to fill in the details inside the category manually. You can label it as you want and make some custom sections in which you can add the details related to the account.

You can import credentials from a different password manager or use a .csv file to save a lot of entries in one go. Using a .csv file is the most efficient way to save the details if the volume of content is high.

Once you have saved all the necessary credentials, the next time onwards, all you need to do is just enter the master password once to get into 1Password, and then let the manager do all the signing in for you.

You can either make use of the autofill feature of the service or eliminate the need to even type in the website address to the login page. All you need is to click on the login credential in the browser extension, and the manager will get into the site for you.

Secure Notes

In this section, you can save just anything you want. It can be some important document, certificates, your journal, just anything.

Label the note as you want and store it in the manager. Then you can access it anytime and anywhere using 1Password, and that too without the fear of someone else getting a hold of it.

However, you cannot add a note using the browser extension. You will have to make use of the client or the web application to save a new note into the manager.

Credit Cards

Online purchases are very common these days. Everyone finds it more convenient to do shopping from the comfort of their couch rather than going from store to store in search of the perfect product.

It also means that there is more frequent use of credit and debit card for online shopping. Each website asks you to fill that long card number along with the related details.

It becomes even more annoying when you have don’t have the card with you, and you need to leave the couch to get the card.

With 1Password you can fill in all those card details in just one click, and you don’t even need the card with you all the time for it.

1Password allows you to save your card details in the manager. The next time you are making a transaction, the manager will automatically fill the card details for you, and you won’t even need to move a muscle.

This adds up to not only the convenience but also the security. By eliminating the need to type in the card details, you even prevent any keystroke logger from getting hold of your sensitive information.

Keystroke loggers keep a record of all the keys you pressed, and this information helps hackers extract sensitive information such as card details.

Identities

In this section of the vault, you can save your details just the way they are needed in a sign-up form or other online forms.

You can also choose to save in the details of your acquaintances and contacts so that you can refer to them when needed. The manager is also a much safer place compared to other avenues available to store such details.

You can also save different profiles such as a different one for official work and a different one for personal use. You can vary address and contact information across these profiles.

Once you create the required profiles in 1Password, it wouldn’t take you much longer to fill an online form in most of the cases.

Next time you are checking out on a not so frequently used e-commerce website, it will take just a few clicks to fill in all the details including the address and the card details.

All this convenience comes with the security of the password manager, and an encrypted version of all these details is stored on 1Password servers. The robust encryption ensures that the actual information is unreadable even if the servers get compromised.

And lots more

We discussed only a few categories present in the vault of 1Password. There are many more in which you can store away the important information.

When you click on the ‘add’ icon in the client, you will discover various categories such as database, passport, outdoor license, Wi-Fi password, etc.

And the things don’t end here. You can create your own custom categories inside the vault. You can attribute all sorts of characteristics to this division.

All this information can be stored in various vault profiles on the manager such as private and shared. You can create more vaults if you need and use them according to your convenience.

Having different vaults makes it easier to share items of a vault, and we will discuss more about sharing items on the manager in the later sections.

With so many categories and classifications, 1Password has made it easy for a user to organize information within the manager effectively.

We have already emphasized enough on the handiness associated with the storage of all this information on the manager.

The security should not be much big of a concern on the manager as well, and we will discuss the security on the client in much details in the later sections.

The Watchtower

1Password does not stop at storing the passwords for you. It continuously monitors the security status of your accounts from the Watchtower.

It is the center where all your passwords and websites on which you have an account are continuously evaluated to make sure there are no loopholes in their security. The name Watchtower fits so well into the context here.

Once the Watchtower identifies the shortcomings, it notifies the user and recommends the solution as well. All that the user needs to do then is follow the guidelines and make the necessary changes.

The Watchtower has been divided into different sections to segregate the various kinds of issues that can possibly undermine the security of the user’s account.

Let us go through these sections to understand how they are different from each other.

Compromised Logins

Security breaches keep affecting businesses and companies from all over the world. No matter if the company is big or small, cyber attacks are a concern for all of them.

There are times when the cybercriminals find success in their breaching attempts. If it is a big company that gets affected by the attack or if the attack affects a lot of the businesses at once, then it makes into the news, and the world gets to know about them.

But not all attacks are that wide and potent. Some of them are relatively small scaled and therefore, such attacks get less or no coverage by the media.

There are also some attacks which sometimes take months before getting detected. And even after they get recognized, they might not attract a lot of attention from the users.

One such breach may have affected the service which you use and you may not even know about it. It is a difficult task to stay updated on all the cybercrimes happening around the world after all.

Well, with Watchtower, you don’t need to continually check for the news of any breach in one of the services to which you are subscribed.

You will get a notification from Watchtower if a breach happened in any one of such services, and you haven’t changed your password after the breach.

Once you get notified, it is simple to change the password. All you need to do is to replace the old password with a new and robust password generated by 1Password.

Vulnerable Passwords

This section will point out if you are using a password which has been exposed in a data breach.

For instance, let us take the example of the Quora data breach that happened recently. It exposed the accounts of millions of users and all the information related to their accounts were accessible by the hackers.

But, not of all of these millions of users are facing a cybersecurity threat immediately. So, does this means they are safe, and the breach did not affect them?

No! Absolutely not. Their accounts did get exposed, and this means that it is not safe to keep using the same password for the site or any other site.

There is a possibility that the information can be used against them in the future, and therefore, it is better to avert this danger by simply changing the passwords.

This section of Watchtower will inform you about any such compromised passwords, and you can just replace these passwords. Better stay safe than worry.

Reused Passwords

Safe password practices 101 states that it is a dumb move to use the same password across all your accounts. Isn’t it obvious?

Reusing passwords creates a single point of failure for multiple services. It is one thing to adore your dog, but entirely different from using ‘rustyisthebestdog’ as a password for all your accounts.

In some cases, you may accidentally use the same password for more than one service.

You may use the same passwords which you used to have for yahoo.com without even realizing it as you don’t login into yahoo.com that often anymore.

Watchtower will scan through your passwords to make sure that you are not using the same one for more than one service.

If there are items with same passwords in your vault, then the ‘Reused Passwords’ section will notify you about it, and you can make the necessary changes after that.

Weak Passwords

Safe password practices 101 also states that a user should always try to stay away from the trap of using simple passwords just because they are easy to remember.

There exist such people who use passwords such as ‘password’ and ‘123456789’ to protect their accounts. Even though it is not an easy take guess even these, these kinds of passwords make for a weaker security perimeter for your account.

Watchtower will analyze your password on a variety of basis such as the length, the use of characters, the use of symbols, etc. and then deem it is a weak or strong password.

If you are found using any weak password, then the Watchtower will send you an alert about it from this section. You can then take help of 1Password’s password generator to replace the weak password with a strong one.

Unsecured Websites

Most of the services make use of HTTPS protocol instead of the regular HTTP protocol when they ask users for sensitive information such as their passwords and credit card details.

The ‘S’ in HTTPS stands for safe, and the information which the user enters in this protocol is first encrypted, and then transmitted through the internet.

This way it becomes very tough the make out the contents of the data packet, and the user’s credentials stay safe.

So, it is always recommended to use only those URLs which have an HTTPS protocol when it comes to providing some sensitive information to the service.

There may also be a case when the website does support the HTTPS protocol, but the URL saved in your vault specifies only the HTTP protocol. In such a case the URL needs to be updated.

The Watchtower will notify you about any unsafe websites which you are using when providing any confidential information to the site.

If the website supports HTTPS, all you need to do is update the URL saved in 1Password. But if there is no HTTPS protocol usage, then you should look for a secure alternative to the service.

Inactive 2FA

We all realize how much of a lifesaver Two-Factor Authentication (2FA) can be when it comes to the safekeeping of your private data in case someone is able to know your password.

 You can use 2FA to enhance the security of your 1Password account as well, and we will discuss it in the later sections of this review.

Services have started to avail the option of Two-Factor Authentication to the customers as they appreciate the robustness it adds to the overall security of the system.

Two-Factor Authentication is still an optional feature in most of the services, and it is not enforced upon the users.

There might be a slight inconvenience of having the authenticator or the device having the authenticator application with you all the time when using 2FA. But the merits weigh a lot more than the demerits.

However, a lot of people still choose not to use it while there are also a few who are unaware that the service upgraded to 2FA.

This section of the Watchtower will help the latter section of users.

The Watchtower will notify you about those services in your vault which have a 2FA support, but there is no one-time password for it on the 1Password.

1Password can be used to manage 2FA, and it makes it easy for the user to enter the one-time passwords from the application.

But we would suggest that you use a different service for 2FA as the password manager already contains all the passwords.

It will make for an easy opening into your accounts if the same service is handling both the passwords and the one-time passwords for 2FA.

So, you can choose to start using 2FA on the service about which you got notified.

If you were already making use of 2FA from some different application, then all you need to do is add the 2FA tag to remove the item from the Watchtower list.

Expiring

The Watchtower not only keeps you away from cybersecurity threats but reminds you to renew your important documents if they are close to the expiration date.

If you mention the expiration date of the documents saved in your vault, the Watchtower will ping to get them renewed before they expire.

This feature can turn out to be very useful in the long run. Some documents may have expiration dates set to years later from today, and it will be difficult to remember to renew them at the right time.

1Password will send you an alert before the expiration of documents so that you don’t run into any trouble because of an expired document.

Password and driver’s license are examples of documents which should always be renewed before they expire.

You will be notified nine months before your passport expires, and for the rest of the documents such as credit card and drivers license, the notification period is two months.

The section will tell you about those documents which have already expired and need replacement.

The Watchtower makes you stay on top of any security breaches, irregularities, and anomalies in your profiles across all the items saved in your 1Password account.

It makes 1Password more than just a password manager by preventing mishaps before they even occur.

Safe Sharing

We feel that 1Password provides one of the easiest ways to share items on the password manager.

But let us first understand why would we ever feel the need to share information on 1Password when so many options are already available to do so.

One generally uses emails and instant messaging services to share data. Some people even keep their passwords and other documents saved in the draft folder of their email accounts.

Well, that’s a terrible idea. These services don’t have as robust security as the password managers. And since the data is not encrypted while transmission, there is always a chance that it may get compromised while you are sending it to someone else.

Another drawback of using these services is that they end may end up creating a lot of duplicates of your sensitive information and save it all over on your device and their servers.

This can complicate matters to a large extent. If you ever send a password to one of your family members or your colleagues, you may have no idea about how many copies of it were created in the process and where are they saved.

These will never be an issue when you share passwords and other sensitive information using 1Password. They use secure methods when dealing with your information.

The information never leaves the device in its original form and is always encrypted. The encryption used in this case is AES 256-bit which is the best one can get.

To enable the recipient to access the content, the manager would first need to decrypt the material back to its original form.

For this, they take the help of Public-Private key generation mechanism. The service provider has discussed this whole process in great details on the paper on Security Design which can be easily found on the 1Password website.

However, it is a rather complicated process, and if you don’t have that much of a technical background, then it all might seem like some gibberish to you.

Let us help you understand the process though. Every vault on the manager gets two keys; one public and one private. 1Password makes use of the public key to allow the recipient to access the content of the shared vault.

Let us also address the part where we mentioned that sharing information on 1Password is easy.

When you want to share information with other people on 1Password, you need to create a separate vault for it.

Once you create the vault, copy all the information you want to share from your private vault to this vault. Then you need to invite the people with whom you want to share the content.

Once these people accept the invitation, they will also have access to the contents of the vault you shared.

The password manager allows you to manage the extent of access that the recipients get. The permission level has been divided into three categories.

The basic one is ‘Allow Viewing.’ The recipient will only be able to view the content in the vault and would not be able to modify it in any way.

The next level is ‘Allow Editing.’ The name suggests the function itself. The recipient will now be able to make changes in the content of the vault and even delete the content.

Finally, there is ‘Allow Managing’ permission level which lets the recipient grant and revoke the access to the vault from other people.

You always have the option to revoke someone’s access to the vault you shared on 1Password. You also have the option to delete the vault at any time which will then remove it for the recipients as well.

However, you cannot delete the already available ‘Shared’ vault from the manager which is present in the client by default.

There is a complete guide on how to share content on 1Password available on the support page of the manager.

Emergency Alert!

Well, we don’t know a better way to tell you this so we will just tell you anyway. 1Password did not take care of emergencies.

Their model of dealing with emergencies is entirely different than the ones used by the other players in the password manager business. And 1Password’s way of dealing with emergencies is not very efficient.

Unlike other password managers, 1Password gives you an emergency kit when you create an account on the service. This emergency kit is nothing but a pdf file which contains login credentials for your 1Password account except the Master Password.

1Password expects you to save a soft or hard copy of this emergency kit and fill in the empty Master Password slot in the kit.

The kit is supposed to help you in case you are unable to sign-in into your 1Password account or forgot the Master Password.

We know that this sounds like a good enough plan, but you can never predict the emergency. Maybe the circumstances will be such that you cannot access the account yourself and want someone trustworthy to do it for you.

One can make an argument that the user should then inform the trustworthy person about the emergency kit and tell them how to use it.

Yes, that can be done but doesn’t the idea of storing sensitive information on a piece of paper or in a device beats the whole idea of using a password manager?

If this were the way to go, then everyone would have saved their passwords and other information on their devices or written it down on a piece of paper.

1Password seems to be going backward when it comes to emergency access.

However, it would also be unfair to blame them of not having any sort of online emergency access mechanism at all.

But the current emergency access system on 1Password works only for a family or a team setup. And in this system, the other person does not get access to the content in your vault, but only helps you with setting up a new Master Password and secret key.

So, in this case also, if the user cannot use his/her account for some reason, then no one else also can do it for the user.

This is again not an excellent method of dealing with emergencies. The extreme cases which involve accidents and deaths will leave the user’s acquaintances with no access to his accounts.

The other password managers allow the user to have some emergency contacts in his/her account, and these emergency contacts can access the user’s content stored in the manager in case there is an emergency.

Some of these password managers also allow to setup various permission levels even for the emergency contacts.

We feel that 1Password does not look good standing apart from the rest of the password managers when it comes to emergency access.

The makers of 1Password should realize the fact their method to deal with the emergencies is not as efficient as the method used by others is.

We will welcome a move by 1Password which involves the addition of emergency contacts in the password manager.

To know more about the recovery process using the emergency kit and the one possible with the team and family setup, you can visit the support page of 1Password.

Two-Factor Authentication

Password managers generally rely on the Master Password for allowing access to the user’s account.

This method of securing the user’s account has its own pros and cons. The advantage is that there are not many ways to get into the user’s account while the disadvantage being that there is too much dependence on the Master Password.

If someone is able to get their hands on the Master Password, then there is no coming back, and all of the user’s data will be compromised.

Two-Factor authentication seems to be an apt solution to this problem. It adds in one more dimension in the security of the user’s account.

1Password allows the user to activate Two-Factor authentication on the manager so that the user can be surer about the safety of his/her account.

1Password itself provides the Two-Factor authenticator for the user to sign-in to other services, but we would strongly recommend the user to employ some other authenticator to sign-in into 1Password.

Using the manager’s authenticator itself won’t make much sense. 1Password allows the user to make use of any authenticator service to access the account.

Some of the popular authenticators available are Authy, Microsoft Authenticator, Google Authenticator, etc.

Once you have chosen a suitable authenticator and done setting it up for your 1Password account, next thing remaining will be to use it along with the Master Password for your account.

The support page for the manager avails the guide to setup Two-Factor authentication for the manager.

When you have got the Two-Factor authentication enabled, the manager will ask you for an additional 6-digit numeric password every time you login into the service.

This numeric password will be time-based and renews after a set interval of time. The infiltrator will not only need to know about your Master Password but will also need access to the device on which you get this One-Time password delivered from the authenticator.

Secure Architecture

Password managers are used for storing sensitive information such as passwords, financial documents, product keys, etc. Therefore, it is essential that there is no stone left unturned when it comes to securing the password manager.

1Password repeatedly claims that the manager has employed all the necessary security measures which are on par with the industry standards.

Let us try to examine what these standards are, how they will keep your information safe and away from the reach of the attackers.

Just like in most of the password managers, 1password also uses a Master Password to allow the user to access his/her account.

Master Password is used in conjunction with a secret key to keep your data protected. The secret key is unique to every user, and even the service provider has no knowledge of it.

The secret key is stored in the devices that you use to sign-in into your 1Password account, and it is also present in the ‘emergency kit’ that you get when you create an account.

Both the Master Password and the secret key are used to generate the deciphering key for all the content in the vault.

None of the content and information provided by the user is stored in the 1Password servers in their original form. First, all of the data is encrypted with AES 256-bit encryption algorithm, and then this encrypted data is transmitted to the servers for storage.

AES 256-bit is military grade encryption, and the encryption makes it impossible to know the content without the deciphering key.

The deciphering key is generated with a combination of the Master Password and the secret key. 1Password uses additional measures to make it tough to guess the decryption key.

It uses PBKDF2 as an additional security layer which the hacker needs to pass through before reaching the actual content. PBKDF2 increases the number of iterations needed to reach from the Master Password to the key.

It makes it almost impossible for the hacker to go through this one step alone because of PBKDF2, and 1Passworrd uses it to increase the safety of both the content and the Master Password.

If you are interested, then all the technical details about the measures mentioned above are available on the support page of the service.

And this is not even all that 1Password has got to offer in the security section. They also provide a lot of additional security features to make sure that the user is out of the reach of most of the hackers and attackers.

1Password automatically removes the password from the board so that no can copy it somewhere else and retrieve it. It also eliminates the possibility of any tool saving your clipboard history.

Another one of the features is code signature verification. The manager makes sure that you are entering your login credentials in a safe browser and not in one which has been tampered.

Auto-lock ensures that no one can snoop around in your device if you leave it unattended for more than a while. Secure input fields are used to keep your data away from the reach of tools such as keystroke loggers.

We feel that it is a nearly impossible task for anyone to bypass the security features employed by 1Password and get into the data saved by the user on the manager.

Password Generator

Having a strong password to safeguard your account is imperative for keeping it secure. It is also common advice from all the security experts that one should always strive for a complex password.

It curbs the danger of brute force attacks on your account if you have a password which is random and contains a mix of a variety of characters and symbols.

For some people, it might be easy to press some random keys on the keyboard when it comes to creating a new password. However, even this method might turn out to be futile if some attention is not paid to the randomness.

If you are planning to hit the keyboard with your paws or let your pet do it for you in order to generate a random and complex set of characters, then you may not end up getting the desired results.

A password generated by such means is most likely to miss a combination of upper-case and lower-case characters, symbols, and possibly numbers as well.

If you are planning to take care of all these issues by typing in the characters yourself, then it will turn out to be a tedious task for sure.

1Password provides you with its password generator which takes care of all these issues and generates strong and complex passwords for you in just a click.

It takes care of all the requirements of a strong password and allows you to factor in some of your preferences as well.

You can choose the length of the password, choose between words and characters, and allow digits or symbols or ambiguous characters as per your wish.

To make sure that you don’t meddle too much with the settings available and end up having a weak password for the account, the generator also comes with an indicator for the strongness of the password generated.

Once you are sure that it is a strong password indeed by confirming it with the password strength indicator on the generator, you can copy it directly from the clipboard and paste it in the area marked for the password.

However, it would have been a lot easier for the user if there was a fill button on the generator.

Password generator provided by 1Password is a handy tool especially with all the different settings available in the generator.

Customization

It is always a good feeling to have some options at your disposal, be it with having more sections in the vault or more theme settings in the client.

1Password addressed this general emotion of the user brilliantly. They have provided enough customization options to keep the user interested.

When you open the settings window of the client, you will realize that the service provider has been so generous with the options on the client.

The window has been divided into various sections, and each section serves the user with a different set of customization options.

The first section is ‘General,’ and it deals with various options related to starting the client and using the manager. This section also contains hotkeys for various functions of the client such as filling in the credentials and opening the client.

The next section is ‘Security,’ and gives the user various options related to the security measures available on the client. These options include concealing passwords, change the auto-lock settings, clearing of clipboard contents, etc.

 

The following section is called ‘Watchtower,’ and it allows the user to start or stop various security tests that the watchtower carries out to check the security of the client’s accounts. The same options are available on the Watchtower dashboard as well, and the user can make these adjustments in the Watchtower window as well.

The next section is ‘Vaults.’ This one allows the user to choose which vaults will be displayed on the home screen when the ‘All vaults’ option is selected. You can also choose the default vault for all your autosaves and the new saves.

The ‘Browsers’ section lets you deal with the necessary setting for the browser extensions of the client. It displays the status of all the browser extensions in sync with your account and gives you the option to download browser extensions for the remaining browsers.

You also get to make the necessary changes in the autofill and autosave features used on the browsers. The section gives you the option to turn them off.

1Password automatically creates a backup of your data saved on the manager. The ‘Backups’ section lets you access those backup files.

The ‘Updates’ folder lets you check the status of the client, and you update the client if possible, using this section.

The ‘Advanced’ section lets you use a proxy server for the manager, and there is also an option available to enable EFS (Encrypting File System) for when the files are saved.

All these customization options that we just discussed are available along with the other options that we discussed throughout the previous sections.

We feel that 1Password has served the user with enough options and all these options seem relevant to the user experience on the client as well.

Conclusion

So, there are some things that impressed us, and then we have some complains or suggestions for improvement as well.

However, the impressive stuff outweighs the suggestions, so that is a thing to commend as well.

Starting from the top, the storage mechanism, the vaults divided into so many sections, and the availability of multiple vaults help the user store data on the manager in a neat and orderly way.

It helps a lot when the user can create a separate vault altogether to share the contents of it rather than doing so from a single vault.

The Watchtower is an excellent feature available on the client and takes in a lot more things into consideration compared to an average password manager to keep the user’s data safe.

We felt that the password manager could have adopted some better way to provide emergency access to the user. Currently, the system relies on an emergency kit; it does not seem to be an effective way at all.

The password manager performed well in most of the sections, and it also helps that is available on so many platforms.

It will not be a bad decision at all to go with this service. But our only concern is when there will need for emergency access, and all will rely on an emergency kit.

Top Features

Core Features
  • Password Creation
  • Website Logs
  • Convenient Security
  • Browser Extensions
  • Strong Password Generator
  • Organizing Vaults
  • Secure Notes
  • Watchtower Security
  • Adding Tags
  • Unique Passwords Generator

Specifications

Platform Support
  • Mac
  • Windows
  • Web
  • iOS
  • Android
Pricing Model
  • One Time Price

Visibility

Overall Visibility Score 67.88

Score Influencers

  • Overall
  • Facebook
  • Twitter
  • Google Plus
  • Website Mentions
  • Estimated Visitors

Company Information

Company Name: AgileBits, Inc.

Founded In: 2006

Address: 208 Adelaide Street West, Toronto, ON, Canada

User Reviews (1)

Review By:

Neha Sharma | Submitted On: December 31, 2015, 4:37 pm

Pros:

Been using 1Password since 2009. A complete password management solution with lots of features. Very sleek UI. Dropbox and Wifi sync is awesome.

Cons:

Often slow and sometime takes time to open in Firefox as well as in Chrome. Bigger updates require new license to buy. No all in one license for multiple platforms.

Overall:

Probably the best solution for password management in Mac. Can't expect more for the price you get it. Constantly evolving. Highly recommended!!

Rating:

Submit a Review

(Rating)