1Password is a comprehensive, easy-to-use password manager. It includes all of the standard features that make a password manager worthwhile, like autofill and a unique password generator. However, it lacks some security features that other password managers offer.
How It Works
1Password acts as a kind of “vault” for all of your passwords and other sensitive information like credit card numbers, bank information, social security numbers, and addresses. Like other password managers, 1Password requires that you have a master password that gives you access to the vault. But 1Password also gives you something called a “secret key” when you sign up. It’s a unique string of numbers and letters, and while you don’t need the secret key every time you login, you will need it if you ever want to access 1Password from another platform or device.
How To Install
1Password will ask you for your email address when signing up. Once you have verified your email address, you will be given the option to enter a credit card for a “seamless transition” out of the initial 30-day free trial, but you can also choose to skip this step. Next, it will provide you with your secret key, a unique string of letters and numbers that you will need in order to access 1Password from other devices. But do not write it down; should you need it, 1Password provides a PDF document called a “security kit” that you can download, which has the secret key.
You will then be prompted to make a unique master password. For maximum security, you can have 1Password generate a complicated one for you. You can customize the generated password by choosing the number of words and the symbol you would like to use to separate them. Once you land on a master password, 1Password has you practice typing it before confirming both your master password and your secret key.
Browser Extension and Desktop App
When you sign up for 1Password, it is not automatically installed as a browser extension. Make sure you install the extension in order to utilize 1Password’s autofill features. To do this, go to the Get the Apps section, and click on the correct link. As soon as I downloaded the extension, I noticed that my browser immediately started freezing for short intervals of time. (1Password does mention that they are currently in private beta testing for a new extension, so that might be why it’s a little slow from time to time.) You can also download it as a desktop app. When logging onto the app, it will ask you for something called a “user address,” which is kind of confusing, but you can find that information under “My Profile” when you’re logged onto the browser version.
Overall, 1Password’s interface is pretty self-explanatory and easy to navigate. However, there are some features that could be more intuitive and more organized. For example, you can’t really make folders for your passwords. So if you wanted separate folders for things like “email passwords, “streaming service passwords,” “social network passwords,” etc., you can’t do that. The navigation menu on the left does automatically separate the vault into different sections like Logins, Secure Notes, and Identities, so there is some organization. As you add more information, like a credit card, it will add those categories to the navigation menu. But if you are super meticulous about having folders and labels, you don’t have as many options to compartmentalize.
You can, however, create different vaults, and compartmentalize your passwords that way. For example, you can have a personal vault for your personal email, social media, etc., and then a separate business vault for your work email and other work related logins. There is also an option called all vaults, where you can view all of your items from across all of your vaults in one place.
With 1Password, it’s easy to change your password for nearly any login using the 1Password extension. Go to the login page for the password you want to change, click on the extension, and go to password generator. 1Password then generates a strong, unique password using your choice of either words or characters. It also allows you to customize the length, number of digits, and number of symbols. You can also use a quick-fill shortcut: Command-Backlash (\) on a Mac or Ctrl + Backlash (\) on a Windows PC.
1Password has a feature that allows you to use 1Password as a component of another website or service’s two-factor authentication, although setting it up can be confusing. First, make sure you have enabled two-factor authentication for whatever website you wish to use it for (the example 1Password provides on their website is Dropbox). Then, select the login for that website on 1Password, type anything into one of the new field sections, then select one time password to the right of it. This will create a unique six-digit code that you can use in your two-factor authentication for that site. Then, open the QR code scanner and drag it to the website, which you will manually scan. Click save, and you will be asked to confirm your one-time password by entering the six-digit code. From then on, you can use a unique six-digit code that changes every 30 seconds for that website’s two-factor authentication.
Ultimately, this creates a fast and easy two-factor authentication option that doesn’t require the use of another device, but the amount of time it takes to set it up probably isn’t worth it if you can just use your phone.
The Emergency Kit is a PDF document that 1Password creates when you sign up. It includes all of your account details, including your secret key and your master password. Essentially, it’s just an alternate way of writing down your master password in case you forget it. They recommend printing it out or keeping it on a USB drive; keeping the document on your computer will make it easier for attackers to access.
Travel Mode is a unique feature offered by 1Password that allows you to tactically choose which passwords or documents you want to be hidden on your computer. This feature provides maximum security if you are traveling between countries and are required to show your computer to customs officials or government agents. Essentially, it completely erases all sensitive data from your devices.
1Password has an auto-lock feature that automatically logs you out of your 1Password browser or app after ten minutes of inactivity.
1Password automatically syncs information across all devices that have 1Password installed. So, if you add a password to your vault using the web extension, it will appear in your vault on your mobile app as well.
1Password Families allows individual family members to have their own accounts with their own personal vaults, while having one vault that the entire family has access to. The person designated as family organizer has control over which members have access to certain information.
1Password Teams is the business version of 1Password that allows shared access to a vault and allows administrators to manage who can view, edit, and create information using the Admin Consol.
One of the biggest security drawbacks of 1Password is its lack of two-factor authentication. Strangely enough, you can use 1Password as two-factor authentication for another website, as explained above, but you cannot use it as a means of protection for your own 1Password account. Two-factor authentication has become an increasingly popular security tool, with many businesses and universities requiring it for their employees and students, so the lack thereof definitely raises some questions.
On their website, 1Password claims that using a secret key is more secure than two-factor authentication because it is encrypted locally and also has 128 bits of entropy, making it nearly impossible to guess. So essentially, the master password protects the data on your device, and the secret key protects data off your devices because it cannot be decrypted. But even so, having two-factor authentication would offer even further protection, which can only be positive.
Unlike other some password managers, 1Password does not offer the option to run security tests to catch duplicate or weak passwords across your vault. This isn’t as big of a deal if you are generating your passwords using 1Password anyway, but if you choose to create your own passwords, you won’t have this bonus feature.
The mobile app is compatible with both iOS and Android. The interface is clean and easy to use, and information is automatically synced across devices. It also works with Touch ID, which is a nice added layer of security.
- Regular: 30 day free trial, then $3/month billed annually
- 1Password Families: $5/month billed annually, up to five family members, + $1/additional family member
- 1Password Teams: $4/user for Standard, $12/user for Pro, custom pricing for Enterprise
Who It Might Be Good For
- Users who want a password vault for multiple family members to share
- Users who prefer 1Password’s master password/secret key combination for security
- Anyone looking for a feature like 1Password’s Travel Mode, which allows users to remove sensitive data from all devices
Who It Might Not Be Good For
- People who don’t want to pay for a password manager
- Users who prefer two-factor authentication for security
1Password is great for anyone looking for a standard, easy-to-use password manager. The 1Password Families option is also a great way for parents to retain control over what information their kids have access to in the family vault, while also leaving room for independence since they also have their own, independent vault.
If you’re extra cautious about security, there isn’t necessarily anything wrong with 1Password, but some may prefer two-factor authentication, which is offered by 1Password’s biggest competitor, LastPass. You also aren’t necessarily going to learn any password management skills by using 1Password, because the manager takes care of everything for you.
The biggest factor may come down to price: some other password managers (like LastPass) offer completely reasonable free tiers, and 1Password requires a paid subscription after a free trial.