Home » Security

1Password Review 2021

What is 1Password?

1Password is a password manager that helps you in storing and using strong passwords. It saves all your passwords in one place and lets you log in to your accounts with just one click. It has plans that are suited for almost all people.

It has impressive features like two-factor authentication, unlimited item storage, and shared vaults, 1 GB of data for each person, apps for Android, Linux, Mac, etc. The features increase significantly in Business plans.

Humans have become forgetful thanks to technological advancement. There are hardly a few people who could remember the phone numbers of their siblings, friends, or even spouses. All is hunky-dory except when it comes to passwords. It would be best to remember several accounts’ passwords – be it social media, your mail ids, your websites, etc.

The simple solution is to note down on a cumbersome piece of paper because you need to type in your password every time you log in. Going for the option ‘remember the password’ on Google is a little worrying. There may be chances of getting your accounts hacked. What do you do now?

Here come the password managers. They are simple and safe to use. You can feed all your passwords for once and can stay without any worries. 1Password does just that – and it does its job very well. Today, I’m going to everything about 1Password. Let us begin.

Pros of 1Password:

Simple and easy to use.

Apps for Android, iOS, macOS, popular browsers, etc.

Two-factor authentication.

Highly secure.

Great plans for families.

Travel mode.

Standalone vaults.

Cons of 1Password:

No free plan.

Sharing is limited to Personal & Family plans.

The mobile experience is sub-par.

Features

1Password is packed with features. Some of the notable features are 1Password X, Travel mode, 1Password Watchtower, etc. However, 1Password doesn’t have identity theft protection. I will briefly talk about the major features of 1Password.

1Password Watchtower

This feature shows your reused, weak and vulnerable passwords. It shows the overall password strength. It is integrated with haveibeenpwned.com. haveibeenpwned.com allows you to check if your account and passwords have been compromised in past data breaches.

This gives you access to see whether your passwords have been breached or not, and if they have been, then you can change them right away. It also points out risky or vulnerable websites.

Travel Mode

It allows you to lock passwords when you are traveling. When you turn it on, every vault in your 1Password gets locked. The moment you turn it on, the local data of your phone gets deleted. Your passwords remain secure in the cloud, but you can’t retrieve them unless you switch travel mode off.

1Password X

This is one of the strongest features of 1Password. You can get the experience of 1Password with a Chrome or Firefox extension. You can use 1Password on any operating system as long as the OS supports either Firefox or Chrome.

Officially, 1Password accepts only Android, macOS, iOS, and Windows; you can get the full features by using X. This means 1Password X works on Linux and ChromeOS.

Using 1Password X, you can autofill, generate passwords, capture passwords, organize entries, use Watchtower, search your vault, etc.

You can use hotkeys for make your experience on browser more comfortable. Use ‘CTRL + I’ to add a new item and you can use ‘CTRL + F’ to search your vault.

Other Features

Some of the features that 1Password provide are 2FA, AES-256 Encryption, Multi-device Sync, Autofill, Browser UI, Security Analysis, Help Center, 24/7 Support, and Password generator.

User Friendliness

It is easy to sign up for 1Password. Choose a plan, enter your email address and name. 1Password will send a verification code which you have to enter for the sign up to be successful.

It will ask you to fill the credit card details but you can go for ‘add later’ option. It then generates an emergency kit which can be saved as a PDF. It includes your email address, your secret key, and master password. 1Password recommends to enter the master password and then take a print out of the kit and save it somewhere safe, just in case.

Once you save it, you will see different vaults in your 1Password account. It has links through which you can download local applications. You can also see a starter kit.

The starter kit consists of master password, note on basic setting up, and an identity card containing the information you provided during sign up.

Managing Vaults and Entries

You can use as many vaults as you want. You can create separate vaults for your work, your social media, banks and credit cards, personal, etc. You don’t have to set different passwords for each vault. The master password is enough to unlock your vaults.

When you add a new entry, you can choose a category that the entry should go in. You can use tags and favorites to entries. You can keep your vaults as organized as it can get.

Adding Entries

Adding entries in 1Password is cakewalk. Once you choose the vault in which your new entry would go in, you need to just click on the plus icon at the bottom of the screen.

1Password will ask for the category you want to store the entry in. There are a lot of categories that you can choose from. However, you cannot create a new category.

You can add notes and tags to an entry. 1Password suggests some fields to you, but it is totally up to you to change, add, delete the fields.

Usability on Mobile

1Password goes mobile. It has both Android and iOS apps. You can autofill, can do some general password management, and can access travel mode and Watchtower as well.

There is something called Standalone vaults. If you enable the option, you can have vaults on your mobile that cannot be accessed from your main account. In simple words, the standalone vault is a mobile-only vault. It also uses a shorter password.

Security

1Password is not like your average password manager you use every day. While every other password manager out there relies on what is called the master password, 1Password is no exception to that. You will need a master password to use 1Password, and luckily, 1Password has absolutely no knowledge of that password. The master password you create remains locally on your computer. It never reaches the 1Password server.

When you install 1Password on your computer, the application generates a 128-bit secret key, which in combination with your master password and salt, run through PBKDF2-HMAC-SHA256 – a key derivation function to eventually authenticate your account. Essentially, to access your 256-bit AES encrypted Vault, you will need a combination of your master password and the 128-bit secret key. This is what 1Password calls Blur.

Open Standards

1Password uses Agile Keychain and OPVault – two open data formats to create its security architecture. Both Agile Keychain and OPVault are created by 1Password, but they decided to give it out in the open. If you are a developer with the right set of knowledge, you can build a tool that can read those data formats. Does that make 1Password less secure? Not really! Even if you are developing a tool to read the data formats, you will still need to decrypt the file in the first place.

Keeping the data formats open, 1Password ensured that the risk of vendor lock-in is completely lost. What does that mean? It means that if some day 1Password wraps up its business and goes away for good, developers can come forward to create tools to read those file formats and your 1Password license will not become void.

Was 1Password Ever Been Hacked?

Fortunately, 1Password didn’t get hacked from the time of its inception. Even if it gets hacked, there is absolutely nothing on the servers! The largest issue with password managers is the signing in process and how the password manager company authenticates that it is you and unlocks the encrypted data.

Most of the password managers follow the following process: You have a master password. It is used to generate a key and then the key is sent over to authenticate you over an encrypted connection.

1Password goes a step ahead. Along with a two-secret key derivation key, 1Password makes use of secure remote password (SRP) layer which takes place before transit to give more protection.

To say it in layman’s words, your master password doesn’t leave your device even in encrypted form. The process is long but it is better to be safe than sorry.

Pricing

The pricing of 1Password is pretty decent. However, it doesn’t have a free plan. It has two broad categories of pricing structure. The first one is Personal & Family and the second one is Team & Business.

In Personal & Family, there are two plans. The first plan is 1Password and the second plan is 1Password Families.

1Password

1Password is for individuals. You need to pay $2.99 a month (billed annually). 1Password Families is for families of 5. It is billed $4.99 a month, which you have to pay annually. If you want to add another family member, you need to give a dollar more per person.

There is a 14-day trial period for both the plans in Personal & Family.

1Password

In Team & Business, there are three plans which are Teams, Business, and Enterprise.

In Teams, each user has to pay $3.99 per month. For Business, the pricing increases to $7.99 a month per a user. For Enterprise plan, it is custom pricing depending on your requirements.

Support

1Password

The customer support is great. You can get to the employees of 1Password through three ways – its Twitter support, community forums, and email support. There are tons of articles which are highly knowledge articles for users.

You get a faster response via Twitter support or community forums than through email support. In community forums, the 1Password staff reply within minutes irrespective of the time of the day.

The knowledgebase articles are simple and easy to understand. These articles come in different languages too! 1Password even has YouTube videos if you prefer watching videos.

Verdict

If you are willing to pay, then you can blindly go for 1Password. It is a good option if you see the usability, features, and security it provides. However, if you are an individual who has limited accounts, then going for Dashlane or LastPass is better as they have free plans.