© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

1Password Review: how secure is it?

1 password app logo with user interface

Developed by AgileBits Inc., 1Password, as its name implies, unifies all your passwords into an encrypted vault that you can access with—you guessed it—one password.

But 1Password does more than just password management. The app can also act as a secure document vault, a hub for secure notes, and a secured environment to store credit card information and auto-filled form entries.

1Password promises to save hours changing passwords, filling in forms, and more. So how good and safe is this tool at its job? Read the rest of my 1Password review to find out.

Rating:4.7
Price:from $2.99/month
Free version:No
Platforms:Windows, macOS, Linux, Android, iOS

1Password review – pros & cons

Pros

  • Browser extensions
  • Supports most platforms and browsers
  • Dark web monitoring
  • Local storage option
  • Vulnerable passwords check
  • Travel mode
  • Clipboard clearing settings
  • 1 GB of encrypted file storage
  • Two-factor authentication

Cons

  • Autofill is clunky
  • No free plan
  • Lacks sharing capability with non-users
  • No one-click password updates
  • No phone or chat support for lower-level memberships

Visit 1Password to learn more about the features

1Password security review

1Password uses high-level AES 256-bit encryption to keep your data secure. Additionally, 1Password provides a Secret Key — a security code stored on your device that is required to log in your 1Password account. Zero-knowledge policy leaves sensitive information unknown even to the company itself, and Secure Remote Password (SRP) protocol prevents hackers from intercepting Master Password, Secret Key and other transmitted data.

1Password is SOC 2 Type 2-certified by AICPA, indicating secure data management. The most current SOC 2 report is available on request. The company also maintains a private bug bounty program from Bugcrowd, with 387 unique researchers looking for bugs.

1Password password manager maintains recent penetration tests by ISE and security audits by Onica, with past pentests and security assessments completed by AppSec Consulting, nVisium, and CloudNative.

Overall, 1Password designed every feature to make sure only you have access to the passwords, financial and other personal information kept in your account. Multiple security levels protect it from hacker’s attacks and the chances of stealing the data at rest and in transit are next to zero.

1Password features overview

1Password has numerous features that make it one of the easiest and most intuitive ways to share data and credentials between teams. Some of the key features include:

Multiple Vaults

Every 1Password account is broken down into “Vaults”— essentially filing cabinets for your 1Password data items that can be used to categorize the items you store there. A vault can contain form fills, passwords, secure documents, credit card information, and more.

Vaults help 1Password users keep their digital lives organized in a secure way, but vaults are also helpful to share credentials and manage permissions. If a team member or family member is only authorized to have access to certain data and credentials, all of those credentials can be stored in one vault, with shared access to that vault and that vault alone given to the authorized individual.

Interface of Vaults on 1Password

Travel Mode

Vaults also help keep your data safe when you travel. If some data is not secure across national borders, you can activate “travel mode” for family members and team members who will be traveling internationally. Storing “travel-safe” information in separate vaults enabled for travel mode will ensure uninterrupted access to that data, while protecting non-travel-save data by removing the vaults when you cross borders.

Every 1Password account includes Travel Mode. You can toggle it from the “My Profile” account window.

On your “My Profile” page, a “Travel Mode” button is in the lower left.

Instructions how to find Travel Mode on My Profile on 1Password

Once Travel Mode is on, you will need to specify which of your vaults are travel-safe. To identify a vault as safe to access in Travel Mode, go to your home screen and click the “Settings” icon shaped like a gear on the vault you want to set to travel mode.

Once in the settings screen for that vault, set the vault to “Safe for Travel” using the toggle button.

Instruction how to set Vault as Safe to Travel

1Password X

To streamline your workflow with 1Password, your browser can be armed with 1Password X, a browser extension available for Chrome, Firefox, and Microsoft Edge.

Once the extension is added to your browser of choice, logged in, and activated, it becomes easy to both add and access data to 1Password. For example:

  • A 1Password icon will appear on browser forms. If data has been entered into 1Password tied to that web domain—for example, login credentials—those credentials will be accessible at one click thanks to the extension.
  • 1Password X can recognize credit card fields, address fields, etc. and supply suggestions from 1Password as a dropdown, substantially speeding up your form filling.
  • When entering passwords, credit card information, or form information for the first time, 1Password X will give you the option to save that data to your 1Password account, including selection of which vault to save it to.
  • Instead of having to come up with unique passwords, 1Password X will give you the option of generating unique and secure passwords for you, which it can then save to your vault immediately.
  • 1Password X can search your vaults from your browser.
  • 1Password X can add two-factor authentication to any secure workflow governed by data in your vault.
  • The extension is armed to drag-and-drop data stored in 1Password to the relevant fields.

1Password is powerful on its own, but adding 1Password X to your browser of choice makes it even more powerful and easy to use.

Watchtower

Watchtower is a suite of security tools that comes with every 1Password membership. At a glance, Watchtower can alert you to any weaknesses in your security ecosystem, including passwords that need to be changed or strengthened, compromised logins, and security updates from websites you store credentials for.

Every vault has a Watchtower item in the left hand column which you can use to view the status of items within the vault. Watchtower can check the security status of individual websites.

Instructions how to access Watchtower

Plans & pricing

1Password pricing starts at $2.99 per month, billed annually. There is no free version, but you can opt-in for a free 30-day 1Password trial. This should be plenty of time to find out whether the service fits you. If you decide that it would be worth the price, here’s what you get with the paid plans.

VersionFeaturesPrice
Personal (1 user)Unlimited passwords, 1GB document storage, 24/7 email support, 365-day item history, Travel Mode, 2FA$35.88/year
Families (5 users)Everything in Personal + sharing of passwords, credit cards, and secure notes, family member permission management, account recovery$59.88/year
TeamsApps, unlimited passwords, items, and shared vaults, admin and permissions control, 2FA, 24/7 email support, 1GB document storage per user, 5 guest accounts$47.88/year
BusinessEverything in Teams + VIP Support, 5GB document storage per user, 20 guest accounts, custom security controls, activity log, custom roles, usage reports, custom groups, Active Directory, Okta, and OneLogin provisioning$95.88/year
EnterpriseEverything in Business + custom services for your enterpriseCustom

Personal Plan

Pricing: $2.99 per month, billed annually, i.e. $35.88

Included:

  • Mac, Windows, iOS, Android, Linux, and Chrome apps
  • Unlimited passwords and items
  • 1GB document storage
  • 24/7 email support
  • 365-day item history
  • Travel Mode for security abroad
  • Two-factor authentication

Families Plan

Pricing: $4.99 per month, billed annually, i.e. $59.88

When it comes to the 1Password Families plan, you get all the features Personal plan users do, as well as:

  • Support for a family of up to five
  • Sharing of passwords, credit cards, and secure notes
  • Manage family member permissions
  • Recover accounts for locked out family members

Teams Plan

Pricing: $3.99 per month, billed annually, i.e. $47.88

Included:

  • Mac, Windows, iOS, Android, Linux, and Chrome apps
  • Unlimited passwords, items, and shared vaults
  • Admin and permissions control
  • Business-wide two-factor authentication through Duo Integration
  • Friendly 24/7 email support
  • 1GB document storage per user
  • 5 guest accounts for limited sharing

Business Plan

Pricing: $7.99 per month, billed annually, i.e. $95.88

When it comes to the Business plan, you get all the features Teams plan users do, as well as:

  • VIP Support
  • 5GB document storage per person
  • 20 guest accounts for limited sharing
  • Advanced Protection custom security controls
  • Fine-grained access control for each vault
  • Activity log to track changes
  • Custom roles for delegation
  • Usage reports to create an audit trail
  • Custom groups to organize teams
  • Active Directory, Okta, and OneLogin provisioning

Enterprise Plan

Pricing: By customized quote.

You get all the features Business plan users do, plus:

  • Custom services for your enterprise

Ease of use and setup

Setting up 1Password is quick and easy. Start by selecting your plan.

Once you choose your plan, you must enter your email address and receive a six-digit authentication code to proceed to account setup. The code arrives immediately in the inbox of the email address you enter.

Interface of authentication process while setting up an account on 1Password

Once you authenticate your email address, you must enter your name and your “master password.” This is the one password you will have to remember once 1Password is your go-to password manager. It is the encryption key for your entire 1Password ecosystem. If a hacker obtains your password, he or she has access to everything, so guard it carefully.

The advantage is that if you can guard this password, a whole universe of unique passwords can be stored in your encrypted 1Password vaults.

After you enter your master password, you must enter credit card information. All plans offer a 30-day free trial, but you will have to add credit card information to activate the free trial. If you don’t like 1Password, you have to remember to cancel the plan to avoid a charge on your credit card for an annual plan.

Once you enter your credit card information, the app prompts you to download an “emergency kit,” a one-page PDF that includes a sign-in address, a 38-digit secret key, and a QR code you can use to set up or retrieve your account in an emergency. Make sure to save this in a safe, secure place! If you store your secret 1Password information in an unsecure place, it defeats the purpose and makes your whole vault vulnerable.

Once you download your emergency kit, you’re in! Your 1Password account is ready to roll.

Interface after successfully completing registration on 1Password

Managing 1Password Vaults

The “vault” is the basic workspace in 1Password. From the home screen, you can create a new vault from the “+ New Vault” button in the upper left hand corner. Once you hit the button, the app will prompt you to give your vault a name and an optional description.

Interface how to create new vault

Once you name your vault and create it, the vault will appear as a tile on the home screen, starting in the lower half of the page. As you add more vaults, more tiles will appear.

Clicking on the vault tile will take you to the main screen of that vault, which is divided into three columns—a control column on the left, a middle column for the list of items in your vault, and a larger right hand column where you will see the item details once added. It resembles a cross between a WordPress admin panel and a Finder window.

Vaults are helpful for credential management because family-member or employee access can be partitioned by vault. If someone is only authorized to access certain information, they can be granted access only to certain vaults.

Adding entries to 1Password

Once you have your vaults defined, it is time to add some items. You can add items using the “+” icon on the bottom of the big lefthand field of the vault. Once you click on that button, a long list of potential items appears.

Adding items to a vault

Here’s where the fun starts. If you want to select a password, you can give it a title (for example, “Gmail”) and add the password, websites, labels, tags, and other information.

Once you “save” the item, it appears in the middle column, where you can select and edit it.

If you want to add a credit card, select “Credit Card” from the “+” menu, and a form appears where you can enter credit card information.

Once you save the information, your credit card appears in the middle column below the password entry you previously added.

Appearance of a newly created credit card information entry

If you highlight the star beneath the item title in the large item column, it becomes a “Favorite,” which can be filtered using the “Favorites” item in the left hand column.

Importing data to 1Password

It is possible to import data from other apps into 1Password, making it easy to transfer over files from Chrome, other 1Password accounts, or apps like LastPass, Dashlane, RoboForm, or Encryptr.

To import data, click on your member name (usually your first name) and find “Import” on the dropdown menu that appears.

Once you arrive at the import page, select the vault you want to import data to, and the app you will import from.

Instructions how to import data to a vault from an app

You will next be taken to a page where you can upload the CSV file downloaded from the app. Once you upload the CSV file, 1Password will import the data into the correct item format in the selected vault.

1Password mobile apps

1Password offers mobile apps for the iOS and Android operating systems. These apps allow you to save and autofill passwords from your linked 1Password account, as well as autofill forms.

You may have to enable the autofill function in settings. When filling out a new form or login credentials, the activated app should prompt you with the option to save the credentials in 1Password for later recall. Your saved 1Password credentials are side-by-side with other saved credentials. You may have to search passed saved in-app credentials to get to your 1Password credentials.

Support

1Password maintains an extensive FAQ and searchable user forum, which can be used to find answers to common questions.

For more complicated questions, 1Password maintains support channels by email, Twitter, and forum response. It would be nice to see phone or chat support available in the event of hard-to-resolve issues. VIP support is available for business plans or higher, but for most users, a relatively-fast but not instantaneous email support architecture is the best option.

Linked 1Password accounts create interchangeable data that can be accessed on mobile devices, desktop devices, any devices signed in to the 1Password account.

1Password review summary

1Password is a secure, reliable and user-friendly password manager. Its main focus is the security of your data, and 1Password does a great job keeping it safe. It may lack a free version and some nice-to-have features like one-click password updates, but the quality of service 1Password provides makes for it. And speaking of pricing, you may find 1Password costs very reasonable even when compared to other top-ranked password managers.

See how 1Password compares to other password managers

LastPass vs 1Password: which is better?

Dashlane vs 1Password: which do we recommend?

FAQ

Can 1Password be trusted?

1Password uses end-to-end encryption and complies with industry-standard security controls, as well as multiple public security controls. Its certifications are available upon request, and it has submitted to multiple penetration tests and security assessments. It has passed all of them with flying colors.

The biggest security concern with 1Password is actually on the user side—that is, you. By trusting 1Password, you are committing all your private data to a single point of failure—your master password. If a cybercriminal gets that password, (s)he has access to everything. So guard your master password carefully!

Is 1Password worth it?

1Password is definitely worth it. Considering how safe is 1Password, even if it does not offer a free version like LastPass, for example, it provides all the must-have features you’ll ever need. And for a company or a family that needs to share permissions, 1Password is the only way to go and definitely worth the money. Once you get the hang of it, you will wonder how you ever lived without it.

Can I use my 1Password account on all my devices?

Yes, once you set up your 1Password account, you can download the correct app for the device in question—mobile app, desktop app, browser extension, etc.—and access all the data saved in your 1Password account from your mobile device.

When using a different computer, you will have to download the app or install the browser extension and log in. Once this is done, you will have access to all your 1Password data.

Do I need the desktop app?

No, you can access 1Password entirely from the web as a Cloud service (SaaS) using 1Password.com. For users who prefer the desktop app, however, it is available for MacOS, Windows, Linux, and Chrome OS.

Do I need the browser extension?

No, but using the 1Password X browser extension makes 1Password data storage and retrieval much more seamless. 1Password X is available for Chrome, Firefox, and Microsoft Edge.

Related articles:
Leave a Reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Subscribe For Security Tips And CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!

© 2020 CyberNews – Latest tech news, product reviews, and analyses.