1Password leads the pack in a class of apps that means to solve the problem of password insecurity, automating the process of maintaining secure, unique, unguessable passwords for individuals, families, and organizations.
Developed by AgileBits Inc., 1Password, as its name implies, unifies all your passwords into an encrypted vault or series of vaults that can be accessed with—you guessed it—one password.
But 1Password does more than just password management. The app, compatible with all the most popular operating systems, can also act as a secure document vault, a hub for secure notes, and a secured environment to store credit card information and auto-filled form entries.
By securely storing this sensitive information, 1Password promises to save hours changing passwords, filling in forms, and collaborating on confidential projects.
So how good is this tool at its job? Read the rest of this 1Password review to find out.
|Free version:||No||Platforms:||Windows, macOS, Android, iOS|
1Password pros & cons
- App compatible with the most popular operating systems, including macOS, Windows, Linux, Chrome OS, iOS, and Android
- Trusted by over 60,000 businesses and 15 million total users
- Browser extensions
- Easy onboarding and setup
- Simple password importation
- Easy account sharing
- Lots of categories
- Excellent security
- Autofill is clunky.
- No free plan.
- Lacks sharing capability with non-users.
- No one-click password updates.
- No phone or chat support for lower-level memberships.
1Password has numerous features that make it one of the easiest and most intuitive ways to share data and credentials between teams. Some of the key features include:
Every 1Password account is broken down into “Vaults”—essentially filing cabinets for your 1Password data items that can be used to categorize the items you store there. A vault can contain form fills, passwords, secure documents, credit card information, and more.
Vaults help 1Password users keep their digital lives organized in a secure way, but vaults are also helpful to share credentials and manage permissions. If a team member or family member is only authorized to have access to certain data and credentials, all of those credentials can be stored in one vault, with shared access to that vault and that vault alone given to the authorized individual.
Vaults also help keep your data safe when you travel. If some data is not secure across national borders, you can activate “travel mode” for family members and team members who will be traveling internationally. Storing “travel-safe” information in separate vaults enabled for travel mode will ensure uninterrupted access to that data, while protecting non-travel-save data by removing the vaults when you cross borders.
Every 1Password account includes Travel Mode. You can toggle it from the “My Profile” account window.
On your “My Profile” page, a “Travel Mode” button is in the lower left.
Once Travel Mode is on, you will need to specify which of your vaults are travel-safe. To identify a vault as safe to access in Travel Mode, go to your home screen and click the “Settings” icon shaped like a gear on the vault you want to set to travel mode:
Once in the settings screen for that vault, set the vault to “Safe for Travel” using the toggle button.
Browser Extension – 1Password X
To streamline your workflow with 1Password, your browser can be armed with 1Password X, a browser extension available for Chrome, Firefox, and Microsoft Edge.
Once the extension is added to your browser of choice, logged in, and activated, it becomes easy to both add and access data to 1Password. For example:
- A 1Password icon will appear on browser forms. If data has been entered into 1Password tied to that web domain—for example, login credentials—those credentials will be accessible at one click thanks to the extension.
- 1Password X can recognize credit card fields, address fields, etc. and supply suggestions from 1Password as a dropdown, substantially speeding up your form filling.
- When entering passwords, credit card information, or form information for the first time, 1Password X will give you the option to save that data to your 1Password account, including selection of which vault to save it to.
- Instead of having to come up with unique passwords, 1Password X will give you the option of generating unique and secure passwords for you, which it can then save to your vault immediately.
- 1Password X can search your vaults from your browser.
- 1Password X can add two-factor authentication to any secure workflow governed by data in your vault.
- The extension is armed to drag-and-drop data stored in 1Password to the relevant fields.
1Password is powerful on its own, but adding 1Password X to your browser of choice makes it even more powerful and easy to use.
Watchtower is a suite of security tools that comes with every 1Password membership. At a glance, Watchtower can alert you to any weaknesses in your security ecosystem, including passwords that need to be changed or strengthened, compromised logins, and security updates from websites you store credentials for.
Every vault has a Watchtower item in the left hand column which you can use to view the status of items within the vault. Watchtower can check the security status of individual websites.
Pricing & plans
Pricing: $2.99 per month, billed annually, i.e. $35.88
- Mac, Windows, iOS, Android, Linux, and Chrome apps.
- Unlimited passwords and items.
- 1GB document storage.
- 24/7 email support.
- 365-day item history.
- Travel Mode for security abroad.
- Two-factor authentication.
Pricing: $4.99 per month, billed annually, i.e. $59.88
- All the features of the Personal Plan, plus …
- Support for a family of up to five.
- Sharing of passwords, credit cards, and secure notes.
- Manage family member permissions.
- Recover accounts for locked out family members.
Pricing: $3.99 per month, billed annually, i.e. $47.88
- Mac, Windows, iOS, Android, Linux, and Chrome apps.
- Unlimited passwords, items, and shared vaults.
- Admin and permissions control.
- Business-wide two-factor authentication through Duo Integration.
- Friendly 24/7 email support.
- 1GB document storage per user.
- 5 guest accounts for limited sharing.
Pricing: $7.99 per month, billed annually, i.e. $95.88
- All the features of the Teams Plan, plus …
- VIP Support.
- 5GB document storage per person.
- 20 guest accounts for limited sharing.
- Advanced Protection custom security controls.
- Fine-grained access control for each vault.
- Activity log to track changes.
- Custom roles for delegation.
- Usage reports to create an audit trail.
- Custom groups to organize teams.
- Active Directory, Okta, and OneLogin provisioning.
Pricing: By customized quote.
- All the features of the Teams Plan, plus …
- Custom services for your enterprise.
1Password: how to use it?
Setting up 1Password is quick and easy. Start by selecting your plan.
Once you choose your plan, you must enter your email address and receive a six-digit authentication code to proceed to account setup. The code arrives immediately in the inbox of the email address you enter.
Once you authenticate your email address, you must enter your name and your “master password.” This is the one password you will have to remember once 1Password is your go-to password manager. It is the encryption key for your entire 1Password ecosystem. If a hacker obtains your password, he or she has access to everything, so guard it carefully.
The advantage is that if you can guard this password, a whole universe of unique passwords can be stored in your encrypted 1Password vaults.
After you enter your master password, you must enter credit card information. All plans offer a 30-day free trial, but you will have to add credit card information to activate the free trial. If you don’t like 1Password, you have to remember to cancel the plan to avoid a charge on your credit card for an annual plan.
Once you enter your credit card information, the app prompts you to download an “emergency kit,” a one-page PDF that includes a sign-in address, a 38-digit secret key, and a QR code you can use to set up or retrieve your account in an emergency. Make sure to save this in a safe, secure place! If you store your secret 1Password information in an unsecure place, it defeats the purpose and makes your whole vault vulnerable.
Once you download your emergency kit, you’re in! Your 1Password account is ready to roll.
Managing 1Password Vaults
The “vault” is the basic workspace in 1Password. From the home screen, you can create a new vault from the “+ New Vault” button in the upper left hand corner. Once you hit the button, the app will prompt you to give your vault a name and an optional description.
Once you name your vault and create it, the vault will appear as a tile on the home screen, starting in the lower half of the page. As you add more vaults, more tiles will appear.
Clicking on the vault tile will take you to the main screen of that vault, which is divided into three columns—a control column on the left, a middle column for the list of items in your vault, and a larger right hand column where you will see the item details once added. It resembles a cross between a WordPress admin panel and a Finder window.
Vaults are helpful for credential management because family-member or employee access can be partitioned by vault. If someone is only authorized to access certain information, they can be granted access only to certain vaults.
Adding entries to 1Password
Once you have your vaults defined, it is time to add some items. You can add items using the “+” icon on the bottom of the big lefthand field of the vault. Once you click on that button, a long list of potential items appears.
Here’s where the fun starts. If you want to select a password, you can give it a title (for example, “Gmail”) and add the password, websites, labels, tags, and other information.
Once you “save” the item, it appears in the middle column, where you can select and edit it.
If you want to add a credit card, select “Credit Card” from the “+” menu, and a form appears where you can enter credit card information.
Once you save the information, your credit card appears in the middle column below the password entry you previously added.
If you highlight the star beneath the item title in the large item column, it becomes a “Favorite,” which can be filtered using the “Favorites” item in the left hand column.
Importing data to 1Password
It is possible to import data from other apps into 1Password, making it easy to transfer over files from Chrome, other 1Password accounts, or apps like LastPass, Dashlane, RoboForm, or Encryptr.
To import data, click on your member name (usually your first name) and find “Import” on the dropdown menu that appears.
Once you arrive at the import page, select the vault you want to import data to, and the app you will import from.
You will next be taken to a page where you can upload the CSV file downloaded from the app. Once you upload the CSV file, 1Password will import the data into the correct item format in the selected vault.
Security: how safe is 1Password?
Security is “not just a feature; it’s our foundation,” according to 1Password. Indeed, security is all that they are selling. From password management to credit card information to secured notes, none of the services offered by 1Password matter if they are not secure.
As such, 1Password was designed in a “security first” fashion, using open controls in a way that caused AppSec Consulting to describe 1Password’s security controls as “substantial and unusually impressive.”
If you’re wondering how secure is 1Password, there are a couple of things that you should know. To begin with, 1Password is SOC 2 Type 2-certified by AICPA, indicating secure data management. The most current SOC 2 report is available on request.
1Password utilizes 256-bit end-to-end encryption. The only access key to this encryption is your master password. 256-bit encryption is nearly impossible to hack, so the password itself is a big potential failure point. Protect your master password at all cost.
1Password also maintains a private bug bounty program from Bugcrowd, with 387 unique researchers looking for bugs.
The password manager maintains recent penetration tests by ISE and security audits by Onica, with past pentests and security assessments completed by AppSec Consulting, nVisium, and CloudNative.
1Password mobile apps
1Password offers mobile apps for the iOS and Android operating systems. These apps allow you to save and autofill passwords from your linked 1Password account, as well as autofill forms.
You may have to enable the autofill function in settings. When filling out a new form or login credentials, the activated app should prompt you with the option to save the credentials in 1Password for later recall. Your saved 1Password credentials are side-by-side with other saved credentials. You may have to search passed saved in-app credentials to get to your 1Password credentials.
1Password maintains an extensive FAQ and searchable user forum, which can be used to find answers to common questions.
For more complicated questions, 1Password maintains support channels by email, Twitter, and forum response. It would be nice to see phone or chat support available in the event of hard-to-resolve issues. VIP support is available for business plans or higher, but for most users, a relatively-fast but not instantaneous email support architecture is the best option.
Linked 1Password accounts create interchangeable data that can be accessed on mobile devices, desktop devices, any devices signed in to the 1Password account.
Can 1Password be trusted?
1Password uses end-to-end encryption and complies with industry-standard security controls, as well as multiple public security controls. Its certifications are available upon request, and it has submitted to multiple penetration tests and security assessments. It has passed all of them with flying colors.
The biggest security concern with 1Password is actually on the user side—that is, you. By trusting 1Password, you are committing all your private data to a single point of failure—your master password. If a cybercriminal gets that password, (s)he has access to everything. So guard your master password carefully!
Is 1Password worth the money?
In general, software like this is worth the money if it saves time and/or makes workflows easier and more efficient. In this case, 1Password is definitely worth the money. Considering how safe is 1Password, you’re also doing yourself a favor by putting your data in a safe vault.
1Password does not offer a free version like LastPass, but free LastPass is very limited—you can only share each item with one other LastPass user and don’t have access to vaults. This is probably fine for an individual or solopreneur, but for a company or a family that needs to share permissions, 1Password is the only way to go and definitely worth the money. Once you get the hang of it, you will wonder how you ever lived without it.
Can I use my 1Password account on all my devices?
Yes, once you set up your 1Password account, you can download the correct app for the device in question—mobile app, desktop app, browser extension, etc.—and access all the data saved in your 1Password account from your mobile device.
When using a different computer, you will have to download the app or install the browser extension and log in. Once this is done, you will have access to all your 1Password data.
Do I need the desktop app?
No, you can access 1Password entirely from the web as a Cloud service (SaaS) using 1Password.com. For users who prefer the desktop app, however, it is available for MacOS, Windows, Linux, and Chrome OS.
Do I need the browser extension?
No, but using the 1Password X browser extension makes 1Password data storage and retrieval much more seamless. 1Password X is available for Chrome, Firefox, and Microsoft Edge.