AgileBits 1Password | Tech News

For most people, a password manager that’s limited to Windows isn’t good enough. It’s important to have password access on all your devices. AgileBits 1Password has you covered, with apps for Windows, macOS, Android, and iOS, plus browser extensions for Chrome, Edge, Firefox, Opera, and Safari. A Chrome-only add-on extends the product’s reach to any platform that can run Chrome, including Linux. However, it’s not as automated as most, and it lacks high-end features such as password inheritance and automated password updates.

Pricing for password managers varies more than many other categories of security software. You can get Zoho Vault for just $12 per year, Dashlane costs $39.99 per year, and most of the rest fall somewhere in between. With 1Password, you pay $3.99 per month, which goes down to $2.99 per month ($35.88 per year) if you pay a year at a time. You can use the product on all your devices, and syncing is instant and automatic.

1Password also offers a family plan, at $5.99 per month, or $59.88 per year. This gets you five licenses, along with the ability to share passwords within your family. Keeper has a similar family plan that gets you five licenses plus 10GB of secure online storage. For business, you can set up a team account, at $3.99 per user per year.

With version 7, 1Password gets a major user interface update and a raft of new features. For example, Windows users now get the full security audit that previously showed up only on macOS, and on both platforms the audit now checks for pwned passwords and sites where you could use two-factor authentication but don’t have it enabled. I’ll point out these new features in context.

AgileBits 1Password Main Window

The most immediately visible user interface change is in the sidebar menu at left. Previously, its lower portion split into three tabs for Categories, Tags, and Security. Now it’s one long scrolling list, with the option to expand or collapse those same three sections. It now puts the numbers next to each category and tag in a darker oval, making them easier to see. The differences aren’t huge, but it’s clear much thought went into fine-tuning the UI.

Getting Started

Launch Chrome, Edge, Firefox, Opera, or Safari, and navigate to the 1Password website. Sorry, 1Password doesn’t support Internet Explorer. Sign up for an account and you get 30 days of premium features for free. Entering your credit card info is optional. During setup you enter your name, and you have the option to add a photo.

The next step is somewhat unusual. 1Password generates what it calls an Account Key, a massive string of 34 letters and digits, separated by hyphens into seven blocks of varying sizes. Each time you add a new device or browser extension, you need this key.

Next, you create a strong master password. As always, this should be something you can remember, but nobody else would guess. To help you manage that monster account key, the wizard creates what it calls an emergency kit. This is a PDF file containing your email address and account key, with a space to write down your master password. Print it off, fill in the master password, and stick it in your fireproof lockbox, or somewhere else secure.

With your account finalized, it’s time to set up your apps for Windows, Mac, Android, and iOS. You do need that account key for each installation, but you don’t necessarily have to type it. After installing the app on an Android or iOS device, you can use it to snap a QR code that fills in all your information except the master password. If you’re installing on a desktop device, you can copy that QR code to the clipboard for import or, new in this edition, just tell 1Password to find the QR code onscreen. You won’t often need to type in the account key.

If your activated device gets lost or stolen, the thief would still need your master password to access your credentials. But for total security, you can log into the web console, click My Profile, and deactivate the device. Now that thief would need both your master password and Account Key to gain access.

For full functionality, you also must add the 1Password extension to your browsers. The first time you open a supported browser, 1Password offers its extension. To add the Edge extension, you install it from the app store and then log in with your account information.

The easiest way to switch from one password manager to another is to import the existing product’s passwords. 1Password can import passwords stored in Chrome, and import from LastPass, Dashlane, and RoboForm, but that’s it for direct import. If you’re moving from a different password manager, you must export the data to a CSV file and format it according to the instructions in 1Password.

LastPass, by contrast, can import from over 30 competing products, and KeePass imports from almost 40. Note that to use the import feature, you must log into your 1Password account online. The local app can only import 1Password files exported from another installation.

You do have another option for importing. The 1Password Utilities collection includes community-created scripts to convert data exported from 35 other products into 1Password’s own format. However, using these scripts is definitely a hands-on proposition.

Password Capture and Replay

1Password’s browser extension watches as you enter your credentials on secure websites and offers to save what you’ve entered. In the password capture dialog, you can enter a friendly name for the login and also add one or more tags. New in this edition, you can create nested tags by separating levels with a backslash, for example, “EntertainmentDining.” By default, all passwords go into your personal password vault. If you need to keep multiple sets of passwords, perhaps personal and work collections, you can define additional vaults and choose which to use at capture time. And you can choose to view items from just one vault, or see them all at once.

Password replay with 1Password is not quite as automated as with most competing products. When you revisit a site for which you’ve saved login credentials, you press the magic keystroke Ctrl+ to fill those saved credentials. If you have more than one set of credentials, 1Password presents you with a list.

My AgileBits contact pointed out that requiring user interaction before filling passwords is a deliberate, security-related decision. It eliminates the chance of a website snagging your credentials using invisible login forms.

SecurityWatch

RoboForm, LogMeOnce, Password Boss Premium, and most of the other products of this type offer another handy way to use your saved logins. Clicking the toolbar button displays a list of your saved sites, and clicking one of them first navigates to the site and then logs in. 1Password does this as well, using a popup list of logins rather than a menu. You can scroll down the list or just start typing the name of the login you want. The list narrows to match what you’ve typed. Just click to visit and log into the desired site.

You can also press the magic key combination Ctrl+Alt+ to bring up 1Password Mini. This is an even smaller version of the main app. You can use it to view your saved data, and even enter application passwords using copy/paste.

There are always some nonstandard logins that confuse password managers. LastPass Premium, Sticky Password, Keeper, and a few others get around this problem with a manual capture feature. So does 1Password, though it’s a bit tricky to find. You first enter your credentials, then press Ctrl+. In the resulting popup, click the Settings icon at the bottom left, and choose Save New Login.

Password Generator

Just storing all your existing passwords in 1Password isn’t enough. You need to find those old, weak passwords and update them to something strong and unguessable. 1Password deliberately doesn’t attempt to automate the process of changing passwords, for a variety of reasons. Chief among these, according to my company contact, is the worry that a failure of automatic password updating, perhaps due to a change in the website, could result in locking you out of your account. Keeper’s developers avoid this automation for similar reasons, though Keeper Password Manager & Digital Vault

You might also like More from author

Comments are closed.