How to Manage Passwords with 1Password

6

Comments

+ Add a Comment
avatar

EyeForget

I recently began using 1Password as a result of several security lapses in sites I frequent. Here's my view.

Pros:

Excellent password generation. Makes it easy to use unique complex passwords for each site. That's it's primary purpose and it does an excellent job at this.

The ability to add notes and attachments is great as all are part of the encrypted bundle.

Dropbox integration means the passwords are sync'd with each computer/iOS device your Dropbox account is active on. Or, not active if you share the Dropbox folder. The 1Password bundle that goes to Dropbox is encrypted at your level so it's safe in case of another Dropbox security lapse.

Cons:

The iOS app needs work. On an iOS device, the attachments do not sync with 1Password's iOS version. So, no attachments are available on the iOS 1Password bundle. This is a serious shortcoming for those of us who travel and value having copies of drivers licenses, passports and credit cards securely tucked away in case we need them.

I don't understand the technical issues in allowing the attachments to sync so I'll leave that to the developers. However, having recently had my wallet and passport snatched in Europe, and having an encrypted copy of my passport in my iOS device (a different app), made getting back into the USA a breeze.

On iOS you have a choice to allow website info to store passwords or 1Password. The former is unsecure and the latter requires opening 1Password, copying the password, reopening Safari and pasting. Not exactly elegant but ok given the password strength the app delivers. I use "remember me" for most sites and 1Password for banks, etc.

Between my wife and I, we use 3 osx boxes and 6 iOS devices. 1Password, in connection with Dropbox makes keeping everything in sync a non-issue. Now waiting for attachments to sync with the iOS devices as well.

avatar

AGKyle

Thanks for the kind words!

We know there is some work to do with the iPhone and iPad apps. We'll hopefully have some great news for you in the not too distant future. Keep up with our blog as that will be the first place we announce or show anything.

We certainly understand the shortcomings of using the built in browser in the iPhone and iPad apps. Hopefully we can address this issue.

Attachments are something we'd like to provide too. When the application was initially designed attachments weren't really an easy thing to do on iOS. So they weren't included. Now that iOS has matured and so have the developer APIs we can take another look at this.

No time frames to provide for any of this, but do know that we're well aware of them and hope to address these, and more, in the future!

Thanks again for all of the fantastic comments. You're welcome to contact us via our support system as well. We'll be happy to hear your thoughts, suggestions and comments!

Kyle Swank
AgileBits Support

avatar

iMac.27

I have 1Password, full version. I haven't started using it yet.
I love the idea of this very cool program. However, being an ex-windows user, I guess paranoia sets in and I am thinking to myself... ONE password. If anyone gets THAT password from a keystroke logger ( not even sure those work on a Mac or not) or by whatever means, they now have access to my whole life of passwords. credit card info, banking info etc. whatever you put into this.
That is a frightening thought. Does using this not worry anyone in that same way?
I'd LOVE to go to each site or acct that I log into each month, do a change password and let 1PW make one that is really tough and then just have to remember one PW after.

I also don't want to use the Dropbox part. This part is OPTIONAL? or forced?

avatar

AGKyle

Hi iMac.27!

Kyle from AgileBits here, creators of 1Password.

I wouldn't stress about key loggers, just be careful what you download and where you download it from. If you download something, do you trust that website? If not, you may wish to pass. You can prevent non-targeted key logger installations by simply being careful.

Also, Apple has a Secure Input API that prevents applications from logging or seeing data being entered into those Secure Inputs. We use it everywhere we can. This can really prevent a lot of key logging. We never say never, especially with security. But this should help a lot.

We've never heard of anyone having their 1Password master password stolen from a key logger. I'd say you're pretty safe as long as you exercise caution and use common sense when installing and using new software.

Dropbox is optional unless you wish to sync to a second computer. If you want to sync to a second computer it will require using Dropbox.

If you have further questions please don't hesitate to let us know via our support page.

Kyle Swank
AgileBits Support

avatar

cwanja

Check out the preference that allows you to set a keyboard shortcut to initiate the login. I use Command + Control + W to fire it off. Never have to leave the keyboard and the login is sent automatically to the correct fields. Genius.

The ONLY change I wish they brought was that you can setup 1Password to authenticate apps based off the title window.

Chris Wanja

avatar

AGKyle

Hi Chris,

Thanks for letting readers know about this tip. By default we use Command + \ to trigger the login. You can of course set it to anything you wish though by opening Preferences and changing it.

We'd love to support filling usernames and passwords into applications. We get a lot of requests for this, especially on the iPhone, but we've yet to find a way to make this happen. Filling in the browser is easier because we have extensions, with applications we have to use OS X only APIs and they don't allow what you're asking.

Please let us know if we can ever answer any questions you have though! We're always available via our support site!

Kyle Swank
AgileBits Support

Log in to Mac|Life directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.