Password managers are being used more and more but I, for one, had my own way of managing passwords. Protected PDF’s, Plain text keeping (stored in Drive with 2 factor authentication enabled), etc were the ways I used previously. However reading daily about Heartbleed security concern I had to move to a more secure and easier way of storing as well as retrieving them. 1Password was the first and foremost password management solution that I came across.
To begin with 1Password’s mode of operation is local i.e you aren’t required to be connected to their servers in any way whatsoever. The passwords are saved locally and secured in an encrypted database. You are still required to set a master password to protect the entire database. Besides the main program 1Password also comes with a dedicated plugin for all the major web browsers including Google Chrome, Internet Explorer, Mozilla Firefox and Apple Safari.
Credential Capturing And Refilling
There are 2 ways of entering your credentials in 1Password database. One is via the browser extension which automatically captures and stores the login details. Second is manually entering the login details using the management console. Entering credentials manually is pretty straight forward and the entire user interface is self-explanatory. Using a browser extension is a different thing though.
One thing about 1Password browser extension is that it behaves differently in different browser but its efficiency to catch the credentials remains more or less the same across different web browsers. I use Google Chrome on all my windows machines so my focus was more on how Chrome extension works.
In Google Chrome the extension uses a bar as a way of automatically saving the credentials. You’ll be initially asked for Master Password after which you can edit the site name or ignore the site from autosave. The downside to this is you can’t organize it at all. As a matter of fact the extension doesn’t allow you to organize saved credentials. You still need to use the management console for doing so.
Retrieving the credentials is an easy affair as well. When you open a website for which you have previously stored credentials, clicking the key button (next to address bar) will show the available logins for the current site. Then all you have to do is choose the appropriate login and the fields are filled automatically. You also have the option of submitting the form automatically, a certain plus point saving an extra click, which is enabled by default.
Although this works perfectly fine however the extension misses one essential feature, It doesn’t display the number of available logins for current site atop the key button. Highlighting the button or showing a numeric value would certainly be an added advantage.
You also have the option of opening the site as well as filling the credentials automatically from within the extension menu. 1Password’s Chrome extension offers a menu of all saved credentials (a scrolling list). Selecting from the menu both navigates to the site and logs you in! Nifty functionality indeed.
1Password generates strong password too. There are 2 different approaches followed by 1Password for generating password. With the Google Chrome extension you have limited control in terms of customizing the password viz. length of password; whether it is pronounceable or not; to include hyphens, digits or not. Accompanying strength meter at the top shows the strength of generated password so you always have an idea how difficult will it be to break your account.
The management console offers more flexibility for generating password. Apart from what the extension does, you have the option of selecting the number of digits and symbols to use; include/exclude use of ambiguous characters; allowing characters of repeat.
Albeit the difference in way of generating passwords, the underlying ability of 1Password to offer strong passwords to secure your online accounts is certainly an advantageous feature at users disposal.
Management Console (Main Program)
1Password’s management console lets you create/edit logins, wallet items, accounts, software licenses, secure notes, identities and organize folders.
- Logins – Shows a list of all your logins along with password-strength rating. A single click on any item would allow you to edit the entry.
- Wallet Item – Allows you to enter details pertaining to your credit cards, bank accounts, passport details, driver’s license, social security number, and more.
- Account – Allows you to store credentials of your online accounts including email account, IM, iTunes, FTP, Amazon S3 and more.
- Secure Note – Simply stores any kind of sensitive information, like ATM Pin code or anything you wish to keep secret.
- Identity – Herein you can save your personal data like name, address, phone numbers, birth date, forum signature, Skype username, etc.
As shared earlier 1Password doesn’t sync the credentials with its servers rather all the data is stored locally in encrypted form. The interesting part here is that even though there is no server side sync involved 1Password does allow you to keep a copy of encrypted database backed up online at Dropbox. By natively supporting Dropbox 1Password also connects other instances of 1Password with this online copy. With this mechanism the user is assured that a duplicate of database is stored safely in the cloud as well as the fact that other installations of 1Password can make use of this database.
For the critics arguing about the safety aspect of storing database on Dropbox, I just have to say it doesn’t matter at all. Reason being even though your database containing login details is indeed stored online, away from your control, but since it is already encrypted and accessible only with your master password and 1Password’s decryption algorithm, I see no reason to worry.
Moreover if you are skeptical about safety aspect of Dropbox, you can also use other services like that of Google Drive, Box, etc. For doing so you’d have to go an extra mile and setup 1Password to work with it.
I have been using 1Password for more than 2 months now. During this time of testing 1Password worked without any glitch. Yes there were some portals which 1Password’s Chrome extension couldn’t recognize but those were rare instances. Most of the time it worked flawlessly and served its purpose well.
1Password for Windows costs $49.99 and can be purchased from their website here – Buy 1Password For Windows.