1Password Review – Is It Still Worth The Price? (Updated: 2019)
Share this Post
What do “Open Sesame,” “swordfish” and “Joshua” have in common? They are some of the most famous fictional passwords used throughout history; in the case of “Open Sesame,” the magical phrase used by Ali Baba to enter the cave where the forty thieves furtively gathered and stored their stolen loot, usage dates to the early days of the Islamic Golden Age, thus going back more than 10 centuries.
“Swordfish” was comically used as a password to that an inept university president could not remember as he tried to gain access to a speakeasy in a 1932 Marx Brothers film; interestingly, this was the name of a 2001 film about a computer hacker hired by a shadowy organization to break into military networks. “Joshua” was an artificial intelligence construct that controlled a nuclear weapons arsenal in the 1983 film “WarGames”, and it also happened to be the password used to gain backdoor access to the secure network.
Given the history of the aforementioned fictional passwords and their popularity, would you be surprised to learn that many people choose them to secure their online accounts? In 2017, an information security researcher combed through a massive dump of more than 590 million hacked internet accounts and found that “swordfish” was used 386 times, “Open Sesame” 37 times, and “Joshua” a handful of times. The two most popular fictional passwords were “AW96B6” from “Mission Impossible,” followed by “TrustNo1” from the hit television series “The X-Files.”
As you have probably figured out by now, using passwords from popular films and folk tales is not part of a good online security strategy; it may not be as bad as using “123456” or “qwerty123,” but you get the idea. Think about a young woman trying to exit an abusive relationship: let’s say her loathsome boyfriend decides to snoop on her WhatsApp messages, and he happens to know that she is a fan of “The X-Files.”
In this case, it would not take much for the privacy invader to guess that “TrustNo1” is a password used by his girlfriend, and there is also a chance that this is a password she uses for other online accounts such as Gmail and Facebook.
The Need for Strong Password Security
In April 2019, an information security researcher armed with a 3D printer that uses stereolithography technology was able to fool the Samsung S10+ fingerprint sensor with a facsimile of his own index finger. Touch ID, facial recognition and other emerging technologies have thus far failed to prove that they are ready to replace username/password combinations.
Switching from account credentials to biometrics is something that is not going to happen overnight; in fact, it may take decades to accomplish because it requires a paradigm shift in terms of hardware and digital network architecture.
As the situation stands, passwords are not going away anytime soon, and this calls for the use of strategic and convenient password security. Passwords not only establish your digital identity but also prevent unauthorized access to the online accounts that are truly important to your online existence; we are talking about bank accounts, email, instant messaging apps, social networks, and others. Gaining unauthorized access to accounts has always been at the forefront of malicious hacking activity; in fact, password crackers, individuals who have a knack for determining passwords, are highly respected in cybercrime circles.
The best way to protect against password crackers is to use long and complex strings of letters, numbers and symbols. Passwords are like the keys to your house; it does not matter if your walls are made of reinforced steel and concrete if the locks on your doors are easy for anyone to pick or you have virtually non-existent home security. For this reason, using a weak password such as “123456” is like dropping off your keys along with your home address written on a napkin at a local bar where burglars are known to hang out.
All the same, using the same login credentials across various accounts is one of the most ineffective measures you can use in terms of online safety. The problem in this regard is that networks have been breached, and some of these incidents have resulted in the theft of username and password combinations. Imagine a hacker getting a hold of the Gmail address and password you also use to access your bank, credit card and Facebook accounts, this is something you certainly want to avoid, and this is why it is imperative for you to use a good password manager these days.
Introducing 1Password, a Truly Secure Password Manager
The history of 1Password dates back to 2005, when two commercial web developers realized that they needed a secure and efficient method to manage and share the numerous passwords they were creating on behalf of their clients. This need became an internal coding project that worked out as intended, thus leading Roustem Karimov and David Teare to think about how they could share this idea with internet users around the world.
In the transition from web development to a consumer-oriented information security firm, Teare and Karimov founded AgileBits Inc. Armed with Apple PowerBooks and a strong knowledge of Java programming, the coders were flummoxed at the sheer amount of online forms that internet users were encountering in the mid-2000s, and the idea of being able to save form field data along with credentials progressed into a password manager that many technology reviewers and journalists consider to be among the best.
It is interesting to note that the project started off as a password manager for Mac OS X. In the early years of the company, the only places where you could find a 1Password review were websites dedicated to the Apple Mac. From the start, 1Password was considered to be a good password manager, albeit only for Mac users. It took about 10 years for AgileBits to provide solutions for the growing demand for password manager solutions across all platforms; these days, the company offers a trusted service available for macOS, iOS, Windows, and Android devices.
Understanding What 1Password Offers
A good password manager generates, stores, encrypts, and retrieves complex username/password credentials; 1Password ticks all the boxes in this regard, but it also goes a few steps further with advanced features to make the online lives of users easier and more secure. At the heart of the service you will find the strategy that has become universal in terms of internet security: using very strong and unique passwords for all accounts, which is something that just about any password manager will allow you to do.
Creating strong combinations of letters, numbers and symbols that crackers will have a very hard time deciphering even with strong decryption tools is something that you could probably learn in minutes, but the problem is that such passwords are hardly memorable. A password such as the one listed below will take intelligence experts from the United States National Security Agency centuries to crack:
Remembering passwords such as the one above is not something the average person can accomplish, let alone trying to different strong passwords for multiple websites and accounts. Writing complex passwords in notebooks and sticky notes is impractical; even mnemonic devices will not help you remember the complex strings of characters that modern online accounts require, and this is why you need the security and convenience of a good password manager. In essence, the password vault collects all your online credentials, helps you to improve them in terms of security, stores them into an ultra-secure vault, and retrieves them with just one touch and a single password.
What You Can Learn From an Average 1Password Review
Being a very popular online security product, you can easily find hundreds of reviews for 1Password, many of them listing its advantages as well as its disadvantages. Keep in mind that the company offers both apps and services, which means that some users may refer to issues with the password vault while at the same time praising the app interface, for example. The typical 1Password review tends to be very positive; it is interesting to note that many reviewers are cryptography enthusiasts and information security experts who discuss the following features:
- Zero knowledge protocol: This clever user authentication means that no passwords are exchanged, which in turn means that password theft is not possible.
- Secret Key: As its name suggests, you only need to remember a single password to use the service, but the secret key function adds another layer of security that will take NSA agents armed with powerful computers several decades to decipher.
- AES-GCM: Since 2011, AgileBits has been using 256-bit Advanced Encryption Standard keys to make things really difficult on cyber criminals, state-sponsored hackers and password crackers. Let’s say a rogue state is able to break into your 1Password container at the server level; to crack the Galois/Counter Mode of block ciphers used to encrypt your information, it would take millions of years.
- Asymmetric Cryptography: This is a computer security standard that pairs two keys, one known and the other secret, to authenticate online transactions such as accessing password-protected websites.
Setting Up 1Password
You have various installation with this service. As you can imagine, two of the most popular are mobile apps for iOS and Android devices; these apps bring you peace of mind insofar as keeping your passwords secure and close to you at all times, but you also have the option to install apps on Windows, macOS, Chrome OS, and even Linux. With regard to the latter operating system, you can choose between a graphical interface or command line app that you can access from the terminal.
Once installed, the apps will take you through the process of setting up a secure master password along with tips to help you remember it. You do not have to manually store all your username and account credentials at once, the web browser extension feature will securely record this data when you log into your accounts; moreover, the automatic form filler will provide one-touch or one-click access to your accounts. 1Password can store more than just passwords; sensitive documents, audio recordings and digital videos can also be kept secret in your personal vault in the cloud.
Let’s say you use an Android smartphone plus an iPad for personal purposes, the service will let you synchronize data seamlessly between the devices, and you can extend this functionality to a PC or laptop at work.
1Password Pricing and Advanced Features
The AgileBits secure cloud vault is delivered on a Software-as-a-Service basis, which means that you pay a few dollars a month for a subscription. The best deal is the family subscription plan, which is also just a few dollars per month when billed annually; five members are covered under this plan, which includes the option of inviting up to five guests for limited sharing of the password manager service. All subscriptions are for unlimited devices, and they include customer service around the clock.
Special plans for small business teams and enterprise solutions are also available for reasonable subscription fees. New advanced features include Travel Mode, which allows users to securely manage sensitive stored in their personal computing devices when they are on the go. At a time when the U.S. Homeland Security Department has become overzealous about searching smartphones, tablets and laptops at the arrival sections of international airports, the 1Password Travel Mode feature is certainly welcome, especially because access can be restored with just one click once users have cleared customs.
Final Thoughts on 1Password
In the course of evaluating password managers, you may come across a 1Password review that laments the discontinuation of local vault storage in favor of its cloud-based counterpart. The information security specialists at AgileBits strongly recommend cloud vaults because hackers often find it easier to break into individual devices than the ultra-secure AgileBits servers; furthermore, if your smartphone is lost or stolen, for example, retrieving your account information can be easily accomplished from 1Password website as long as you have your master password.
Frequently Asked Questions
Are Password Managers Safe?
With a strong master password and reasonable security measures, password managers are the safest places to store sensitive information.
Can 1Password be hacked?
A: Any information technology system can be hacked. The Shadow Brokers cybercrime group, for example, is believed to have gained entry to servers maintained by the National Security Agency for the purpose of stealing cyber warfare weapons, but their exact methodology remains unknown. Even if the AgileBits servers are compromised, it would take hackers centuries to crack the AES-GCM encryption protecting your data, assuming that they have access to a powerful data center located in the Arctic and enough money to pay thousands of dollars in electricity bills each month.
What is 1Password Watchtower?
This is an informational service that alerts you of data breaches in the websites where you have accounts. Let’s say your Yahoo email account credentials are compromised; 1Password Watchtower will immediately notify you so that you can change your password before your credentials are sold in underground hacking forums.
Does 1Password work with apps?
Enhance auto filling of forms and connecting to the AgileBits API is something that many app developers have embraced. Expedia and Starbucks are two examples in this regard; others include Chase for mobile banking and the popular Evernote organizational app, which is highly recommended.
Add your own review: