Update October 2019 – Switching to 1Password Subscription
I’ve since switched to the subscription version of 1Password as it is more convenient to make sure everything works well in sync and eliminates the need for Dropbox. It is also much easier to make sure everyone in my family and business has an updated version of 1Password.
It’s important to note that local backups of vaults can still be made even if you’re using the subscription version. If you back up your computer with Time Machine or Backblaze, you’d automatically have a backup of your vaults. With a subscription you still have a local copy of all your data on your device itself. The subscription gives you a backup with 1Password (the company) as well as a way of syncing your data. If something happened to their servers you’d still have a backup of your data on every device where you use 1Password. If you have that device backed up with Time Machine, Backblaze, etc, your data is backed up in triplicate at least (a copy on the 1P server, a copy on every device, copy in your Time Machine).
One thing that should be of concern is where the data is kept and how it’s being secured. It’s completely rational and prudent to be concerned about where you keep your data and with whom you trust to keep it safe. With either option of using Dropbox or 1Password account, your data is hosted in the cloud. In both cases, it’s stored fully encrypted and decrypted locally on your devices when you access your data. By using Dropbox, you are entrusting 1Password to encrypt your data, and entrusting Dropbox to keep it secure. If you migrate to a 1Password account, you remove Dropbox from the equation. This has the effect of of simplifying things considerably, but it still keeps your data secure.
1Password accounts add some extra layers in addition to your Master Password in order to protect your data, which replaces the security that you are currently relying on Dropbox for. The first is the Secret Key, which is generated locally on your device, not known to us or anyone else, never transmitted over the internet, and combined with your Master Password to unlock the encryption keys that protect your data. The second is Secure Remote Password, a zero-knowledge protocol that adds an additional layer of encryption in transit, and authenticates you with the 1Password servers without using your Master Password or Secret Key in order to sync your data to all your devices. So your Master Password protects your data on your device as it always has, your Secret Key protects your data in the cloud, and Secure Remote Password protects your data in transit.
In terms of control over your data, you will always have that with a 1Password account. The data that you have in Dropbox right now will stay as is until you decide to remove it, so you can certainly just pick up right from where you left off, if you choose. Even better though, if you decided to go back to the standalone license model or move to another provider, the data in your 1Password account remains accessible even after you end your subscription, so you can keep anything that you changed in the meantime.
Having logins to more than 500 websites and having to remember them all is no joke, you’d need some superhuman abilities for that. It’s one of those areas where I had to call on some software to help me out.
I started off using LastPass, and it served me well for a number of years. I was using it mostly as an individual on one laptop, but as my business grew I felt the need to share some of the logins with others. Obviously I don’t want to share all my logins so I needed software that allows easy organisation and sharing. Unfortunately LastPass, while having these features, has a really terrible UI. It has no native app for Mac OS, so I was stuck in their browser app which was painfully slow. I wasn’t going to be able to organize those 500+ logins anytime soon with LastPass.
Enter 1Password, an app with a really sleek UI that works perfectly for me. It stores its password vault locally on your laptop and if you need to use it from more than one device you can sync via Dropbox, which is ideal for me as I’m already a heavy Dropbox user. Now I can easily access my login data from my Macbook Air as well as the iPad. My wife can also access some of my logins through a shared vault. You can create many vaults in fact, and share only those you want. Within each vault, you can further categorize and tag logins, which gives me the right amount of organizational functionality that I need.
One great advantage of 1Password is two-factor authentication. Security-wise, the most important thing is to set a very secure Master password, as that is your weakest point when using 1Password. The password vault is stored on your Mac with 256-bit AES encryption, a standard used by financial institutions. Thus even if a thief steals your laptop or maybe your iOS device, unless the device still has 1Password in logged-in mode, they cannot access your passwords, since the vault is encrypted.
Now an additional security factor to consider comes into play when sharing vaults with others, as this is most commonly done via Dropbox.
Some points to consider in this case:
- Your master password is never transmitted from your computer or device.
- All 1Password decryption and encryption is performed on your computer or device.
- The 1Password data format was designed to withstand sophisticated attacks if it fell into the wrong hands.
- Dropbox provides an additional layer of encryption.
You can read more about how 1Password stores and encrypts its data here.
When you purchase 1Password you will usually purchase a desktop app for your laptop/pc and another app for your mobile phone. The price for the mac app is $64.99 but the iOS app with basic features is free. There is also the pro upgrade for the iOS app which gives you the following:
- Apple Watch support — It’s 1Password on your wrist. Quickly look up credit cards, garage door codes, and more.
- Store two-factor authentication (TOTP) codes — No need to use a separate app or text messages for your 2FA codes.
- View attachments — Keep passport photos, PDF documents, and receipts safely in your vault. Access them with a single tap.
- Stay organized with tags — Tag items you carry in your wallet, so you can quickly look up your credit card numbers and rewards cards.
- Add custom fields – You know those annoying security questions? Now you can record your answers to them in 1Password.
- Add multiple URLs – If one site has multiple login pages, save time and effort by creating a single item that works with all of them.
- Multiple vaults — Connect to as many existing vaults on Dropbox as you want.
- Create items in additional categories — Wireless Routers, Software Licenses, and more!
All in all the price is right for me, happy to pay for the value that this app provides.
1Password for Families
1Password can also be purchased in family version, which is a subscription based service. You don’t purchase the software directly but you purchase a subscription to 1Password. The company will then charge you once a month for using their password management service.
The price of 1Password for Families is $5/month which gives you up to 5 users.
Why subscribe instead of buying the 1Password apps individually? For starters, all apps come free with your subscription and can be shared with your whole family. But that’s just the tip of the iceberg: 1Password Families is a fully hosted service designed for people who use 1Password together. Syncing, sharing, and management capabilities are all built-in. Inviting family members is as simple as sending them an email.
What if you have more than five people in my family? That’s not a problem at all. You can invite as many family members as you need for an additional $1 per person/month.
Here are a few of the great things 1Password for Families can do:
- It would be great if I didn’t have to purchase and manage licenses for everyone in my family.
- When I change the Netflix password, it would be awesome if everyone in my family got it automatically in a secure fashion.
- A simpler setup would help my uncle use 1Password as he’s not very technical and has trouble setting up sync.
1Password for Families makes all these things easy. I simply send my family an email to invite them. Sync is built in and just works. And my whole family can use 1Password on a single subscription.
1Password Teams
1Password also has a business version in 1Password Teams. This is the ideal solution to use if you want to manage all your company’s logins across a number of team members.
1Password Teams gives you full control over who has access to your team’s most important information. Emailing passwords is just the tip of the bad-security iceberg. IM, post-it notes, broken telephone. They’re not safe, and they don’t scale. 1Password Teams makes it super simple and safe to share all those passwords with the whole office. Items show up on your teammates’ devices automatically, so no one has to worry about staying in sync.
1Password Business
1Password Business provides centralized password management, role-based access control, and policy enforcement, making it a secure and efficient way for businesses to manage their passwords. The solution integrates with a variety of other business tools and services, making it a more flexible and scalable solution for growing businesses.
The cost of 1Password Business is based on the number of users and the features and services required. There is a minimum cost for 5 users, and the price per user decreases as the number of users increases. In addition to the base cost, businesses can also opt for additional features and services such as advanced reporting, custom branding, and enterprise-level security.
1Password Teams VS Business
1Password Business makes sense for businesses that have a larger number of employees, multiple teams and departments, or have a need for centralized password management and security controls. It is also a good choice for businesses that are looking for a scalable and flexible solution that can grow with their needs, and integrate with other business tools and services.
In comparison, 1Password Teams is a good option for smaller teams or businesses that are looking for a simple, easy-to-use password manager. 1Password Teams might be a better choice for businesses with fewer employees, a single team or department, or those that do not require advanced security controls and integration with other business tools and services.
1Password Teams is a good option for small to medium-sized teams that are looking for a simple, easy-to-use password manager. It offers a shared vault for team members to securely store and access passwords, and it provides an easy way to share passwords with each other. The user interface is intuitive and user-friendly, making it easy for teams to get started and get the most out of the service.
1Password Business, on the other hand, is a more comprehensive solution that is specifically designed for businesses. It includes advanced features such as centralized password management, role-based access control, and policy enforcement. It also integrates with a variety of other business tools and services, making it a more flexible and scalable solution for growing businesses.
In conclusion, both 1Password Teams and 1Password Business have their pros and cons and the choice will depend on the specific needs and goals of the company. If your 7 person company is looking for a simple, straightforward password management solution, 1Password Teams might be the best option. However, if your company is looking for a more advanced, scalable solution with additional features, 1Password Business might be a better fit.
Do you use a password manager? I’d love to know about your experiences with password management software, and which one you ended up choosing.
Alternatives
An open-source alternative is Bitwarden, but it’s not as polished as 1Password.
Summary
The most polished password manager out there.
Pros
- The most polished password manager.
- Security-focused company.
- Great support and documentation.
Cons
- Some people hate paying for subscriptions on principle, and refuse to use 1Password.
David says
Hi Jean, thanks for the great article. I recently also migrated from the local vault to the 1password online vault. I wanted to re-add a local vault that would sync to iCloud but noticed that the Sync icon is missing from the Preference Window and also doesn’t appear when I select File > New Vault. I only have an option for an online vault now.
Do you know if it’s possible to still have BOTH an online vault and also a local vault? I searched the 1password site but couldn’t find any info about this.
Jean Galea says
No it’s not possible anymore.