Passwords are a problem: if they’re easy to remember they’re easy to crack. Strong passwords are hard to remember and difficult to type, and you need so many of them! So what can you do? Keep them on Post-It notes stuck to your monitor? Use the same password for every site? No, those practices introduce significant security risks. The most secure practice today is to use a password manager.
1Password will create unique strong passwords for every site you log into, and automatically fill them in for you—regardless of which device you’re using. You just need to remember your 1Password master password. It works with most devices, web browsers, and operating systems (Mac, Windows, Linux), so your passwords will be available whenever they are needed, including on mobile devices (iOS, Android).
It’s a premium service that dates back to 2005 and offers more features than the competition. You’ll need to pay for the service, and if you’re serious about security (as you should be) you’ll consider it money well spent. Unlike much of the competition (see the Alternatives section of the review), a free basic plan is not offered. But you can try it free for 30 days. Here are the costs of the main plans offered:
- Personal: $35.88/year,
- Family (5 family members included): $59.88/year,
- Team: $47.88/user/year,
- Business: $95.88/user/year.
Other than the lack of a free plan, these prices are quite competitive, and the Family plan represents very good value (as is LastPass’). Is 1Password the best password manager for you? Read on to find out.
- Excellent security
- Cross-platform for desktop and mobile
- Affordable family plan
- No free plan
- Can't add documents with phone camera
- Can’t fill in application passwords
- Can’t fill in web forms
Why Should You Trust Me?
My name is Adrian Try, and password managers have been a solid part of my life for over a decade. I briefly tried Roboform almost 20 years ago, and have used password managers daily since 2009.
I started with LastPass, and soon afterward the company I was working for asked all of its employees to use it. They were able to give team members access to website logins without actually sharing the password. I set up different LastPass profiles to match my various roles and automatically switched between them by simply changing profiles in Google Chrome. The system worked well.
Some of my family members have also become convinced of the value of a password manager, and are using 1Password. Others continue to use the same simple password that they’ve been using for decades. If you’re like them, I hope this review will change your mind.
For the last few years I’ve been using the default Apple solution—iCloud Keychain—to see how it holds up to the competition. It suggests strong passwords when I need them (though not as strong as 1Password’s), syncs them to all my Apple devices, and offers to fill them in on web pages and apps. It’s definitely better than not using a password manager at all, but I’m looking forward to evaluating other solutions again as I write these reviews.
So I installed the 30-day trial version of 1Password on my iMac and tested it thoroughly for a week.
1Password Review: What’s In It For You?
1Password is all about secure password practices and more, and I’ll list its features in the following six sections. In each subsection, I’ll explore what the app offers and then share my personal take.
1. Securely Store Your Passwords
Rather than keeping all of your passwords on a sheet of paper or in a spreadsheet, or trying to keep them in your head, 1Password will store them for you. They will be kept in a secure cloud service and synchronized to all of your devices.
You might wonder if storing all of your passwords in the same place on the internet is worse than keeping them on a sheet of paper in your drawer. After all, if someone managed to access your 1Password account, they’d have access to everything! That’s a valid concern. But I believe that by using reasonable security measures, password managers are the safest places to store sensitive information.
That starts with you. Use a strong 1Password Master Password, don’t share it with anyone, and don’t leave it lying around on a scrap of paper.
Your Master Password protects everything you store in 1Password, so it’s important to choose a good one. Your Master Password should be unique, random, and memorable, and using the 1Password password generator will guarantee that it is. (1Password)
Next, 1Password gives you a 34-character Secret Key that you will need to enter when logging in from a new device or web browser. The combination of a strong master password and secret key makes it almost impossible for a hacker to gain access. The secret key is a unique security feature of 1Password and isn’t offered by any of the competition.
You should store your Secret Key somewhere it will be safe but available, but you can always copy it from 1Password’s Preferences if you have it installed on a different device.
Pressing the “Set up other devices” button displays a QR code that can be scanned on another device or computer when setting up 1Password.
As an additional security precaution, you can turn on two-factor authentication (2FA). Then you will need more than your master password and secret key when you sign in on a new device: you’ll need a code from an authenticator app on your mobile device. 1Password also prompts you to use 2FA on any third-party services that support it.
Once 1Password knows your passwords it will automatically place them into set categories. You can organize them further by adding your own tags.
1Password can record your usernames and passwords when you sign in to apps and websites.
1Password will remember new passwords as you create new accounts, but you’ll have to enter your existing passwords manually—there’s no way to import them into the app. You can do that all at once, or one at a time as you access each website. To do that, select New Login from the drop-down menu.
Fill in your username, password, and any other details.
You can organize your passwords into multiple vaults to keep your work and personal passwords separate or organize them into categories. By default, there are two vaults, Private and Shared. You can use more finely-tuned vaults to share a set of logins with certain groups of people.
My personal take:
A password manager is the most secure and convenient way to work with the multitude of passwords we need to deal with each day. They are stored online using multiple security strategies, then synced onto each of your devices so they are accessible anywhere and any time you need them.
2. Generate Strong, Unique Passwords for Each Website
Your passwords should be strong—fairly long and not a dictionary word—so they are hard to break. And they should be unique so that if your password for one site is compromised, your other sites won’t be vulnerable. Privacy Australia explains the importance of using a strong, unique password for every site you visit:
The best way to protect against password crackers is to use long and complex strings of letters, numbers, and symbols. Passwords are like the keys to your house. It doesn’t matter if your walls are made of reinforced steel and concrete with the best home security system money can buy if the locks on your doors don’t work.
Using a weak password such as “123456” is like dropping off your keys along with your home address written on a napkin at a local bar where burglars are known to hang out.
Whenever you create a new account, 1Password can generate a strong, unique password for you. Here’s an example. When you are creating a new account in your web browser, access the app by either right-clicking the password field or clicking the 1Password icon on your menu bar, then click the Generate Password button.
That password will be hard to hack, but it will be hard to remember, too. Fortunately, 1Password will remember it for you, and fill it in automatically each time you log in to the service, whichever device you log in from.
My personal take:
Our email, photos, personal details, contact details, and even our money are all available online and protected by a simple password. Coming up with a strong, unique password for every site sounds like a lot of work, and a lot to remember. Fortunately, 1Password will do the work and remembering for you.
3. Automatically Log in to Websites
Now that you have long, strong passwords for all of your web services, you’ll appreciate 1Password filling them in for you. You can do that from the menu bar icon (the “mini-app”), but you’ll have a nicer experience if you install the 1Password X extension for each browser you use. (It’s installed automatically for Safari on the Mac.)
You can jump-start the installation of your extension by clicking the menu bar icon when using your browser. The mini-app will offer to install it for you. For example, here’s the message I received when using Google Chrome.
Clicking the Add 1Password to Google Chrome button opened a new tab in Chrome that allowed me to install the extension.
Once installed, 1Password will offer to fill the password in for you, as long as you are logged in to the service and it hasn’t timed out. Otherwise, you’ll need to enter your 1Password master password first.
If you don’t have the browser extension installed, your login won’t be filled in automatically. Instead, you’ll have to press a shortcut key or click on the 1Password menu bar icon. You can define your own shortcut keys for locking and showing 1Password and filling in a login.
Version 4 could also log into applications, but that feature hasn’t been fully implemented since the codebase was rewritten for Version 6. The same can be said about web forms. Previous versions were able to do this well, but the feature has not yet been fully implemented in Version 7.
My personal take:
Have you ever had to enter a long password multiple times because you couldn’t see what you were typing? Even if you get it right the first time, it can still become frustrating. Now that 1Password will type it for you automatically, your passwords can be as long and complex as you like. That’s extra security with no effort.
4. Grant Access Without Sharing Passwords
If you have a family or business plan, 1Password allows you to share your passwords with your employees, coworkers, spouse, and children—and does this without them knowing what the password is. That’s a great feature because kids and employees are not always as careful as they should be with passwords, and may even share them with others.
To share access to a site with everyone on your family or business plan, just move the item to your Shared vault.
Of course, you shouldn’t share everything with your kids, but giving them access to your wireless network password or Netflix is a great idea. You wouldn’t believe how often I have to repeat passwords to my family!
If there are some passwords you want to share with certain people but not everyone, you can create a new vault and manage who has access.
My personal take:
As my roles in various teams evolved over the years, my managers were able to grant and withdraw access to various web services. I never needed to know the passwords, I would just be automatically logged in when navigating to the site. That’s especially helpful when someone leaves a team. Because they never knew the passwords to begin with, removing their access to your web services is easy and foolproof.
5. Securely Store Private Documents and Information
1Password isn’t just for passwords. You can also use it for private documents and other personal information, storing them in different vaults and organizing them with tags. That way you can keep all of your important, sensitive information in one place.
Your logins and private documents are securely stored in your password vault. This keeps your information locked away from thieves, hackers, and other unsavory types.
1Password allows you to store:
- secure notes,
- credit card details,
- bank account details,
- database credentials,
- drivers licenses,
- email account credentials,
- outdoor licenses,
- reward programs,
- server logins,
- social security numbers,
- software licenses,
- wireless router passwords.
Documents can be added by dragging them onto the app, but 1Password doesn’t allow you to take photos of your cards and papers with your phone’s camera. Personal, Family and Team plans are allocated 1 GB of storage per user, and Business and Enterprise plans receive 5 GB per user. That should be more than enough for private documents that you want to keep available but secure.
When traveling, 1Password has a special mode that removes your personal data from your mobile device and stores it inside of your vault. Once you reach your destination, you can restore it with a single tap.
Now all I have to do is make sure any of the items I need for travel are in a single vault. I then sign in to my account on 1Password.com, mark that vault as “safe for travel,” and turn on Travel Mode in my profile. I unlock 1Password on my devices so the vaults are removed, and I’m now ready for my trip. Off I go from sunny Winnipeg to hopefully-sunnier San Jose, ready to cross the border knowing that my iPhone and my Mac no longer contain the vast majority of my sensitive information.
After I arrive at my destination, I can sign in again and turn off Travel Mode. The vaults immediately show up on my devices, and I’m back in business. (Rick Fillion on the 1Password Blog)
My personal take: Think of 1Password as a secure Dropbox. Store all of your sensitive documents there, and its enhanced security will keep them safe from prying eyes.
6. Be Warned About Password Concerns
From time to time, a web service that you use will be hacked, and your password compromised. That’s a great time to change your password! But how do you know when that happens? It’s hard to keep track of so many logins. 1Password’s Watchtower can let you know.
Watchtower keeps track of password breaches and other security problems so you can keep your accounts safe. It checks for weak, compromised, or duplicated passwords and lets you know which sites are missing two-factor authentication or using unsecured HTTP.
Watchtower is a security dashboard that shows you:
- compromised logins
- reused passwords
- two-factor authentication
Other password managers offer similar features, sometimes with more functionality. For example, when it comes time to change a password that might be vulnerable, 1Password doesn’t offer a way of doing it automatically. That’s a feature that some other password managers do offer.
My personal take:
You can be as careful with your passwords as possible, but if a web service is compromised, the hacker can gain access to them all, then sell them to whoever is willing to pay. 1Password keeps track of these breaches (as well as other security concerns) and notifies you whenever you need to change your password.
Reasons Behind My Reviews and Ratings
1Password is one of the most popular password managers out there, and for good reason. It contains more features than the competition (though recent versions can’t fill in web forms or application passwords), and is available on just about every platform out there.
While many password managers offer a basic free plan, 1Password doesn’t. You’ll need to pay $36/year to use it, which is about the same as major competitors charge for an equivalent service. If you’re committed to paying for a plan, 1Password is affordable and reasonable value—especially the Family plan.
Ease of Use: 4.5/5
I found 1Password very easy to use, despite being a little quirky from time to time. I did need to consult the manual when testing a few features, but the instructions were clear and easy to find.
The 1Password Support page offers searchable articles with quick links to articles that help you get started, become familiar with the apps, and popular articles. A good selection of YouTube videos are also available, and the 24/7 support forum is helpful. There is no live chat or phone support, but that’s typical of most password management software.
Alternatives to 1Password
Dashlane: Dashlane (Windows, Mac, Android, iOS, Linux) is a safe, simple way to store and fill passwords and personal information. Manage up to 50 passwords with the free version, or pay $39.96/year for the premium version. Read our full Dashlane review.
LastPass: LastPass (Mac, Windows, Linux, Chrome, Firefox, Safari, Internet Explorer, Opera, Microsoft Edge) remembers all your passwords, so you don’t have to. The free version gives you the basic features, or upgrade to Premium for $36/year to gain additional sharing options, priority tech support, LastPass for applications and 1 GB of storage. Family plans are $48/year (for six users), and business plans start at $48/year/user.
McAfee True Key: True Key (Windows, Mac, iOS, Android, Chrome, Firefox, Microsoft Edge) auto-saves and enters your passwords, so you don’t have to. A limited free version allows you to manage 15 passwords, and the premium $19.99/year version handles unlimited passwords.
Sticky Password: Sticky Password (Windows, Mac, Android, iOS, Chrome, Firefox, Safari, Internet Explorer, Opera and more) saves you time and keeps you safe. It automatically fills in online forms, generates strong passwords, and automatically logs you in to the websites you visit. The free version gives you password security without sync, backup and password sharing. The Premium version costs $29.99/year or $149.99 lifetime.
Keeper Password Manager: Keeper (Mac, Windows, Linux, iOS, Android, Chrome, Firefox, Safari, Internet Explorer, Edge, Opera) protects your passwords and private information to prevent data breaches and improve employee productivity. There are a wide variety of plans available, including a free plan that supports unlimited password storage. The max bundle plan costs $59.97/year.
Roboform: Roboform (Windows, Mac, iOS, Android) is a form-filler and password manager that securely stores all of your passwords and logs you in with a single click. A free version is available that supports unlimited passwords, and the $23.88/year Everywhere plan offers sync across all devices (including web access), enhanced security options, and priority 24/7 support.
Abine Blur: Abine Blur protects your private information, including passwords and payments. Besides password management, it also offers masked emails, form filling, and tracking protection. A free version is available, and the Premium version costs $39/year basic, or $99/year unlimited.
Today, everyone needs a password manager. 1Password is one of the best. It’s available for all browsers and operating systems (both desktop and mobile), is easy to use, offers excellent security, and has plenty of great features. There’s a lot to like, and it certainly seems popular.
The current version is still playing catch-up with features that were offered previously, including filling in application passwords and web forms. The team seems committed to adding them eventually, but if you need those features now, you’ll be better served by a different app.
1Password is one of the few services that doesn’t offer a basic free version. If you’re a “no-frills” user, check the Alternatives section of this review for password managers with free plans. However, the Individual and Team plans are competitively priced, and at $59.88/year for up to five family members, the Family plan is a bargain (though LastPass’ is even more affordable).
So, if you’re serious about password management and willing to pay for all the features, 1Password offers excellent value, security, and functionality. I recommend you make use of the 30-day free trial to see if it meets your needs.