1Password (Password Manager) Review

There are a slew of password managers to choose from to keep your login credentials safe, and one of the most established is 1Password. It is a decent option, especially for Apple users, but it has its drawbacks: Syncing across devices isn't as smooth as it could be, 1Password's pricing scheme can be confusing and functionality varies widely among platforms.

The engineers who launched 1Password in 2006 gave 1Password all the essential features of a good password manager — browser plug-ins, automatic form filling and more. One major downside, at least for someone who prefers PC and Android devices, is that 1Password was originally created for Apple products, and versions for other platforms are even today still quite clunky.

Costs and What's Covered

There are two ways to get 1Password. You can download the software platform-by-platform, paying for a separate software license each time. Mac and Windows licenses were once $50 apiece, but as of March 2016, they've been combined into a $65 bundle. The license is good forever, but as with the Windows OS, you'll have to pay for any significantly new versions of the software.

The basic iOS and Android mobile apps are free, but very different. A $10 in-app purchase gets you the Pro upgrade for each platform, which includes Apple Watch support for iOS, but even the free iOS version does more than the paid Android one. If you use Windows, Mac, iOS and Android interchangeably, license costs can add up.

There's another downside to this a la carte approach. Befitting 1Password's relatively ancient origins, the software saves the password "vault" locally on each device, and it's up to you to make sure that the vault is synced among all your devices. You can use a USB stick, your home or office network, or a third-party file-syncing service like Dropbox or iCloud, but 1Password will not sync it for you.

Syncing is not a problem with 1Password Families, the service's multiuser subscription plan ($5 per month, or $48 per year). With Families, up to five users get premium 1Password software for all their devices on all supported platforms, with free upgrades, plus accounts on 1Password.com. There's an "account key" — a long number — associated with the Families account to aid setup and verification, and best of all, 1Password handles vault syncing on its own servers.

MORE: Best Password Managers

However, neither of these approaches is a great cohesive option for a single person who doesn't use exclusively Apple devices — especially not when LastPass Premium covers all your devices for $12 per year, and True Key Premium for $20 per year.

Setup

Setting up 1Password was simple and straightforward. We installed the Chrome browser extension and tested the app on an iPad mini. Extensions exist for Google Chrome, Apple Safari, Mozilla Firefox and Microsoft Internet Explorer and can be obtained at Agilebits.

As with other password managers, you have to first create a secure master password before doing anything else. You will then be sent to a screen that will allow you to start inputting your information, including logins and credit cards.

1Password, unfortunately, does not play well with others. With the exception of LastPass, SplashID and RoboForm, you can't import previously saved passwords directly from web browsers or from other password managers. There are add-on scripts to facilitate imports from some programs, but in most cases, you'll have to export records to a .csv file, then import that file into 1Password.

1Password on the Desktop

Like most password managers, 1Password will capture any new logins you create. And, unlike some managers, it will also offer to capture existing credentials as you log into sites for which you already have accounts. You can refuse the offer, or opt to instead enter those credentials manually into 1Password.

You can also create custom fields to help 1Password recognize and fill out two-stage or otherwise complicated logins. Creating a record for a new account was simple — you just enter the site address, username and password, as well as any additional notes about the website.

One noteworthy feature of 1Password on both Mac and PC is the capability to create multiple identities. These are essentially unique profiles that are filled with common information used in filling out web forms. Only a few other password managers, among them Sticky Password, share this feature.

You can create addresses, telephone numbers, email address, Skype handles, credit-card numbers and other personal financial information. The 1Password vault also lets you store copies of sensitive documents such as passports, birth certificates, driver's licenses, etc.

Having 1Password automatically fill in forms for you is not a one-click process as it is on some other platforms. To prompt 1Password to fill in fields, you have to do one of two things: Hit "control" and the backslash key simultaneously, or hit the 1Password icon on your toolbar for a dropdown menu with login options.

1Password will check your vault for weak and duplicate passwords, and categorize them accordingly. This was useful, but more comprehensive security assessments, complete with scores, are given by LastPass and Dashlane.

In May 2017, 1Password added a new feature called "travel mode," which is especially useful for travelers (such as 1Password's mostly Canadian developers) who often cross the U.S. border and must present their laptops and mobile devices for inspection. Travel mode lets you preemptively designate certain items in the password vault to be hidden from view, in case a nosy U.S. Customs officer wants to check out your Facebook page.

MORE: How to Create and Remember Super-Secure Passwords

The 1Password desktop application looks a lot better on the Mac than it does on Windows, and the Windows package is a full two version numbers behind the Mac one. There's a major upgrade coming in the fall of 2016 that promises to modernize the look and feel of 1Password on Windows.

1Password Mobile Apps

The 1Password mobile app is intuitive, feature-rich and easy to use on iOS devices, and you get a free 30-day trial of the Pro version on Android. Both the iOS and Android versions support PIN logins, and fingerprint logins if available, so that you don't have to type your master password every time.

Now that iOS supports 1Password's browser extension, you can easily save and auto-fill your information in the mobile Safari browser, just as you would be able to do on a desktop. This saves time, but you'll still have to do some copying and pasting between your browser and the 1Password app. As a plus, 1Password's most recent version supports iOS 9's multitasking features.

1Password can now sync with Mac users' iCloud accounts, with Dropbox or over a local secure Wi-Fi network. Syncing doesn't work as well for non-Apple platforms — the iCloud option isn’t available in the Android app, and Wi-Fi syncing with a Windows machine requires the PC to install Apple's proprietary Bonjour software. You can also set your 1Password account so that your devices sync only when they're connected to a secure Wi-Fi network.

The iOS version is much richer and full-featured than the Android one — it has a dedicated web browser and can save credit cards and automatically fill out forms. With Pro, the iOS app adds multiple vaults, Apple Watch support, one-time passwords and other useful features. By comparison, even the Android Pro version is bare-bones, and the free one is read-only — it won't even let you add items unless you pay for a Pro license.

Overall Performance

While the 1Password iOS mobile app works great, and the browser extension is decent, the password manager lacks what many others have — seamless cross-platform synchronization, unless you spring for the multiuser Families subscription. Without that plan, your Apple devices will have no trouble syncing with each other, but it may be kind of painful to get 1Password to sync among Windows, Android and Apple devices.

1Password was originally created for Apple products, and versions for other platforms are still quite clunky.

Logging into websites and saving new login information was quick and effortless. The form-filling function was thorough and accurate, though we found switching identities a bit clunky, with a "ctrl + /" key command that was hard to learn.

Sharing passwords is limited. All users of a single Families account can share passwords and other items securely among themselves, and Apple users can send credentials to other Apple users via secure channels such as iMessage or AirDrop. But in Windows, the sharing channels include email, which isn't secure at all.

Perhaps the biggest omission is two-factor authentication, an option provided by most password managers that requires you to provide another means of verification — a fingerprint, a texted code, a third-party USB key, your own face — when logging in.

If you have a Families account, 1Password does require you to input your Account Key, the long number issued to you upon initial setup, when registering a new device. If a Families account member loses or forgets a master password, any designated administrator of that account can recover that person's access. But non-subscription users don't get any of those options, and can never recover accounts if they lose their master passwords. 

MORE: How to Change Your Password in Windows 10

Bottom Line

1Password packs solid features, including great auto-filling capabilities and the ability to easily organize your information, including important documents like your driver's license — if you're exclusively a Mac and iOS user. The Windows application is staid but functional, and we look forward to design and function enhancements with the next version on that platform. But we can't recommend 1Password for Android users until the app for that platform significantly improves.

On all platforms, 1Password lacks two-factor authentication, better options for non-Apple users and seamless cross-platform integration. And its complicated, relatively expensive pricing scheme is, ahem, out of sync with the times when less expensive competitors such as LastPass, Dashlane and True Key offer all of 1Password's missing but important features.

Create a new thread in the Antivirus / Security / Privacy forum about this subject
2 comments
    Your comment
  • AGEva
    My name is Eva Schweber and I work for AgileBits, the folks who make 1Password. Thank you for reviewing our software. There are a few points in your review that I would like to address.

    "But it can't automatically capture existing credentials as you log into sites for which you already have accounts — instead, you have to enter those credentials manually into 1Password."

    The first time that you enter credentials into a new site, the app will automatically capture the login information and add it to the app. Make sure that you have the 1Password web browser extension installed for this feature to work. https://agilebits.com/onepassword/extensions

    I would also like to clarify the distinction between 1Password accounts (our 1Password Families and 1Password Teams subscription plans) and our standalone apps. 1Password accounts include the latest version of our apps for all of our platforms and your data is always consistent across all of your devices. The standalone apps are licensed per person and platform, and can be set up to sync locally (without data touching the cloud) using Wi-Fi, or with the cloud using Dropbox or iCloud (if only Apple devices are being used).

    Our Android and Windows apps are newer and we are working hard on feature parity across platforms. The latest version of our Android app does include some nice features like automatic filling and Fingerprint Unlock. Multiple vaults are supported if you have a 1Password Teams or 1Password Families account.

    Regarding two-factor authentication, our security model is built on strong, end-to-end encryption. Authentication is used to provide our hosted services, but it is not relied on for securing your data. You can read more about the distinction and how we secure our customers' data on our website.
    https://support.1password.com/authentication-vs-encryption/
    0
  • GrumpyAs
    This is rubbish.
    The review is dated 23 May but it's much older than that.
    The AgileBits spokes person response is 10 months old...how can that be?
    The pricing is wrong
    The standalone version ain't available on their web site not on the Apple App Store.
    It's all subscription only hosted on the devs servers.
    This is just a fluff filler ... regurgitated old stuff .... to separate the advertisements.
    0