Around Thanksgiving we bought a family license for 1Password when there was a special discount. I had previously kept track of my passwords on a password protected iPhone app and had an encrypted text file on my computer for backup. I probably had about 5 or 6 passwords that I used for everything. Most online places considered them “strong” in quality due to my use of numbers and symbols. However, I reused all of them at multiple places and used the password manager app to really only remind me which one I had chosen.
I think it was at the beginning of the summer that I had introduced my brother to 1Password and other similar types of apps. Before I knew it, he kept telling me how great it was. He said that other than maybe his email password and the 1Password master password, he had absolutely no clue what any of his other passwords were! At least at first, this seemed like it would complicate things and be slower. I was so wrong.
It takes up less than 50 MB of RAM running in the background. (This is for the Safari plugin.) I’ve added all my online accounts to it and every account now has an unique password. I’ve created them to be at the maximum length and maximum symbols/numbers that the sites allow. That means if a bank account allows me to have up to a 30 character password I might end up with something like this: g3m^[email protected] (Don’t worry, not one that I used for anything, but you get the idea.) Rather than having a decently strong password used everywhere, I can have a very strong password that is unique for each site. If there is a security lapse at a site this guarantees that only one account is compromised.
The parent company, AgileBits, is very up-to-date on security as well. Here’s a recent post detailing some of the latest advances: Staying ahead with security. Here’s a more technical look at Agile’s keychain design.
If I want to access a specific site I just hit the Command-\ key on my Mac and the 1Password plugin pops up which allow me to search through my list of logins and just click the one that I want. The username and password are automatically propagated into the forms on the site. This is provided that I have already typed in my master password prior to it timing out, which can be changed to whatever you need. For the few sites that use some combination of Flash for logging in, I haven’t been able to effectively get the automatic method to work. Instead I just click the button to copy the password and paste it in to the site. I never need to actually see it.
Another great feature is Dropbox integration. This allows easy syncing between my computer and the universal iPhone/iPad app (Android is also available). They’ve even developed a 1PasswordAnywhere platform allowing you to access all your passwords through a web interface that resembles the desktop application from wherever you can access Dropbox via a web browser.
Overall, I’m very impressed and definitely see myself continuing to use it into the future.