layout: post title: “Why I use 1Password” categories: comment icon: /icons/1Password.png courtesy: “1Password logo and screenshot from AgileBits’ 1Password Press Kit” image: ‘/images/posts/banners/1password.jpg’ description: “I chose 1Password as it’s developed by a single company, security vulnerabilities are patched quickly and support are great. I use a password manager as its more secure and convenient than actually remembering passwords.”
—I first started with 1Password back in 2013, moving to it from a physical password book which was stuffed with scribblings on different notepad paper with credentials on and shoved into the book.
I discovered the app on Reddit, if I recall being highly recommended, so I downloaded it for the £12.99 it was at the time (a hefty sum) but unquestionably worth it.
You can see to the my phone, old iPod Touch and the book I used to use, a reduction in bulk and an increase in portability. At the time I moved, I still used Windows so kept my passwords by my side, ready to key in manually.
Today, I’m storing 500-ish items in my vault, a mix of logins, notes, IDs and more, and most importantly, I feel safe about it. Despite the app being closed source, their openness and availability to explain individual aspects of the software is unrivalled. There are fully open alternatives available such as Keypass but honestly, I trust AgileBits more as their software is updated almost daily (through the beta programmes) and the apps are made by them, not ported to different OS’ by shady third parties.
1Password has protected me from Heartbleed through its watchtower feature, alerting me which passwords needed to be changed, so I could simply go to the website, randomly generating a new password and saving it in 1Password. It moves the duty of remebering these away from me, I only have to remember the 1Password for my vault (although this should still be changed regularly).
I can only talk about AgileBits in the highest regard, in the times I’ve spoken to them, they’ve responded within hours and found a quick resolution.
There has however been some negative press about 1Password, in November 2015 with their old 1PasswordAnywhere format not encrypting metadata, which was a bit of a worry. This is as it meant the domains and titles of sites stored were not encrypted. However within hours there was a solution available, and the AgileBits support staff were on hand on Reddit and other social networks to let people know how to migrate if they wanted to do so before its officially patched.
One company controlling everything in this respect works really well, as if a fundamental flaw was found in the keypass file format (for instance) it would take weeks, months or more for all the developers of different keypass apps to update to the new format (assuming that all the apps were still supported); this co-ordination I feel really gives the edge.
Alternatively, I could’ve chosen LastPass instead, but their recent absorption by LogMeIn doesn’t fill me with hope for their future. I also don’t like using their cloud infrastructure to handle my syncing, I’d much rather WiFi or file-sync myself.