Are password managers safe?

SECURITY

Oliver Haslam by Oliver Haslam

We can’t speak for other password managers, but the short answer is: 1Password is very safe. The longer answer is that not only is 1Password safer than using no password manager at all, it’s far safer than any do-it-yourself solution – no matter how complex it may be.

Stop using weak baskets

While it may seem counterintuitive to keep all your eggs in one basket, using a password manager is much safer than the alternatives. To help you understand what makes a password manager like 1Password safe, let’s first look at the weak baskets you’re likely already using. We’ll start with the least secure basket: not using a password manager at all.

Reusing passwords

Sticky notes with passwords written on them

If you’re not using a password manager of any kind, you eventually have to resort to reusing the same password on more than one site. With all the accounts we have these days, it would be impossible to remember a unique password for each one.

Every time you reuse a password, it makes that basket that much weaker. If any site where you’ve used that password is compromised, an attacker will have access to all the others. For example, if you use the same password at your bank that you use for a fan forum for your favorite TV show, all it takes is a breach of that fan forum for your bank accounts to become exposed.

Storing your secrets out in the open

Keeping passwords saved in a plain text file on your computer is a very weak basket indeed. If that file falls into the wrong hands, an attacker will get all the keys to your digital life with no effort at all.

The same goes for keeping all those passwords written in a notebook. It may not be vulnerable to hackers, but it’s a chore to keep updated. And because it’s much harder to create regular backups of a physical notebook, if it’s ever lost or stolen, the results would be devastating.

Confused person holding many keys

Creating your own system

OK, so you’ve decided to keep everything in a password-protected spreadsheet or other encrypted file on your computer. This may sound secure, but it adds a level of complexity that itself can cause issues. How are you accessing your passwords on all your other devices? What happens if you lose that encrypted file? Even if such a system adds some level of security, it’s not easy to set up and maintain. On top of that, these days it takes a team of security experts to make sure a system is actually secure against attackers.

At this point, it’s tempting to throw your hands up, keep doing what you’ve been doing, and hope for the best. But password management doesn’t have to be this hard. There is a better basket.

Start using a really good basket

“The right way to build reliable systems is to put all your eggs in one basket, after making sure that you’ve built a really good basket.” — Engineer’s Proverb

Password managers like 1Password make the secure thing to do the easy thing to do. You can quickly generate unique passwords for every site and know that everything is strongly encrypted – without having to create a secure system yourself.

Of course, every web browser comes with a built-in password manager, so there’s no shortage of ways to save passwords on your devices. However, they don’t all offer the same level of security, provide the same conveniences, or protect your privacy as comprehensively.

The safest basket

Basket containing a number of items that could be stored in 1Password

With a password manager like 1Password, you only need to remember one secure Master Password, which gives you access to all your private data. It’s all encrypted on your device before it’s ever sent to our servers, and it remains encrypted in transit and at rest on our servers. Your Master Password is never transmitted across the Internet, which means that it never leaves your devices.

What sets 1Password apart is the use of a unique 128-bit Secret Key for every account. When you sign up for 1Password, a Secret Key is generated on your own device. It’s combined with your Master Password to encrypt your data. Just like your Master Password, your Secret Key is never sent to our servers, so hackers wouldn’t have the two keys required to access your information – even if they had access to the servers.

You can read all the details in the 1Password Security Design white paper.

The most convenient basket

All the security in the world doesn’t matter if a password manager doesn’t actually make your life easier, though. That’s why we focused on making 1Password not only the most secure but also the most convenient basket around. When you use 1Password, you’ll find that it:

  • Works on all your devices. Have a Mac and a PC? No problem. 1Password is also available for iOS, Android, Linux, and Chromebooks.
  • Works in all your browsers. Want to use Safari at home and Chrome at work? 1Password is everywhere you need your passwords.
  • Saves you time. 1Password fills passwords, addresses, and credit cards, so you never have to type them by hand.
  • Alerts you to password breaches. Find out about security issues on sites where you have accounts, so you can take action.
  • Stores more than just passwords. 1Password also keeps track of your bank accounts, Wi-Fi networks, and more.
  • Keeps your documents safe. Store files of all kinds in 1Password. This is great for scans of passports, receipts, and other files you want to keep safe.
  • Helps you share what’s necessary. You can easily share specific information with others, like your team at work or family at home.

And if you ever need to leave for any reason, 1Password uses open data formats, so you can import and export at any time. It’s your data, and we want to make sure you’re always the one in control of it.

A truly private basket

All of those conveniences are built on a solid foundation of our commitment to you, your data, and your privacy. We’ve designed 1Password so that it’s not even possible to collect your most sensitive data.

Of course we can’t know your passwords, but we’ve gone much further than that. For example, the design of 1Password means that we also can’t know which sites you’re signing in to or when. That’s your business, not ours.

Help is always available

We understand that not everyone wants to spend as much time thinking about password managers as we do. You can get started with 1Password right away, without a steep learning curve. Videos and tutorials are available to help you get the most from 1Password, but there’s no required viewing to get started.

If you have any questions, we’re here to help. We never want you to be confused or frustrated when it comes to your security.

Loved by millions

For all the reasons above, 1Password is loved by security experts, tech reviewers, and people just like you. They agree that it’s the most secure and convenient choice. And it’s purpose-built to protect your privacy. But don’t take our word for it. Here’s what they have to say:

“Having looked at a number of competitors, and comparing them I can say that 1Password is still the most well-rounded password manager on the market.” — The Sweet Setup

“1Password…combines an ease of use that reduces the friction of using secure passwords with the tools needed to manage them and ensure your logins always remain secure.” — MacStories

“1Password is one of the best ways to store and manage all of your passwords…” — The Verge

“1Password is just so goddamned smart about fixing a serious problem that I hate dealing with. That’s maybe the definition of an awesome app.” — Merlin Mann

“1Password…requires fewer clicks or keypresses to accomplish a task, like generating a new password or finding an existing login, than the competitors do.” — Joe Kissell, author of Mac Security Bible

If you want to take the right steps to keep your passwords safe and your information secure, try 1Password free today.

Oliver Haslam

Word Wrangler

Oliver Haslam - Word Wrangler Oliver Haslam - Word Wrangler

Join in the conversation on Twitter

Continue Reading