Questions about using 1Password for the first time
by Oliver Haslam
Getting started with 1Password is the best decision you can make for your online security. Although it may take some time to unlearn bad habits, it’s worth it for the peace of mind and convenience.
On average, each of us has more than 90 passwords, and remembering them all just isn’t practical. It’s not surprising that so many people reuse the same ones. With 1Password, your Master Password is the only password you need to remember. You can forget the rest. Make them long, random, and secure. They’re all safe inside 1Password, ready for you to fill with a click.
To make sure we’re always making 1Password the best it can be for our customers, we regularly speak with people new to 1Password. Michael Fey, our Apple Team Lead, recently sat down with Melissa of the Your Mac Life podcast. Melissa asked us some amazing questions about 1Password, and we think they might help you too.
All of us have accounts at multiple websites. Without a password manager, we invariably reuse passwords because we think nobody really cares about our accounts. But the problem isn’t that someone will hack into your favorite coffee shop account. The problem is that if you’re using the same password for your bank account, an attacker who gets your coffe shop password now has access to your bank account – and every other account where you’ve used the same password.
1Password allows you to create a Master Password that secures all your other passwords. Then you can use strong, unique passwords for all your accounts, which means a security breach on one website only affects that one site.
Security is not just a feature. It’s our foundation. The 1Password Security Design White Paper explains exactly how your secrets are kept safe. It’s a lot to read, but it covers all the inner working 1Password if you want to learn more. 1Password is also SOC 2 type 2 certified, which is an auditing process that ensures 1Password securely manages data to protect your interests and privacy.
We also have a community of security researchers working hard to make sure 1Password stays the most secure password manager. We’re proud to be open and responsible in our hunt for bugs. Learn more about our Bugcrowd program.
This is a bit of a trick question. Only encrypted data is ever stored in the cloud. Every time you use 1Password, your data is encrypted before a single byte ever leaves your devices. Your encryption keys are protected by your Master Password, so only you have the keys to unlock your secrets.
No one at 1Password can access any of your passwords or other secrets. And if you’re protected from us, you’re also protected from anyone who might compromise us. Thanks to strong encryption, the only person with access to your data is you.
Encryption transforms meaningful data into what looks like gibberish using a secret that can also be used to reverse the process. Reversing the process is called decryption.
Without the right encryption key for your data, it’s impossible to decrypt it. Because no one else knows your Master Password or has your Secret Key, you’re the only one who can decrypt your data.
When we first introduced 1Password memberships, we wanted to make sure that even if someone were to obtain data from us, they wouldn’t be able to do anything with it.
The length of an encryption key determines how difficult it is to decrypt the information it’s protecting. We wanted to use an encryption key that was longer than anything people would be able to reliably remember, so we created a way to combine your Master Password with what we call your Secret Key. This produces an encryption key far stronger than your Master Password alone. And because the Secret Key is stored securely on your devices, it’s not something you need to enter every time you unlock 1Password.
1Password is available everywhere you need it. Although 1Password.com is a great way to access all of your passwords, apps are available for every platform, including Mac, Windows, iOS, Android, and more.
As the name suggests, 1Password was originally built to keep passwords safe, but there’s so much more that you can keep in 1Password. You can save bank accounts, social security numbers, the code for your home security system, or your passport information – anything you want to store securely and have available whenever you need it.
It can indeed, because creating a strong password can be difficult. 1Password allows you to adjust the length and complexity of your passwords. You can even have 1Password create passwords based on random words, which is great for passwords that you may need to read or type yourself, like a security question your bank asks for when you call them on the phone.
If you need help, Watchtower can help you find passwords you need to change.
Watchtower tells you about security breaches on the websites you have saved in 1Password. It’s also great way to find weak or reused passwords, expiring credit cards or passports, and even sites where you haven’t turned on two-factor authentication. Integration with the Pwned Passwords service means you also know when passwords you’re using show up in data breaches on sites you don’t even visit.
Watchtower is included with every 1Password membership, so you can have peace of mind that all your online accounts are well-protected.
Because 1Password stores your most sensitive information, you might not want all of it on your devices everywhere you go. Travel Mode removes vaults from your computers and mobile devices, so if you’re stopped for inspection while travelling, the only vaults on your devices will be the ones you’ve marked as safe for travel.
When you’ve arrived safely, simply turn off Travel Mode, and all your data will automatically appear on your devices.
Thanks to Melissa for giving us the opportunity to answer her questions. It’s always great to chat with the people who use 1Password. You can watch the full interview on YouTube.
If you have questions of your own, let us know. We’re ready and waiting to answer them.