AgileBits 1Password Review: Complete Edition Including Screenshots

1Password
What is 1Password? Is it any good?

Pros

  • Two-factor authentication
  • Offers dedicated extensions for mainstream web browsers.
  • Chrome extension works on all platforms
  • Dedicated apps for iOS, Android, Mac OS and Windows
  • Simple and secure authentication process to add more devices

Cons

  • Import options are limited.
  • No compatibility for Internet Explorer

Bottom Line

AgileBits 1Password differentiates itself from other password managers by offering the sync feature for personal data and passwords across all of the user’s devices.

Some of the other password managers on the market offer more automation than AgileBits 1Password.

But it still manages to serve up an easy-to-use and slick password management utility.

1Password Full Review

A lot of people don’t consider any password manager that only works within Windows as good enough.

And there is a good reason for it.

In the modern world, it is extremely important that users have a way to access their passwords on all of their devices.

This is where password managers such as AgileBits 1Password come in.

It covers the user on all devices.

AgileBits 1Password also has dedicated apps for platforms such as,

  • iOS
  • Android
  • macOS
  • Windows

Along with that, it offers web browser plugins/extensions for mainstream web browsers such as,

  • Safari
  • Opera
  • Firefox
  • Edge
  • Chrome

The Chrome-only web extension from AgileBits 1Password extends the password manager’s reach to all platforms that can run Google Chrome.

That means users who are on the Linux platform can also use AgileBits 1Password.

Despite all of that, it is true that AgileBits 1Password doesn’t offer as automated an experience as some of the other password managers in the industry.

Moreover, AgileBits 1Password also lacks some high-end password management features such as automated password updates along with password inheritance.

Price

Password managers aren’t like VPN services.

In other words, password managers can vary a lot in terms of how much money they charge users for their product.

In fact, we think that password managers are more varied in their pricing models than almost all other security software categories.

For example, users can easily go with a password manager like Zoho Vault that only charges them $12 per year.

Then there is Dashlane.

Dashlane costs users around $39.99 per year.

The majority of password managers in the business today cost somewhere between the two extremes of Zoho Vault and Dashlane.

What does AgileBits 1Password cost?

Users can expect to pay up to $3.99 per month of AgileBits 1Password service.

That price does go down if the user signs up with the service for a period of 12 months.

A yearly package of AgileBits 1Password costs $35.88.

That comes to around $2.99 per month.

Of course, there are pros and cons to paying for an online service on a yearly basis.

The most interesting feature in AgileBits 1Password is that it works across all of the user’s devices.

Moreover, it starts the syncing process automatically and instantly.

AgileBits 1Password also provides users with a family plan.

That comes to around $5.99 per month.

On a yearly basis, that plan costs $59.88 per year.

The family plan offers users a total of five AgileBits 1Password licenses.

Additionally, users gain the ability to share their passwords with their family members.

Another password manager that also offers a family plan is Keeper.

Its family plan comes with a total of five licenses as well.

But in addition to the licenses, the family plan from Keeper also offers 10GB of online storage which is very secure.

Keeper also has solutions for business clients.

In other words, it offers a team account for them.

And it costs just $3.99 per year per user.

At the time of writing this review, the latest version is version 7.

What has the latest version brought to AgileBits 1Password?

Well, it has brought some major updates to the user interface.

Along with that, it has also added a raft of advanced features.

To take an example, users who install AgileBits 1Password on the Windows platform get to have the service’s comprehensive security audit.

Previously though, this feature only existed for the macOS platform.

Moreover, the security audit itself has received some due upgrades.

Now the security audit takes the responsibility of checking pwned passwords.

It also checks for websites where the user could benefit from two-factor authentication but hasn’t gone through the trouble of enabling it.

Later in this review, we will look at more new features and describe them in context.

User Interface

user_interface

As mentioned before, the latest version has some immediately visible updates to the user interface.

The first of these, that users are likely to notice, is the sidebar menu that appears on the left-hand side.

In previous editions, the lower portion of the menu split itself into a total of three tabs.

These three tabs were,

  • Security
  • Tags
  • Categories

The latest version replaces that with just one, but long, scrolling options list.

Users have the option of collapsing and/or expanding the same old three categories.

Now, AgileBits 1Password goes through the bother of putting numbers in front of each of its categories.

It also tags the options with the help of a dark oval icon.

This makes it easy for users to see the options prominently and distinct from the overall user interface.

As mentioned earlier, there are updates.

But old users are unlikely to experience huge differences.

Regardless, AgileBits 1Password engineers have put much thought into the design of the new user interface.

In the process of doing so, they have managed to fine-tune the user interface to a great degree.

Installation

All that users have to do is to first launch,

  • Safari
  • Opera
  • Firefox
  • Edge
  • Chrome

And then navigate to the official website of 1Password.

Okay, so why did we miss Internet Explorer?

Well, because AgileBits 1Password has no support for Internet Explorer.

Moving ahead.

Once the user has signed up for an AgileBits 1Password account, the service enables a full 30-day premium version for the user without any cost.

Users should keep in mind that they don’t have to provide AgileBits 1Password their credit card information.

Doing so is completely optional.

Users have the option of entering their name during the installation process.

AgileBits 1Password also offers users to upload a photo if they want to.

Now comes the somewhat unusual step.

When users try to install AgileBits 1Password on their machine, 1Password makes sure to generate, what the service calls, a 1Password Account Key.

What is the Account Key?

It is a string.

And a massive one.

It consists of a total of 34 digits and letters.

1Password separates these 34 letters and strings with the use of hyphens.

Using the hyphens, 1Password divides the Account Key into seven blocks.

All of the blocks vary in their size.

Every time the user wants to add a browser extension or a new device, the user has to provide the Account Key.

The next step for the user is to provide AgileBits 1Password with a master password.

And since it is a master password, users have to make sure that it is a strong one.

Remember that the key ingredient to creating a strong master password is to come up with a password that is easy to remember for oneself and not for others.

Only the account holder should be able to guess that master password and no one else.

So we have already mentioned the fact that the Account Key is monstrous.

How do you manage that?

To help users managing the key, the official AgileBits 1Password wizard first creates, what the service calls, an emergency kit.

What is this emergency kit?

It is just a PDF file.

The emergency kit file contains the user’s account key and email address.

There is also some space there for the user to write down his/her master password.

In order to use the emergency kit, the has to print the PDF file.

Then fill in his/her master password on the printed document.

After that, the user is free to stick the document in his/her fireproof lockbox.

But maybe the user doesn’t have a lockbox.

In that case, the user should store it somewhere safe and secure.

At this point, the user has basically finalized his/her AgileBits 1Password account.

The next step is to download and set up all the different apps for the user’s different devices.

password_interface

As mentioned before, AgileBits 1Password offers dedicated apps for,

  • Android
  • iOS
  • Mac
  • Windows

Again, we’ll remind the readers that they need to keep that account key someplace handy because they will need it each time they want to activate AgileBits 1Password on a device.

Of course, we’re not saying the user will have to type out the whole thing each and every time they want to add a device.

When the user has finished installing 1Password’s application on an iOS and/or Android device, the user can simply use the device’s scanning feature to snap a short QR code.

That will fill in all of the user’s information apart from the user’s master password.

Users who want to install AgileBits 1Password on their desktop computer will have to copy that same QR code to their operating system’s clipboard in order to begin the import process.

The new edition of AgileBits 1Password gives users another option.

This option allows users to just instruct AgileBits 1Password to go and find the relevant QR code on screen.

Such a feature also ensures that the user doesn’t have to type out his/her account key on every occasion.

What happens if the user loses his/her activated device?

What is someone steals it?

Well, the thing about a lost device is that the thief would still require the user’s master password in order to open the device’s app and then access the user’s login credentials.

Users who want even more security should log into AgileBits 1Password’s web console.

After accessing the console, users should click on the option that says My Profile.

When that’s done, it is just a matter of deactivating the stolen or lost device.

If done correctly, the thief won’t have any opportunity to gain access to the user’s credentials without the user’s master password AND Account Key.

In order to take advantage of all AgileBits 1Password functions, users should add the official AgileBits 1Password web browser extension to their web browsers as well.

In fact, AgileBits 1Password will offer users its official extension the first time they try and open one of the browsers it supports.

For adding the Microsoft Edge 1Password extension, the user will first have to install the official app from the app store.

Then, after installing the app, the user will have to log in with proper login credentials and account information.

Importing Stuff

There are many ways to import one’s login information to one password manager from another. But the easiest of those ways is to simply use the import feature that comes with most password managers.

In other words, switch password managers by importing your existing password manager’s passwords.

No need to input all the credentials, one by one, again.

In this regard, 1Password offers lots of options.

It can import login information such as usernames and passwords that the user has stored in web browsers such as Chrome.

It can also import all login information from password managers such as,

  • RoboForm
  • Dashlane
  • LastPass

Apart from that, there are no other password managers supported for direct import of login information.

So what should the user do if the user wants to move away from a password manager that AgileBits 1Password doesn’t support?

In that case, the user has no choice but to export the relevant data with the help of a CSV file.

The user will also have to format the CSV file according to the rules and instructions set by 1Password.

That is different from how LastPass handles the import procedure.

In contrast to 1Password, LastPass has the ability to import login credentials from over 30 password managers (all of them are LastPass’ competitors).

There is also KeePass that can import from over 40 password managers.

Readers should also note that users who want to utilize the import feature first have to log into their 1Password account via the online website.

To put it another way, the local 1Password application can only perform the import function when the user exports 1Password files from another 1Password installation.

If that doesn’t sound like the kind of thing you would want to waste your time on, then 1Password offers users another method to import their login credentials.

It offers the open source 1Password Utilities.

What is it?

It is nothing but a collection that includes community-created useful scripts.

These help users convert data that the user wants exported from a total of 35 other market products directly into AgileBits 1Password’s required format.

With that said, we would like to mention here that these scripts aren’t newbie friendly.

And will probably present users with a real hands-on proposition.

How Does 1Password Capture Password And What About Replay?

password_generator

The magic happens inside the official 1Password browser extension.

It watches the user as the user is typing out his/her credentials on various secure websites.

Then it offers the user to save what the user has entered on the given site.

After that it presents the user with a password capture dialog.

Using the dialog the user is free to enter a memorable name for the new login.

The user also has the facility of adding a multiple number of tags to the new login credential for easy searching.

The latest edition of AgileBits 1Password offers users the ability to easily create nested tags.

All that the user has to do is to use the backslash key to separate levels.

To take an example, in order to first tag a login credential with Entertainment and then with Dining one would write something like “Entertainment/Dining.”

The default settings dictate that all users passwords first go into the user’s vault.

That is, the user’s personal password vault.

Users who have this need of keeping multiple sets of usernames and passwords or even work and personal collections of usernames and password can use 1Password to define additional password vaults.

They can also select which ones they want to use at the time when 1Password presents the dialog to capture relevant credentials.

Users can also select the order in which they want to view their items.

They can view items from a single vault.

Or, they can view everything at once.

What about Password Replay then?

This is where we think that 1Password doesn’t offer the level of automation that some of the other competing password managers offer.

Why do we say that?

Well, let’s explain that a bit.

Whenever the user revisits a given website for which the user has already gone through the process of saving login credentials, 1Password requires the user to press the magic combination of keystrokes in the form of Ctrl + \.

When the user does that, it begins to fill the relevant saved login credentials.

If the user has multiple sets of login credentials for the same site, then 1Password presents the user with a simple list.

Some users don’t like the fact that 1Password requires them to interact a bit before filling the login credentials.

AgileBits representatives tell such users that 1Password requires some user interaction before actually moving to fill login credentials because of security.

Yes.

That user interaction that some find so annoying is actually a deliberate design decision on part of 1Password engineers.

And the reason makes sense.

1Password requires user interaction because it helps the password manager to eliminate any chance of a given website just snagging the user’s credentials with the help of invisible login forms.

Many other password managers including Password Boss Premium, LogMeOnce, RoboForm offer users a different but handy method of using their saved login credentials.

These password managers require the user to click the relevant toolbar button.

When the user does that they display the full list of the user’s saved websites.

If the user clicks on a given item on the list, then the password manager takes the user to the related website, navigates to the login screen and then logs in the user.

Does 1Password do that?

Yes.

It does.

But instead of using a menu, it makes use of a popup list.

The popup list contains all of the user’s login credentials.

Users are free to scroll down the shown list.

Else, they can just type out the name of the website or the login credential that they want to use.

As the user is typing the login name, 1Password narrows down the list in order to match what the user is typing.

All that the user has to do then is to click the presented login in order to visit the site and then log into the related website.

For another method, users can press another combination of keystrokes.

This time, the combination comes in the form of Ctrl+Alt+\.

What does this do?

It opens up 1Password Mini.

What is 1Password Mini?

It is nothing but a smaller version of the official 1Password main application.

Users can interact with this smaller version to view their saved login credentials.

They can use it to enter all types of application password by utilizing the copy/paste functionality.

Password managers, especially the average ones, are notorious for malfunctioning when faced with a non-standard login page.

To avoid the confusion, password managers such as Keeper, Sticky Password, and LastPass Premium provide users with a neat little manual password capture feature.

This solves the problem most of the time.

1Password also offers this feature.

But users will find it tricky to use it the first time around.

Basically, to use the feature, the user has to first enter his/her login credentials on the given website and then press the key combination Ctrl + \.

That will result in 1password showing the user a popup window.

Users should then click the icon that will lead them to the Settings menu.

This icon is usually located in the bottom left corner of the popup screen.

After that, all that users have to do is to select the option that says Save New Login.

How Good Is The Password Generator?

menu

You knew it all along.

Just installing a password manager and storing all of your important and existing login credentials in it was never enough.

What we want to say is that users should first install 1Password AND then start to find all the old passwords that are basically weak passwords.

After finding those passwords, the user must update those weak passwords to passwords that are unguessable and strong.

Perhaps this is a good time to mention that 1Password makes the deliberate choice of not attempting to automate the procedure of modifying user passwords.

It does that for numerous reasons.

The major of those reasons is that it fears failure.

Failure of the password manager to automatically change the user’s passwords because of a change in the way the related website handles login attempts.

This could potentially lock the user right out of his/her website account.

How do other password managers handle the problem of automatically password modification?

Well, let’s take Keeper for example.

The developers behind Keeper try to avoid automating the process of changing passwords as well.

They do so for similar reasons as 1Password.

However, the Keeper Password Manager and Digital Vault do provide users with the facility of filling all the standard password-changing forms with just one click.

One can’t expect users to come up with strong passwords all the time.

Hence, password managers like 1Password offer password generators in order to assist users in creating strong passwords whenever they are trying to sign up for a service or a new website.

Password generators also help users update their old and weak passwords.

The 1Password password generator generates a 24-character password by default.

It doesn’t matter if the user is working with the web browser extension or the Windows application.

Here at Security Gladiators, we always recommend that users should go with as long a password as possible.

Users should understand that after all, they don’t have to do anything to remember strong passwords.

It seems like some password managers don’t reflect on this fact.

And end up offering much shorter passwords for whatever reason.

Password managers such as Ascendo DataVault along with Trend Micro and RoboForm all have the default setting of offering eight character passwords.

There is a genuine worry that user just would not know how to alter such a setting.

But let’s talk about Myki which comes from the opposite end of the spectrum in the sense that by default it generates a 30-character random password.

1Password, by default, generates random passwords for the user by making use of,

  • Small letters
  • Capital letters
  • Symbols
  • Digits

Users are free to disable some of these options.

Like, if they don’t want symbols or digits in the generated password, then they can do that via the settings menu.

Some websites also don’t accept passwords that have symbols and/or digits in them, so changing the settings for password generator isn’t just about preferences.

The only type of characters that the generator always makes use of is letters.

1Password’s default settings also force the 1Password password generator to not accept ambiguous characters.

What are ambiguous characters?

These are characters such as capital O (the letter) and 0 (the digit).

Again, we would like to remind readers that with a password manager they don’t actually have to remember passwords.

So there is no point in disabling or suppressing these characters.

Moreover, if the user decides to disable such characters, it shrinks the already limited pool of characters from which the password generator can generate a strong random password.

As far as making these changes to all instances of 1Password go, users don’t need to worry about anything.

Any type of changes that the user makes to 1Password’s default settings automatically propagate to both the 1Password app and the web browser extension.

Strong Password

If a password generator makes use of enough random characters (preferably a collection) then it can generate strong unguessable passwords.

In other words, hackers will find it very hard to crack open such passwords.

Apart from using a large collection of characters, a password manager can also make the generated password long in order to further secure it against hackers.

1Password password generator comes with the ability to churn out words as passwords as well.

It uses a random collection to come up with the words to use in the generated password.

To make the password stronger it also separates the words via,

  • Space
  • Hyphen
  • Underscore
  • Comma
  • Period

The default settings for this option force it to come up with four-word password phrases such as “maxilla perspire hound bipedal”.

And “hysteric spake opal anarchy”.

This isn’t particularly useful because a truly random password is far stronger than a password with word phrases.

But there is one case where such a password would make sense.

That is, when the user has to memorize the password.

We recommend that users should stick with totally random passwords generated with a random collection of characters when they are sure that they will never have to remember it.

In other words, for passwords that the password manager will handle, there is nothing wrong with going with the longest and most difficult one.

But for cases where the user himself/herself has to remember the password, then perhaps the four-worded phrase password makes more sense.

Form Filling And Identity

options

1Password allows users to store their personal information so that they may use it when they want to fill out web forms.

This feature, of course, isn’t unique to 1Password as other password managers like LastPass and Dashlane also offer it.

Users have the facility of creating a multiple number of online identities.

Each identity comes with its own address information, personal data, and other various internet contact information.

The other great thing about 1Password is that it can also store the user’s credit card details.

And it can keep them separate from the user’s personal identity.

A few fields such as telephone, address, and name always manage to make their way on the screen.

The form filling feature has some extra fields that users can easily ignore.

Or remove.

In order to remove the option fields, users must click on the minus icon (the red circle).

Our advice is that users should only remove optional fields if they are sure that they will never use those fields in the future.

With that said, there are some optional fields that users should definitely remove.

For example, the AIM screen name is no longer relevant since AOL Instant Messenger doesn’t exist anymore.

Other options such as ICQ are also redundant because no one uses ICQ.

Perhaps the best password manager when it comes to form-filling features is RoboForm Everywhere.

It has reigned supreme in this category for quite a while now.

And there are good reasons for it.

The chief among those reasons is that RoboForm includes some really uncommon options such as:

The ability of the user to fill out multiple instances of the same data field (and any data field).

Password managers such as 1Password don’t have that feature.

But 1Password tries to make up for it by offering the user custom fields that they can add to their profiles.

Whenever a user tries to navigate to a given Web form, most password managers offer the user to fill in the user’s personal data.

1Password takes a slightly more hands-on approach when it comes to features such as password replay.

Users have to press the combination Ctrl + \ in order for 1Password to show a menu of all available user identities.

Our research shows that AgileBits 1Password is pretty reasonable when it comes to filling the user’s personal stored data.

Users can store different phone numbers for,

  • Smartphone
  • Fax
  • Work
  • Home

Our fact-finding work tells us that 1Password can malfunction a bit at times.

For example, users should not find it surprising if 1Password fills the Fax field on a given Web form with the user’s home number and leaving everything else blank.

Moreover, it may also fill the SSN field with the user’s CVV code when it comes to filling out the credit card details.

Even with these flaws, users should keep in mind that each and every field that 1Password fills for them is a field that they don’t have to fill on their own.

Editing And Organization

Regardless of the fact if the user is operating on the official 1Password web browser extension and/or Windows application, the user has the facility of viewing and editing all of his/her saved logins along with any other type of stored data.

There are several password managers that help users organize their saved items neatly into specific folders.

Some password managers such as Sticky Password Premium and LastPass also support features such as nested folders.

1Password doesn’t do that.

It makes use of a tag system.

1Password gives the user the freedom to enable multiple number of tags for each given stored information.

We have already noted the fact that the current 1Password edition does have support for nested tags.

Users can create nested tags by separating different levels with the help of nothing but a backslash.

An example could include “Entertainment/Documentaries”.

Now, the user should have a clear idea that 1Password can help them manage,

  • Credit cards
  • Identities
  • Passwords

Additionally though, users can also use 1Password to add a whole array of other random data items.

Users also have the option of accessing all of the stored data from any of their devices.

But what are those “random data items.”?

These may come in the form of the user’s,

  • Social security number
  • Password
  • Driver’s license

Users who don’t like to bother with many configuration settings should know that 1Password tries its best to not test the user with them.

The one option that we would like to mention here is the security option that automatically logs out of the user’s account after it detects 10 minutes of inactivity.

Users have the choice of changing this idle time after which 1Password moves to do its work.

They have a choice of selecting the time limit from 12 hours to as low as 30 seconds.

The other thing that 1Password does is that it automatically locks the user out if it detects that the user has switched away from his/her Windows user account.

One of the new features that 1Password has introduced in the latest version is the user’s ability to unlock 1Password with nothing but Windows Hello.

Advanced Features

main_menu

The older versions of 1Password did not offer the password strength report feature for any other platform other than the Mac.

So Windows users always had to take the back seat to Mac users.

This probably hurt 1Password in terms of its sale numbers as most of the world still uses the Windows operating system as its primary operating system.

Thankfully though, 1Password now offers the password strength report feature on Windows as well.

This option is available for users right under the Security option that appears in the left-sided sidebar menu.

The Password Strength Report feature enables users to see a full list of their weak passwords.

It also shows passwords that the user has utilized on more than a single occasion.

Thirdly, it notifies the user of passwords that the user has not bothered to change for a really long period of time.

Users should keep in mind that 1Password’s password strength report isn’t the full and comprehensive security report that they would get with the likes of,

  • Dashlane
  • LastPass
  • LogMeOnce

There are other password managers who offer the security audit report as well.

Still, we think that it is at least better than having nothing.

1Password also has a feature it calls Watchtower.

What does the Watchtower do?

It warns the user of all the potentially compromised user passwords.

Dashlane and Keeper offer users something very similar in terms of reporting all of the user’s passwords that they think hackers might have exposed in various data breaches.

As one would expect, it is not possible to test features like this.

But, from the looks of it, it couldn’t ever hurt the user.

1Password’s Watchtower feature also makes use of haveibeenpwned.com official website to act as another check when it comes to detecting compromised user passwords.

But the more interesting bit is that it can also check the user’s saved websites against the official Two Factor Auth site.

After checking with the site, the Watchtower feature flags those entries where the user has shown a lot of neglectfulness and hasn’t taken advantage of the available two-factor authentication option.

There is also a Password sharing feature.

But this feature is only available in the Team and Family versions.

The other thing users should know is that 1Password doesn’t allow users to share their password just with any other online fellow user.

This is something vastly different from other password managers such as LastPass, Intuitive Password, and some others.

Additionally, 1Password hasn’t developed any mechanism for passing the user’s account to the user’s heirs after the user has left this world (hopefully for a better one!).

Users have the option of configuring many sites to utilize TOTP (or Time-based One-Time password) applications like,

  • Duo Mobile
  • Twilio Authy
  • Google Authenticator

These applications provide two-factor authentication for people who want to use smartphone devices to enhance their account security.

What do these TOTP apps do?

They basically require the user to enter a one-time time-sensitive code in addition to their passwords.

These apps help the user generate and then use that code.

Password managers such as 1Password come built-in with that type of authentication.

To use the features, users first have to register 1Password as a candidate for acting as the authenticator.

This isn’t really a problem because one has to do that with almost every other type of authenticator app.

After registering it, the user should have no problems in noticing that 1password would always show the latest available code alongside the site’s entry in the user’s password list.

To put it in simpler terms, the user will only require to use a single app in order to log in.

Most of the time, users have to make do with two apps, one for the password and the other for the one-time code.

Whenever 1Password detects that the user has logged into a given site, it quickly puts up the required one-time code in the user’s clipboard.

Once that is done, all that the user has to do if first press Ctrl + \ to bring up the menu and then press Ctrl + V to paste the code.

The very good Myki Password Manager and Authenticator, as its name would suggest to some, also comes packed with this very handy feature.

In fact, it doesn’t even require the user to past the one-time code from his/her clipboard.

Other password managers like Dashlane have the ability to even replace Google Authenticator.

1Password, as a password manager, did not have support for features such as two-factor authentication in its previous versions.

Password managers such as True Key have this feature as their major feature.

However, 1Password already had a system of validating the user’s new devices via the user’s Account Key.

If you think about it, the Account Key plus the user’s password does act as a kind of two-factor authentication.

Users who want to use their Account Key can access it from their emergency kit.

They can also access it from any of their existing devices.

The latest version of 1Password enables users to protect their 1Password account with the help of a full-scale two-factor authentication system.

Remember that, users would still require a separate authenticator application such as Duo Mobile, Twilio Authy and/or Google Authenticator.

If the user goes through the trouble of reading 1Password’s documentation, they will come to know that they don’t really have the option of using 1Password’s decent authentication skills in this scenario.

Why?

Because, according to 1Password, if the user does make use of 1Password as the authenticator app to sign in to 1Password account, that would actually be like the user putting the security key of a safe inside the safe.

How to enable the two-factor authentication feature for 1Password?

The process is simple enough.

First, the user has to log in to his 1Password online account.

Then the user has to click his/her name that appears right at the top corner of the screen.

After that, the user will have to click on My Profile.

1Password will show the user a new page.

From that page, the user has to perform a click on the option that says More Actions.

When that is done, the user has to click the option that says Turn On Two-Factor Authentication.

At this point in the process, 1Password will request the user for his/her master password.

After that, the user will have to scan the barcode that 1Password displays with his/her authentication application.

The next step is to enter the generated six-digit one-time code.

And that is it.

Now, whenever the user tries to log in to his/her 1Password account, he/she will be required to enter not only his/her master password but also his/her one-time time-based password.

What About Platform Compatibility?

interface

If the user installs 1Password on a Mac machine, it would offer the user a web browser extension.

The user can use the browser extension on a  Mac to capture and then replay his/her password in web browsers such as Safari and Chrome.

But that’s not all.

The Mac version of 1Password comes with quite a few new features that are still not available to users who are on the Windows platform.

With 1Password for Mac, users have the option of benefiting themselves with markdown formatting for the purposes of rich text formatting in their notes.

What does Markdown do?

It defines some pretty straightforward conventions such as italicizing words that the user brackets via underscores and boldfacing words that the user brackets via asterisks.

Moreover, the Mac version of 1Password allows users to move their stored items between vaults with the assistance of nothing but a simple drag and drop action.

Users also have the option of pulling a given item off directly into a given floating window.

That essentially enables users to keep the team in handy while they work on something in their web browser.

AgileBits 1Password representatives will tell you that all of these features will eventually make their way to the Windows version as well.

As far as the iPad and iPhone go, users get to have full access to all of their login credentials and other stored data.

When the user launches a site on iPad or iPhone, 1Password opens the site inside its own proprietary web browser.

To utilize 1Password features in Safari, the user has to copy and paste.

Safari does have  Quick Copy feature which helps users by automatically copying further fields as soon as the user fills just a single one.

1Password also has support for Touch ID.

The newest devices that come with FaceID features will find that 1Password also works with them.

Users can easily use their iOS device in order to enable the previously-mentioned TOTP two-factor authentication feature.

As far as the Android version is concerned, 1Password supports the fingerprint authentication feature.

There is an additional feature where the user can set a PIN code for all of his/her devices that don’t come with a fingerprint reader.

And just like in the iOS app, 1Password opens logins in its proprietary web browser.

That’s the default setting.

But users can modify the settings to enable 1Password to autofill login details in other web browsers as well.

Of course, before doing that, the user has to make sure that his/her device runs Android Oreo (8.0) or later.

1Password X

All of the web browser extensions we have mentioned in this 1Password review work only by forming a communication channel with the main 1Password app.

AgileBits 1Password also offers 1Password X.

It is 1Password’s standalone Chrome extension.

What does that mean for the end user?

That means users have the opportunity to use the 1Password X application on any given platform that has support for Google Chrome.

Because of this one fact, users can use 1Password on the Linux operating system.

1Password X successfully encapsulates the majority of the main application’s functionality.

There are a few exceptions though.

Overall, 1Password X has improved a lot from its previous versions.

For one thing, 1Password does not require the user to perform any special key combinations in order to use the password capture and/or replay features.

Whenever a user tries to enter a username and/or password, the 1Password X application shows the user a popup screen.

Via the popup screen, users can save their login credentials.

This is pretty similar to what other password managers such as Keeper and Dashlane offer.

1Password puts the option of saving the user’s credentials just below the given password field.

That is very convenient.

Following on from that, 1Password shows the user all available login options whenever the user revisits a webpage that has multiple saved login credentials.

All that users have to do is to look right under the given login fields and there they can find the options that 1Password presents to them.

Our research shows that 1Password does run into some problems when it tries to capture two-page login credentials like the one users regularly encounter on sites such as Amazon and EventBrite.

With that said, 1Password can still successfully manage to log in users using the already present user credentials in its system.

When 1Password X detects that the user is creating a completely new account, it jumps up and offers the user a suggested random password that it has generated via its password generator.

By default, 1Password X generates a 30-character password which makes use of digits and letters.

It doesn’t use symbols.

The latest version of 1Password enables users to have more control over the configuration options of their password manager.

Just like password managers such as Abine Blur Premium and others, the 1Password X password generator makes sure that it always includes lowercase and uppercase letters.

We recommend users that they should turn on options which enable the password generator to make use of symbols along with digits and letters.

The other thing we should point out here is that the 1Password password generators in the web extensions (which are reliant on the main app itself) and the app itself share all the settings.

However, that isn’t the case with 1Password X.

1Password X does have the ability to offer users memorable sounding passphrases.

This is something that 1Password web browser extensions and the main app offer as well.

Another unusual feature that we must mention here is that the 1Password X password generator can also assist users in ginning up a PIN code that only contains digits.

There is no limit on the length of such a PIN code.

In the beginning, some users may get this impression that 1Password X doesn’t have any support for those one-time time-sensitive passcodes.

And we can understand why.

If the user presses the combination of Ctrl + V, 1Password X will do anything to paste the OTTP code like 1Password did with its standard web browser extensions.

However, to use the passcodes feature, users have to first click on the 1Password toolbar button.

Then they have to select the website that they want to access from the shown list.

After that, they have to press the Copy button that exists right next to the code.

Previous editions of 1Password X gave users lots of problems when they tried to fill online web form fields.

The new version eases that by placing a keyhole symbol in the web form’s field that the user has currently selected.

If the user clicks the shown icon, 1Password offers the user to save the web form’s field data.

This isn’t something that one would expect if one wants 1Password to fill in the data rather than offer to save it.

Our research shows that if the user wants 1Password to fill the form then the proper way forward is to first click the 1Password toolbar icon.

And then select the wanted identity.

After that, just click the option that says Fill.

Needless to say, this is a pretty substantial improvement from 1Password X’s previous editions.

Users now can take advantage of the password manager configuration options and 1Password X, on its own, can fill out web forms equally as good as 1Password’s local application.

1Password X also offers a search function for users to search their vault via tags or names.

Doing so is pretty snappy.

Then there is the fact that the user has no obstacles in the way of using 1Password X on any given platforms that is compatible with Google Chrome.

Overall, 1Password X is a very useful standalone extension.

even_more_accounts

Conclusion

Anyone can try out AgileBits 1Password for a period of 30 days without paying a dime for the service.

What we mean to say is that, any user who finds what AgileBits 1Password offers interesting, should give it a go.

1Password has no trouble in syncing the user’s passwords along with all his/her personal data on multiple platforms such as,

  • iOS
  • Android
  • macOS
  • Windows

It is pretty solid when it comes to handling all password manager-related tasks.

Along with that, AgileBits offers the 1Password X standalone extension.

It allows users to bring their passwords to any and all platforms that have support for Google Chrome.

We’ll admit the fact that 1Password isn’t the best password manager when it comes to features such as form filling and password replay.

It offers less automation than some of the other competing password managers.

But that’s not a big problem.

Why?

Because users can easily observe if these problems are big enough for them during the 30 day trial period.

If the user decides that he/she doesn’t want to continue with 1Password then he/she can easily delete his/her account completely.

Some users would, no doubt, want more than what 1Password offers them.

For those users, there are many other password manager products out there in the market.

The commercial password manager market is pretty huge now.

There are choices such as Keeper and Dashlane.

Both of them offers users a wonderful and smooth user experience.

Moreover, both come with a sizable collection of some really advanced password management features.

Dashlane has the ability to keep and record user receipts for online shopping and such.

While Keeper has the ability to handle password for various applications pretty easily.

Both of these password managers offer good and secure sharing features.

Dashlane and Keeper also allow users to assign an heir for their account.

The heir would inherit all their information in the case where a user dies.

As far as competence on password management tasks goes, we’ll have to put Dashlane and Keeper ahead of 1Password.

Zohair A. Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Leave a Comment