- So it's been a little over a year now since my bank account was hacked and I first started using
1Password to secure myself online. And if that's happened to you before, you know just how terrible and invasive it feels to be hacked. Well, I've been using the
software daily over the past year and in this review, I wanna share with you
the things that I like and I don't like about 1Password, give you a quick look at the
desktop and the mobile apps and finish by discussing
the security risks involved. Hi, I'm Josh and if you're
new to this channel, I'm a huge advocate for
personal online security. Now you're obviously in the market for a password manager app and 1Password is one of a
handful of different companies that have a good
reputation in this market. Now if you've never used
a password manager before, 1Password is like every
other piece of software and that it helps you to create
strong, excellent passwords and it stores those
passwords in a secure vault behind a single master password. It syncs that vault
between different devices, whether that's your computer, your tablet or your phone and finally it monitors the
health of your password profile. That's what it does. However, every password manager
takes a different approach in how it accomplishes this. I'm gonna explain a few
features that I like and don't like about 1Password but if you'd rather jump ahead
to the tour of the software, you can do so using the
time marker you see here. Let's start with one of my
favorite features in 1Password, the Family Plan. What this means is that my Family Plan covers all members of my family which could include my parents,
my wife, my sister, my kids, any other immediate of the family members. We can each have our own private vault and then share a family vault. The shared vault could
store passwords we might use such as Netflix, Hulu, Disney Plus. Another unique feature of 1Password is something known as Travel Mode. Now for those of you who
travel internationally, this could be something useful for you. You have the ability to go in and mark certain vaults
as safe for travel. It then removes those
vaults from my devices that might be extra
sensitive while I'm traveling and when I return, I can
reinstall those vaults. This gives me confidence that
my data can't be compromised even if I'm forced to unlock my device, which I have been forced to do while traveling internationally before. And finally I wanna point out the Watchtower feature in 1Password. Most password managers
have a similar feature, but I really like how 1Password
has developed Watchtower. This is something that helps you monitor the health of your password. It tells you if you have weak passwords, it tells you if you have
duplicated passwords, it tells you if there are certain logins that allow you to have
two-factor authentication that you may or may not be using. And best of all, Watchtower
monitors external breaches to let you know if any
of your current logins have been compromised in any
way and need to be changed. So for example, the U.S.
department store, Target had a data breach a few years ago. Well, Watchtower notified users that the Target information
had been compromised and they needed to change their passwords. Now, there are two things
that I wish I could change about 1Password that
I'll share with you here. First, I wish there was a
free version of 1Password similar to how Dashlane offers a limited but still a free version. Now 1Password does have
a 30 day free trial, but it's not the same and I think it could be done better. Secondly, I wish that I had the option to purchase the software and maybe even future upgrades later instead of having to be forced
into a subscription model. I know many people who would much rather store
their password vault locally on their computer as opposed to passing it
onto the 1Password servers. Now, 1Password does offer this as an advanced feature
option to store it locally, but you still have to pay
for the subscription service. This was a business decision that was obviously made
with profits in mind and not the end user. Okay, before we cover the
important security features, let me give you a quick
tour of the software, both on desktop and mobile. On my computer, I've installed both the app and the browser extension for Firefox, which I use instead of
Chrome for security reasons. Now, I'm gonna show you both, but to be honest, I use the browser
extension a whole lot more than I do the actual app. So we'll start with the app. Obviously I'm going to have
to put in my master password to get in, but once we do, I've got
access to my private vault and the shared vault that you see here. So the private vault is the
one that's specifically for me and the shared one's the one
that I share with my wife and any other family members. So within this vault, you've got your favorites
here on the left, you've got your Watchtower, which we'll walk through, which we've already walked
through, I should say. And then different categories
where I've got logins, I keep secure notes. If I had any credit cards, which I don't put any credit
cards in my 1Password account, identities, any documents
and then passports. I keep all the passport
information for our family in here as well. Now, when you look in at
the different preferences, what you'll see here is that you've got your
general preferences to show 1Password in the menu bar and different keyboard shortcuts. There's, you can open
1Password to suggestions, but really the importance
that you need to think about with the preferences is the security. Do you wanna allow the Touch ID? Which I do. I like being able to use
my Touch ID for my laptop and I like using Face ID
for my mobile devices. Do you wanna conceal your passwords? Yes. Auto lock and how long we lock for. We've got, I've only got one account. How I set up my Watchtower, I do check for two-factor authentication 'cause I do like to use it. You can check for vulnerable passwords. You can ask before checking
for a secure connection. And then of course all
the different things related to the vaults. Always open all the vaults or I can just open the
private vault if I wanted to and then, which is the default. My default is I'm always
gonna save to my private vault unless I say otherwise. The browser, I like using
the browser as I said before. I'll show you that in just a moment. And then how do we check for updates? And I like to automatically
check and use the updates. And the advanced features. This is something that allows you to put your local vault
here on your computer so that you're not necessarily syncing it to the 1Password servers. You can, for the sorting, you can show numbers and symbols first. These are, some of these are just, I don't necessarily call them advanced. I would say that they're
mostly unnecessary unless you are specifically
wanting to do something and integrating a third
party app, for example. But most of the time, like I said, this is not an app that I open up and use. What I would normally
use would be Firefox. So I'm gonna open up Firefox. Let's say I wanna get into Trello. So I'm gonna open up Trello and I'm going to log in. Now, I already have,
if you see right here, this is my, I've already unlocked it, but this is my browser extension up here that's in Firefox. So what's gonna happen is
when I click on the email, it's going to give me one that I can automatically autofill and when I click that, it's going to autofill
it with the password and the email address and then I can just log in. On the flip side, I can also use the
1Password browser extension to create a password here. So if I was creating a password for this test account in Trello, I could actually go in and
say generate a password and then it would generate that and automatically prompt me
to save that in my private or I could save it in my shared vault. It's really up to me. Well the mobile app works
very similar to the extension and then it mostly
works in the background. Once I've set it up, when I want to log into an account, I just click on this password and it uses either my
password, my master password, which I have to type in or a biometric ID, which
could be my Face ID to autofill the password. Now let's open up the
actual app on my iPad so you can see what that looks like. Okay, we're gonna start by
launching the 1Password App which uses my Face ID to
open and verify my identity. You can go into the settings and security if you'd like an advanced security and change that to be a
pin code if you'd like and so that you'd not using
biometric data to do that. Now, as you saw here
within the categories, we've got space for login, secure notes, identities, documents, passports, all the stuff that you
had in the desktop app and it looks exactly the same. You can still sort it
by tags and favorites. And then in the settings you've got a lot of different
options for security, when you can lock on exit, how many minutes before it auto locks, whether you can use Face ID, whether Watchtower's enabled. Autofill, you can use it with Apple Watch, but it has to be on an
iPhone, not an iPad. I don't have an Apple Watch, so it doesn't really matter. And then of course you
have advanced features where you can import a vault, allow custom keyboards, or as I showed you, a few
extra security features. Okay, I'd like to shift focus to address the concerns
that most people have about trusting all of their
most sensitive password data to one company and 1Password security. While 1Password has a number of security features that work in the background while you're browsing the internet and most of the time you won't even know that you're being protected from a threat, the most important thing that
most people wanna talk about is the encryption of their password vault. The best way that I can explain this is that 1Password has designed
three layers of protection. The first layer is your master password which gets you access to your vault. Only you know this so theoretically, 1Password
can't access your vault even though it's on their servers. But the second is a security key that is stored on each device that is set up as a trusted
device with 1Password. It's almost like a second master password that only your device knows and both passwords have to be present in order to unlock the vault. You know, in those movies where the two keys have
to be inserted and turned in order to verify a missile launch? Well, it's the same here. Both you and your device have to provide these secret
keys and master password in order to verify and unlock the vault. The final layer of security is what 1Password calls secure remote password, which is just a complicated way of saying that they encrypt the data between your device and
the 1Password servers. All of this is designed to make you feel secure
about using 1Password and storing all of your
passwords in their vault and they've done a good job, but there's nothing you
can do to convince me that a piece of software or
an encryption is hack proof. You can call me paranoid, I don't care. I will never put all of my
eggs in one security basket and that's why I add an
extra layer of protection in a form of a double-blind password. Now I've gone into a deep
explanation of that in this video that I highly recommend you watch, but the short version is that
even if somebody were to hack into my 1Password vault, the passwords that are there
are not my actual passwords. They don't work. All right, so final verdict time. Is 1Password really a
great password manager app? I've been using it
religiously over the past year and I can honestly say that I think it is. If you're still writing
down your passwords or repeating the same
passwords for multiple logins, do yourself a favor and just
try 1Password for 30 days. I have links in the description below. They are affiliate links, but it's a good thing to try
and it's worth the effort. Passwords are the key to
our digital front door and it might be time that
you upgrade your lock. Thanks for watching. Please like this 1Password review, subscribe to the All
Things Secured channel and if you have questions about 1Password, I encourage you to leave
them in the comments below and I'll do my best to answer
every single one of them.
