Why 1Password is the best proprietary password manager

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys Sun here I'm a technologist with an itch for privacy and you're watching the privacy guides in last episode we went about setting up Mac pass a great open-source password manager and I explained and perhaps way too much detail why using a password manager is an essential thing to do when you're using technology I also mentioned why choosing a good master password is really really key if you don't want all of your passwords to be vulnerable to hackers and I mentioned that using a passphrase is a great way to have something that you can remember in your mind but that ticks the boxes when it comes to what a great password should be so if you haven't seen the video I recommend going and looking at it and if you have or if you know your way around passwords and stuff well today's video is going to be about why I totally love one password when it comes to you know wanting a password manager that has all the security features we're looking for but that also has great convenience features such as making it really easier for you to enter passwords and synchronizing and that's really the big one synchronizing your passwords between your devices ok so I have to admit first that Mac pass is open-source and I really really favor open-source peer reviewed software versus proprietary stuff like one password but there's a spectrum there's a spectrum between total you know convenience and total privacy and security open-source unfortunately tends to be really on this side so it's very secure it's very private but it really lacks convenience and because of that a lot of people decide to just you know not be safe and go to this other extreme I think one password is one of those products where you're really closer to security but still have a pretty decent amount of convenience so yeah one password you guys made a great job at building this thing yeah so this video is not at all sponsored by one password by the way and I have tried in the past I've tried a few others but really one password stands out because of you know overall user experience and one killer feature and I'm so excited to discuss this feature with you guys today and that's local synchronization between your devices so all of the mainstream password managers have something in common they use a proprietary cloud to synchronize your passwords to the Internet and then from your devices the devices themselves will pull that backup from the cloud and that's how synchronization works now I really really don't like the idea conceptually that my passwords are leaving my devices they're going to the internet and are lying there in a database of passwords somewhere in the cloud yes the passwords are encrypted on your devices before leaving for the cloud but I still don't like the idea that the passwords are there somewhere in the cloud and that's where one password stands out they have a feature that allows you to synchronize your passwords using your local network and those passwords are never sent over the Internet and that really makes me happy so I want to share this with you if you're already a 1password user you're probably gonna want to skip this first part of installing one password so I'll put a link in the description that will fast-forward through this but for those of you who have never used one passwords you can go ahead and listen and for those of you do have a one password account well there might be a few tips that are worth your time so let's jump in okay so first things first let's get started so I'm an individual so I want to go into personal side and I want to go ahead and try one password for 30 days and this will eventually cost you about $3 a month building great software such as one password takes an enormous amount of time and a great big team I I'm also a software developer I have my own startup I think that the tree dollars they're asking per month is extremely reasonable so you should consider it ok so what we call you let's go ahead John Doe what's your email boom now they want to make sure that I'm actually the owner of that email account so give me a second I'm fetching my email okay so verification code is four nine five eight zero nine enter okay as this is a demo we won't be adding a credit card right away and it's time to choose a master password so okay this video is a little confusing at parts I'll try to break it down really clearly but one password in the same way as all other password managers it wants you to use their cloud and you're essentially paying for the software but you're also paying for the cloud we're not going to be using the cloud but we still need to create a master password as if we were going to be using the cloud so that password consider it the same level of security that you're looking for then your Facebook account your Google account you know you're ready to count so I'm gonna go ahead and enter a password that I consider safe enough but I would never use that to encrypt all of my passwords so the one that I'm gonna be entering here is as you can see it's not extremely long but it uses pieces of words that do not exist in the dictionary so it's actually pretty hard to hack that but it's not long enough to encrypt all of your passwords now once this is done it will ask you to download an emergency kit to your file system and if you guys are using time machine and I highly recommend using time machine for backups if you are or if you want to always make sure that you encrypt your backups but the other thing that you have to know is by default everything on your Mac will be backed up and that's okay but I find it really helpful to have specific folders that never synchronized to backups that way if a foul is written there and I deleted it I know it's deleted everywhere so to achieve this if you go in system preferences and you then go in time machine you want to go in options and you want to make sure that you have folders and I highly recommend putting the Downloads folder there so those are folders that will never be backed up essentially so I have desktop and downloads so if that's done and I hit download and it saves to the download folder well I know that if I delete that once you know our setup is completed it won't be in my backups so that's super cool once we're here I can hear you guys a lot of you will freak out that I'm not enabling two-factor authentication and I absolutely should as I mentioned in my previous episode you always should have a password manager and different passwords for all of your accounts and you should always use two-factor authentication but 2fa will be the subject of probably the next episode or the one after that so for the purpose of today's video I won't be enabling it but you should absolutely do it by the way you should smash that subscribe button and stay tuned for the next video on 2fa okay so let's get the apps if I download one password for Mac and save it to my downloads folder I can then go ahead and install it using the package installer everything here is cool the defaults are pretty generic quit one password okay not sure why it's asking me this but I'm guessing okay by the way I rehearsed for that video before so I'm thinking I didn't delete one password before doing this run but well suppose it was so you won't have that window it's just gonna go through like butter I know I did delete all of my kind of preferences so I mean for for the purpose of this video it's all gonna be cool it now wants you to enter your master password that's the one password account password it's not the one that we'll use later to encrypt all your passwords locally it's the one that you entered when you create the account and once we're in well do you want to put it in the menu bar and have it in the background sure so one of the features that stands out for me in using one password is I actually I absolutely love this thing here this allows you wherever you are in your computer to really quickly go here and copy a password I mean the UX of one password is just phenomenal okay so let's go ahead and enable local sync okay if you hit one password and you go into preferences and then you go into advanced ah I love that feature there's a way to allow creation of vaults outside of one password accounts this is such a great feature so this right now we're entering your one password account password this will absolutely look confusing to you because you'll be like well son you said that we're not using that password to encrypt all of our passwords but we're now creating a primary vault with that password you're right we'll be changing it in a second so let's create it and once this is done you want to go in security and change it and that master password is the password of the encrypted local vault it's not the password of the account they're gonna be separate so that's totally cool because you don't want them to be the same so let's change it and this is the one that's a little weaker here as you can see by its length and now I'm going to enter a passphrase I'm gonna enter the same one that I discussed in my previous episode on password managers so it's something that uses it's a passphrase and it uses words that are not in the dictionary and that's really great so it's something that's at least twenty eight characters long I think this is 32 and it's not something that you can crack using a dictionary attacked it's something that you would have to brute force by the way when you enter that password you need to make sure that no cameras are recording you so if you're in an internet cafe or it's cool or at the office and you just go about type this chances are a camera will have that password and with that password someone can get into all of your accounts so I recommend using this gonna look a little weird but if you're in public I recommend using a thermal blanket okay if you cover you while you're typing your password so if you add a little bit of drama in this video I'll show you what this looks like turnable blankets have amazing properties that will reflect your heat so if someone is using an infrared camera to try to record what you're typing true you know a piece of cloth or something it's really gonna help so what you want to do and I'll put a link to this one this one has a pretty good quality fabric I'll put a link in the description but what you want to do is you want to put it over you and over the keyboard and then and then when you're typing your password well no one can see it now hopefully I typed the same thing twice change password oh yeah it needs to use a password hint you never want to put a hint that actually makes any sense right and that goes for security questions online that will be the subject of another video again if you're into this stuff smash that subscribe button the one I tend to put is slow down and the thing is you always want to type those passwords so fast so no one will see it if you're nervous like this use this you use the blanket use the terminal blanket man that will do it so slow down is my password hint and now that this is done that that password there is in my mind nobody else knows it so obviously if I die no one can access this so the subject of an episode in the future I don't know when because that's a really complicated topic we'll want to talk about you know how do how to allow others to perhaps have access to your passwords how can you the word I have in French is just self success the only I'm trying to find that word in English but essentially like if you die like how can you what's the word for this anyways how can you pass your legacy on to your kids or your wife or to your husband to that person or people you love so that will be the subject of another episode it's a really complicated subject but we'll keep it for a bit later for your time being if you really trust your spouse or something you can give that password to that person and you know make sure that person enters it in their password manager and names it something that's totally unrelated to you that way if they get hacked it's not easy to know that that was the password to you know your password manager once this is done if you click on WLAN server that's where we get to enable the W LAN server that will use to synchronize your passwords between your devices now as we configured our firewall in a really effective way I mean that's actually the topic of the first episode of this series and you can go ahead and look at it look at it it's how to configure Mac OS for privacy we discussed how to set up the firewall so I'll go really quickly like I'll reshow you that little part okay if you go in System Preferences and you go in security and privacy and you unlock this okay as I mentioned earlier this is a really shitty password I'm only using this because you guys are seeing it at the camera and I unlock it and I go in firewall options I am not automatically allowing built in software or downloaded signed software to receive incoming connections that's why this window popped up and you also want to make sure you're in stealth mode so because of that I need to authorize all apps to be able to come in in this specific case I know that I'm installing a server on this computer that will be used to synchronize my passwords and I trust one password so I'll go ahead and allow it once this is done I now need to switch to my iPhone so let me start recording on my iPhone okay let me see okay so I'm now recording on my iPhone so this is the window you get when you pop up when you pop up when you pop open one password for the first time if you go to the bottom of that window you'll see that there is a WLAN server thing and this is always a little quirky here I'm not sure it I guess it's some kind of a bug but you have to kind of go out of one password and go in again and once this is done your computer will appear if you click on it it will ask you for the secret code that's the code you have here on the computer so let me type this in okay by the way that security code or secure code I don't know how it's called that's what's used to make sure that the connection between your device and your computer is very well encrypted and then you need to enter your master password and that's the passphrase that we just created so let's type that in and we're in now it's gonna ask us to oughta feel auto-filled passwords I never recommend using any autofill features and I also don't recommend using browser extensions on the Mac OS side of things I'll discuss this in a moment so you want to go ahead and say done now it's gonna ask you to use your fingerprint to unlock your passwords I highly recommend never using biometrics for your password manager your two-factor authentication app or any crypto wallets you may have you don't want that because I mean you want to use biometrics to get into your computer that's something that you'll do like a hundred million times a day and the password that you chose for your computer is something you can type really quickly that was a subject one of the subjects in my first episode on Mac OS for privacy so the password that I called a hardware password the password to your iPhone or to your computer that's something that doesn't need to be hardcore complicated but the one that we chose the passphrase we chose for your vault that's something that's extremely complicated that you the only you know in your mind so using biometrics means if ever I see you type the password to your computer okay and I then take a baseball bat and whack you on the head I can take your face and unlock your iPhone with face ID or take your finger and unlock your password manager so I only need to see that one password and then I smack you on the head and I'm in by the way that kind of risk factor is called what we call OPSEC operational security that will be the subject of a few more videos in the future so if you're into that smash the subscribe button but for now we're going to make sure we never use touch ID for the password manager so now that now that we're in if I click on favorite let me see here oh actually that's quite interesting let me see on my Mac and I forgot a little step but it's actually great because we'll see this if I go in my personal vault all of these are now on the cloud or under password cloud if I take them and I move them onto my Mac that means I just removed them from the cloud and they're now on my Mac and that's where we're gonna be creating other accounts so let's go ahead and just create one for reddit if I click on login reddit whoops and then if I go here and I type my John Doe and I go ahead and create a password you always want to make sure that you use at least twenty eight characters long and four digits and four symbols once this is done so I mean I'm essentially guessing that you're like creating a reddit account here or you're changing your password for a more secure one once you hit save we have a reddit account so it was created on my Mac this account will never make its way to one password servers it's actually stored locally on our computer but how do we get it to appear here well if you go in settings now that we moved a few passwords over to the Mac side of things they're no longer on to the cloud if you go in sync and you sync now okay now if we go back to favorites well actually there's no favorites if we go to categories sorry and you hit all items there they are so we have synced our passwords over the local network without ever having those passwords in an encrypted form leave to the Internet I mean that's such great UX that makes it very convenient for you guys to synchronize your passwords without them ever leaving your local network so obviously this will work when your iPhone and your Mac are on the same Wi-Fi network I wouldn't recommend doing this stuff when you're in an internet cafe or when you're at work I recommend doing this only when you're at home because you trust the network more that being said it is encrypted using the security key or whatever it was called okay so I'll stop the recording here on the iPhone because we're done and a few last things I mentioned earlier that I don't recommend using browser extensions so if you go ahead and open Safari and hopefully we're gonna get this little prompt here maybe we're not getting it as I mentioned I rehearse for this video so I mean it would be asking us to install a browser extension and what that browser extension does you know it you probably have a password manager already I mean it will automatically fill in your credentials when you go on a website such as reddit or whatever else you know the thing is if the website is compromised it it might fill the credentials in a box that you don't want to and a lot of those password managers will actually trigger an Enter key to like log you in and automatically when you're on the login page which means you could be it could like the technology could log you into a website that's trying to put together a phishing attack so I always recommend doing to stuff by hand the reason I absolutely love one password is this here and local sync so if I want to have my reddit password I just have to type reddit and I can copy the password so let's say we go on reddit.com I don't know why I'm doing this in Firefox act in Safari let's pop open Firefox by the way setting up Firefox for privacy is a subject of one of my previous episodes you guys should look at that one so if you go on reddit.com and you log in right I don't want to have a browser extension here that's gonna do stuff like this I much prefer clicking here typing reddit copying the password pasting it in and then I just type John Doe obviously I could have copied the username as well by clicking here you know and pasting it there and then we login that's a fake account so that won't work but never use browser extensions never use autofill on iOS that's a less secure approach okay so I think we're pretty much done for this video I mean you now have we can close this here we now have a one password account in the cloud that we're never using the one here and we have all of our passwords on a local vault that's encrypted with a passphrase that's 38 characters long that someone cannot hack using a dictionary attack we have amazing UX to like edit and create credentials we have this marvelous little thing up here that allows us to really quickly go and copy a password yeah so I'm pretty stoked about this now let me just really quickly check if we're missing anything in the Preferences so if I go in general everything here school Meany that's totally fine security lock after computers ideal for five minutes that's great that will clear the clipboard meaning once you copy password within 90 seconds it's going to be cleared account that's cool you still need to pay for an account if you want to be able to use the apps so we're now in trial mode so everything's cool watchtowers fine I mean it's gonna check for compromised websites it's gonna tell you if a site was compromised stuff like this I'm gonna uncheck check for two-factor authentication the reason why is as I mentioned earlier I highly recommend having your two f8 app did I mention this earlier perhaps I have it in this take but so you always want to factor authentication to run on a separate piece of hardware so it can be an app on iOS it can be a UB key this will be the subject of one of my next episodes so make sure you subscribe that's gonna be a really key one involves we can see that we have our personal vault in our primary which is actually on the computer vault for saving is now on primary by default so it's never gonna save to the cloud it's gonna save to your Mac which is amazing ok so require if you have one pastor and suffer other web browsers we don't need to enable this here we don't need to enable that as well as I said I don't recommend using browser extensions yeah now synchronize that's what we did initially also sync bring evolve with we're not using those features but as you can see you can actually synchronize things over iCloud Dropbox or a folder that's great but we're using the wireless LAN or WLAN I don't know why it's called I guess wireless LAN but whatever and if we go into backups we can go ahead and back up now so the way that works is one password will make will create backups automatically on a regular basis and it's going to write those encrypted backups to your filesystem those backups will be synced using time machine but in another video I'll explain how you can synchronize not synchronized but backup those backups onto a USB stick or something like this I'm a huge fan of the Samsung bar I don't know if this one focus here I'm a huge fan of those little USB thumb drives you're made out of I think it's stainless steel and they're water-resistant xray resistant so in another episode I'll discuss how to do backups really well and in updates well you don't want an app to automatically install updates that goes for any piece of technology you want it to tell you when there's updates but you don't want it to install updates you want to have full control on the software you're running and and then in advance while that's fine we enabled this all of the rest is perfectly fine so there you have it guys you now have a fully functional one password account that synchronizes your passwords between your devices using your local network you're using a really robust master password to synchronize not to synchronize but to encrypt your local vault and it's something that's usable that's secure yeah so I think I pretty much said it all I hope you guys enjoyed the video if you did drop a comment or smash that like button and I'll see you in the next video next episode goddamn it next episode bye

Info

Channel: Sun Knudsen

Views: 61,741

Rating: undefined out of 5

Keywords: Privacy, Security, macOS, Password manager, 1Password

Id: eu3iP1njMRI

Channel Id: undefined

Length: 27min 20sec (1640 seconds)

Published: Mon May 04 2020