Review: 1Password

I started using Siber System’s RoboForm Password Manager in 2007 after a colleague recommended it.  I tried their free version briefly and then happily shelled out $20 for a license.  Since then, I’ve had different passwords on sites and have increasingly made them more complex over the years.  When I decided to leave RoboForm, mostly due to wanting better mobile applications and a distaste for their subscription model, I test drove both LastPass and 1Password.  Ultimately, I ended up with 1Password and still feel like it was the right decision.  I liked their integration and over time, their one-time license fee is a better bargain than paying a subscription fee annually.

Here are some things I really like about it:

Works across Windows, Mac OS X, iOS and Android OS.  The only one of these I no longer use is Android OS, and while I don’t have the premium version of the iOS app (can’t really find a justification for it when I really only need to be able to copy login passwords) I’ve only paid for the Mac and Windows versions.  The bundle will set you back $65, but it’s a perpetual license for that major version, so it’s cheaper than paying $20 year for RoboForm.

Security checks for weak or duplicate passwords, or logins for sites that have been known to be breached.  It also tells me the age of my passwords so that I can easily identify when ones are due for a periodic change.

Custom fields for security questions.  I don’t use real answers to security questions.  I want fewer people (companies) to know personal details about me, so why would I store things like my mother’s maiden name in the systems of companies I don’t really trust will be good stewards of that data?  I use complex passwords for the answers to security questions and I can create per-login custom fields in 1Password to store these answers.  This also makes them easy to copy/paste from mobile or on a laptop or my desktop.

Stores all sorts of custom items other than logins.  I don’t use this as much as I should, but 1Password stores credit card numbers, network logins, passport data, etc.  It’s a good place to have all this stuff encrypted but accessible.

Cloud-based storage that I control.  I can choose to store my login data locally or on Dropbox.  It doesn’t have to sit on some company’s servers where I forgo control of it (keep in mind that this is exactly what you’re doing if you store it on Dropbox though).  I’m not paranoid enough to have a problem with storing it on Dropbox, and only storing it locally would kill the option of having your devices in sync unless you do so manually from time to time, but I love that I have control over where my password data goes.

Complex password construction that can be adjusted on the fly.  I wish all sites would (a) permit complex passwords and (b) allow all characters, numbers and symbols.  They don’t though.  I can easily adjust 1Password’s password generator to use the length or variety of character types that I need for a specific site when necessary during the password generation process.

Now if we can just get sites to stop blocking pasting in their password fields, we’d be in great shape!