I resisted getting a password manager for the longest time. The promise of easily creating and actually using strong passwords for all the online services I use sounded great. It also sounded like a lot of work, because like many people, I have a ton of accounts scattered to the four winds of the Internets. Even though I knew the actual time invested in doing this is minimal and nearly all “up front,” I used that as a lame excuse to not do it. After reading Mat Honan’s “epic hacking” horror story and other security articles, I decided it was finally time to buckle down and get a handle on securing my digital world. After reading a number of reviews and talking to a few friends who use it, I purchased a copy of 1Password. The feedback for this product is overwhelmingly positive, and after using it for a few hours, I have to agree.
Purchase, initial setup of the application, the three supported browser extensions, and iOS installation to my iPhone and iPad took me close to an hour. Why so long? I take the time to thoroughly read documentation before diving into anything new. I don’t want to miss any steps on a tool that changes something I do repeatedly throughout the day, every day. I don’t mind learning something new if it’ll save time and make me more secure over the long run.
My main concern was securing the big stuff called out in Mat’s article, i.e. Facebook and Twitter. Setting up my first account (Facebook) took about 5 minutes, because I wanted to make darn sure I wasn’t missing any steps. After some careful copying and pasting (I chose “very secure” passwords of ridiculous lengths), I logged out. I held my breath slightly as I attempted to log back into my Facebook account by simply clicking the browser extension button and…it just worked. Frankly, it was a little anticlimactic. However, after setting up a few other accounts, this whole process started to feel a lot sweeter, especially with services where I have more than one account. Definitely easier than letting the browser manage them for you. You know that service you use every day that has that login form that’s pre-populated with one of several often-used usernames? The one where you only have to click the “submit” button to log into one of three possible accounts? Yeah, that random process is now replaced with a far more reliable and secure login.
Another cool feature 1password has is synchronization via dropbox. Since I already have a dropbox account, this only took about ten minutes to set up on my iPhone and iPad. Adding a password in one place made it available to all my devices. Very slick.
So far, I’m very pleased with 1password. Was it cheap? No. At $49.99 in the Mac app store, plus $14.99 for the universal iOS app (iPhone / iPod / iPad), it’s probably the most expensive solution of its type. However, it IS very easy to use and encourages creation of very strong passwords. In my opinion, $65 is super-cheap insurance, especially compared with having your entire digital life erased or stolen. If someone were to demand my Facebook or Twitter password at gunpoint (a ridiculously extreme example to be sure), I honestly couldn’t them what they are.
My biggest question now is “why on earth did I wait so long to do this?” I’ll update this post after I’ve spent a little more time with the product.
UPDATE 8/20/2012: One downside discovered today is that my wife could not purchase schoolbooks for one of her Masters classes using my Amazon account (the family shares my account). The phone call was a little funny: “why can’t you tell me the new password?” Me: “Because it’s a ridiculously long random string I can’t even remember!” Not really a downside, but an inconvenience. It’ll also be a pain in the butt to enter this new password on my TV for Amazon Video…