1Password is a password management system employed by enterprises to store employee passwords. 1Password allows users to save complex, strong passwords without memorizing them. 1Password is owned by the software company AgileBits.
How does 1Password work?
1Password is available through the company’s web page, but it’s also commonly downloaded as a browser extension. This extension means that users don’t need to have a 1Password browser window open to access their passwords.
Users will either set up 1Password as individual users or through an invitation from their organization. They will create a master password that allows them access to their account and vaults. This master password is the only password that users must remember, but it’s crucial that they know it perfectly. The master password is the only way into the 1Password vault, unless a user has their account’s encryption key stored secretly (which isn’t common). The account encryption key, called the “Secret Key,” is stored within a user’s account on 1Password.
Extensions for browsers allow users to automatically save new passwords and logins. 1Password offers browser extensions for the following browsers:
Once users have created a new username and password for an account, a 1Password window automatically pops up, asking if they’d like to save the information in 1Password.
Also Read: How to Use a Password Manager
Once a user has logged into 1Password once, using their master password, they can autofill other passwords for the duration of their computer session. For security purposes, the autofill functionality ends when the user shuts down their computer or even puts it to sleep briefly.
Users can create vaults for specific sets of passwords. If they want to safely share a password with a coworker, they can add that employee to a vault.
How 1Password protects information
Requiring a master password is a protective measure: only the user should know their master password, and that password is required for each login. Because 1Password also stops auto-filling passwords every time the computer is shut down, if an attacker were to log in, they would not be able to fill passwords without knowing the user’s master password.
Password security plays an important role in protecting enterprises’ sensitive data. Password managers like 1Password make it easier for employees to create secure password habits, like sharing through vaults instead of plaintext and using unique, strong passwords.
Additional 1Password safety measures
If users are truly concerned about sensitive data being stolen through a password management system, there’s a more involved option for protecting passwords. Before setting every password, they can choose a four-key identifier that they’ve memorized. After saving a password in 1Password, they’ll edit it and add the four characters. The associated account will require the user to enter that key, but 1Password will not store the final four digits of the password. This means that even if someone breaches the 1Password account, they will not have the full password and will be blocked from entering all the user’s accounts.
This method, called the “double-blind” password protection method, isn’t necessary for many passwords, but if employees work with a bulk of sensitive data, they might want to use it for those accounts (perhaps databases that store customer information).
Another safety measure involves international travel: Travel Mode allows 1Password users to mark vaults with non-sensitive data as “Safe for travel,” but when they activate Travel Mode, every vault they didn’t mark is temporarily removed from their device. No longer can they access that data, nor can any border agent to whom their data would otherwise be exposed.
1Password vs LastPass
LastPass is another extremely popular password manager. It serves many of the same functions, such as storing passwords in secure vaults and requiring a master password. LastPass requires only authentication to log in (entering the master password), while 1Password uses both authentication and encryption for the login process. This means that if an employee gets locked out of their account, they must have an encryption key to access their account again. It also makes the account more secure than a solely authentication-based system and takes access capabilities away from gatekeepers (such as a company admin or 1Password itself).
LastPass offers multi-factor authentication, which 1Password, being both authentication- and encryption-based, does not. LastPass offers more directory integrations, while 1Password supports native applications for more devices.