Table of Contents
    Home / Definitions / 1Password
    Security 6 min read

    1Password is a password management system employed by enterprises to store employee passwords. 1Password allows users to save complex, strong passwords without memorizing them. 

    How does 1Password work?

    Along with browser extensions and freestanding applications for macOS, iOS, Windows, Android, Linux, ChromeOS, and command line, 1Password is can be downloaded as a mobile app on iOS and Android phones.

    Users will either set up their accounts as individual users or through an invitation from their organization. They will create a master password that allows them access to their account and vaults. This master password is the only password that users must remember, but it’s crucial that they know it perfectly. The master password is the only way into the 1Password vault, unless a user has their account’s encryption key stored secretly (which isn’t common). The account encryption key, called the “Secret Key,” is stored within a user’s account on 1Password. 

    1Password is also commonly downloaded as a browser extension. This extension means that users don’t need to have 1Password’s browser window open to access their passwords.  1Password offers browser extensions for the following browsers:

    Once users have created a new username and password for an account, a window automatically pops up, asking if they’d like to save the information.

    After first login using their master password, 1Password autofills all available passwords for the duration of their computer session. For security purposes, the autofill functionality ends when the user shuts down their computer or even puts it to sleep briefly.

    Users can create vaults for specific sets of passwords. If they want to safely share a password with a coworker, they can add that employee to a vault. 

    In addition to individual, family, and tiered ed enterprise plans, 1Password offers a two-week free trial.

    How 1Password protects information

    1Password uses AES 256-bit encryption to protect passwords. Each vault is encrypted and hosted on AgileBit’s secured servers

    Requiring a master password is a protective measure: only the user should know their master password, and that password is required for each login. Because 1Password also stops auto-filling passwords every time the computer is shut down, if an attacker were to log in, they would not be able to fill passwords without knowing the user’s master password. 

    Password security plays an important role in protecting enterprises’ sensitive data. Password managers make it easier for employees to create secure password habits, like sharing through vaults instead of plaintext and using unique, strong passwords.

    Additional 1Password safety measures

    If users are truly concerned about sensitive data being stolen through a password management system, there’s a more involved option for protecting passwords. Before setting every password, they can choose a four-key identifier that they’ve memorized. After saving a password, they’ll edit it and add the four characters. The associated account will require the user to enter that key, but 1Password will not store the final four digits of the password. This means that even if someone breaches the 1Password account, they will not have the full password and will be blocked from entering all the user’s accounts.  

    This method, called the “double-blind” password protection method, isn’t necessary for many passwords, but if employees work with a bulk of sensitive data, they might want to use it for those accounts (perhaps databases that store customer information).

    Another safety measure involves international travel: Travel Mode allows users to mark vaults with non-sensitive data as “Safe for travel,” but when they activate Travel Mode, every vault they didn’t mark is temporarily removed from their device. No longer can they access that data, nor can any border agent to whom their data would otherwise be exposed. 

    Why should businesses use password managers?

    Businesses use password managers to store strong passwords so that employees don’t have to memorize them or write them down in places where they could be stolen. Password management software also eliminates the need to share plaintext passwords with coworkers by leaving a note on their desks or sending them an email with the password.

    Too, password managers largely eliminate the need to share login credentials for business platforms and enterprise applications across internal communications channels.

    With companies relying on cloud-based platforms for business-critical systems like customer relationship management, enterprise resource planning, finance, logistics, product lifecycle management, shared cloud storage, wireless networks, VPNs, productivity suites, and many more, an enterprise-wide password management system reduces the password fatigue that arises from needing to remember multiple passwords.

    For example, if several employees are responsible for updating their company’s social media presence, IT may make the decision to issue a single set of credentials for the employees to share. In a situation like this, those employees might need to send the shared username and password through email, over chat channels, or even pass a sticky note from cube to cube.

    Password managers not only collect these credentials in a secure environment, but also allow IPSec teams to easily control access for new employees, revoke access for employees who have left, and even enforce password complexity and aging standards.

    The stakes for keeping passwords safe across the enterprise as a comprehensive data security strategy have never been higher. In a 2021 study by Infosys, researchers estimated that the world’s top 100 most valuable brands stood to lose value totalling between $93 billion and US$223 billion were a breach to compromise their mission-critical systems.

    1Password vs LastPass

    LastPass is another extremely popular password manager. It serves many of the same functions, such as storing passwords in secure vaults and requiring a master password. LastPass requires only authentication to log in (entering the master password), while 1Password uses both authentication and encryption for the login process. This means that if an employee gets locked out of their account, they must have an encryption key to access their account again. It also makes the account more secure than a solely authentication-based system and takes access capabilities away from gatekeepers and sysadmins.

    LastPass offers multi-factor authentication, which 1Password, being both authentication- and encryption-based, does not. LastPass also offers more directory integrations, while 1Password supports native applications for more devices.

    Read More: 1Password vs LastPass: Compare Top Password Managers