Improving My Online Security with 1Password


“Have you ever forgotten your password?” password manager 1Password’s website asks.  “Why yes,” you say, because of course the answer is yes — if you’ve ever changed a password, had multiple passwords like a good citizen concerned about security, or, really, used a computer in the past ten years — you’ve probably forgotten a password at some point. Well, 1Password promises to help you out with that.  I decided to give it a try due to John’s post about passwords, and Evan’s comment recommending 1Password,  and it did indeed help me out.

Why Use a Password Manager?

But first, I’ve got three reasons why you should be using a password manager in order to protect your personal information:

  1. This post from Deloitte (shared by John on one of our links posts a while back) claims that this year (2013), the 8-character password will be easily hackable.  An 8-character password (complete with mixed-case characters and numbers) used to be considered strong, but it isn’t any longer.  This means that if you’re interested in protecting your personal information, you need to be creating longer and more complicated passwords.
  2. You should never reuse the same password across sites. As I understand it, if someone hacks into a site and gets log in information, they may try that same log in information across other sites.  If you use the same username and password, this means that all of the sites that use that username and password have been compromised.  Ultimately, you should have dozens of different passwords, and this is nearly impossible for mere mortals to remember.
  3. This LifeHacker post on security questions and answers has tips on picking good answers for security questions in the off-chance that you forget one of your dozens of passwords. I’ve seen suggestions many times that you should pick a random, password-like answer to particular questions. Why? Well, because with the Internet, it can be easy to someone to discover what high school you went to, or what your dad’s middle name is, and then they could get into your account.

All of these reasons make it more important for you to have a more complicated password system that can be hard to keep track of, so this is where password managers like 1Password come in.

My Password Setup Before (Horrifying)

Before I used 1Password, I had used a combination of my browser’s password-saving function and Keychain Access (gasp — horrible, I know!) to keep track of my passwords. I didn’t follow many of the rules above. I knew that this wasn’t a very good idea, especially with the growing number of different passwords I was creating for various accounts.  My Keychain Access set of passwords was also getting unmanageable, as I imported keychains from old computers and never moved them into the right places.  Old passwords that had long since been changed were still in there as well.  Let’s just say that it was a mess.

Anytime I forgot a password, or forgot which username and password went together, which was often, I had to go into Chrome or Keychain Access to look it up.  I usually couldn’t remember where I saved the password either, so would have to look it up in both places.  Not cool when I’m trying save something to Evernote, write a blog post, or rearrange my Netflix queue before my next DVD ships out (Noooo, I’m getting Starman?!).

My Password Setup Now (Probably Still Horrifying, But Better)

When you open 1Password, you have to type in your main password.

When you open 1Password, you have to type in your main password. The steel doors help keep your info safe.

1Password hasn’t miraculously changed my life, but it has simplified my password management, which I am thankful for because it gives me one less thing to worry about.

It works by having a master password that you use to unlock all of your information within the application. You have to type this every time you open it, and any time you want to use a password from it (like on the browser add-ons, which I’ll get to in a moment).

I haven’t had time time to sit down and explore all of 1Password’s features, but I plan to eventually.  You can save other information you’d like to keep secure and in one place beyond just Internet passwords, like your bank account and credit card information.  1Password also has a password generator, which can help you create more random passwords.

For Your Browser and Mobile Devices

The browser add-ons are awesome, and it’s how I most often use 1Password.  It works similarly in Chrome and Firefox (and I’m guessing Safari also).  If you come across a place on the Web where you have to log in, you click on the 1Password key button, enter your main password, and then select which site you’re trying to access. If you haven’t yet saved the password in 1Password, it will ask you if you want to save it.  Once saved, anytime you go to that particular site, you can have 1Password fill in your info and you’re in.

There’s also 1Password apps for iOS as well as Android devices, which helps you out with the annoyance of typing out passwords on your phone or iPad. I haven’t yet tried it, but I’m probably going to soon, since I just got a new iPod a couple of months ago, and my new password system (of having long, different passwords for everything) makes it a huge pain to use any of my apps that require passwords.

One More Thing…

Remember, if you are a W&M person (and this may go for others as well), no one at IT will ever, ever, ever ask you for your password — so if you get an email asking for you to send your password, it is a phishing email, and you should not reply to it.  Also, another word to the wise — you shouldn’t be sending passwords via email anyway, even if you know the person.

About Kim Mann

Kim Mann is the editor and a writer for the Academic Technology Blog. She earned her BA in English from the University of Minnesota in 2003 and her MA in American Studies from William & Mary in 2009, and her PhD in American Studies at the College in 2014. Her research is on technology, the interface, and the body in mid-twentieth century science fiction.