This article originally appeared in TidBITS on 2013-10-03 at 3:11 a.m.
The permanent URL for this article is: http://tidbits.com/article/14138
Include images: Off

1Password 4 for Mac Better Than Ever

by Josh Centers

Back in December 2012, AgileBits overhauled its popular 1Password password management app for iOS (see “1Password 4 for iOS: Overhauled and Improved [1],” 12 December 2012), and now the same treatment comes to the Mac, with 1Password 4 [2]. The upgrade is free for all Mac App Store purchasers and anyone who bought directly from AgileBits on or after 1 January 2013. For everyone else, there’s a temporary launch sale, where you can upgrade for $24.99 (regularly $34.99) or purchase a new license for $39.99 (regularly $49.99).

For those not in the know, 1Password is an app for Mac OS X, iOS, Windows, and Android that stores your login credentials and other sensitive information in an encrypted database. Using browser extensions, it can learn your logins as you log in to Web sites and autofill them later with a couple of clicks or keystrokes. Most importantly, it can generate long, random passwords that are impossible to guess.

In this day and age, I cannot overemphasize how important it is to have an app like 1Password. A couple of weeks ago, I received email from eBay informing me that my account had been compromised. I promptly changed my password, using one generated by 1Password. Reviewing my old password, I realized that it was one of my old “lazy passwords” that I should have changed long ago. These passwords were significantly complex, using a mix of cases, letters, and numbers, but I reused the same handful of passwords across multiple Web sites. That worked just fine ten years ago, but in the age of seemingly daily hacks and password leaks (see “Adobe Announces Major Security Breach [3],” 7 October 2013), such a technique doesn’t cut the mustard. Each and every login needs to be both unique and complex or you’re setting yourself up for a world of pain.

There are numerous apps that generate, store, and enter secure passwords for you, but if you’re firmly entrenched in Apple’s ecosystem, I think 1Password is the way to go, because AgileBits’ main focus is on Mac OS X and iOS. Yes, there are versions for Windows [4] and Android [5], but they don’t match up to the features of the flagship Mac version. If you’re largely a cross-platform user, you might prefer the open-source Keepass [6] or the cloud-based LastPass [7]. However, I’ve used them both in the past, and neither is as elegant as 1Password. (If you’re an occasional Linux or Windows user, you can open your 1Password database file in a Web browser, a feature called 1PasswordAnywhere [8]. Thoughtful features like that are what set 1Password apart.)

Another reason I like 1Password is that AgileBits is an international team, making NSA interference difficult to either implement or keep under wraps. See “1Password Developer Responds to NSA Concerns [9]” (12 September 2013) for the company’s response to the recent NSA domestic surveillance revelations.

So that’s the skinny if you don’t already use 1Password. For 1Password veterans, here are the best new features of 1Password 4.

A New Look -- The first thing you’ll notice is that 1Password 4 has been redesigned to look more like 1Password 4 for iOS. The icon has transformed from a key to a keyhole. Overall, 1Password 4 features much lighter tones than its predecessor, which is evident from the initial login screen. AgileBits says that the new, lighter look places a greater emphasis on the content instead of the interface.

[image link] [10]

Multiple Vaults -- Perhaps the most important new feature is the capability to create and share multiple password databases, which 1Password calls “vaults.” This feature is fantastic, since I can share a vault containing banking information with my wife, but keep my work passwords separate.

There’s even an option to create a demo vault full of dummy information, so technology writers like yours truly can show you 1Password without having to come up with fake data. (Psst… the password is “demo”.)

To create a new vault, choose 1Password 4 > New Vault. To switch between vaults, choose 1Password 4 > Switch to Vault and choose your desired vault from the menu. Or, you can click the 1Password icon in the upper-left of the window.

[image link] [11]

Each vault can have its own individual sync settings. To do so, just open the desired vault, then choose 1Password > Preferences > Sync. You can do this via the menu, but you really should learn the Command-, shortcut, since it will open preferences in just about every Mac app.

1Password mini -- In 1Password 3, you had only two options to retrieve a password: fish it out of a browser extension or launch the full 1Password app. 1Password 4 introduces 1Password mini, a companion app that lets you quickly access your passwords at any time, without opening the full app. It can appear in your menu bar or as a separate window, invoked with a keyboard shortcut.

[image link] [12]

Click the key icon in your menu bar or press Command-Option-\ and you’ll be prompted to enter your password. Here’s a trick: click the keyhole on the password entry pane to switch between vaults.

[image link] [13]

In 1Password mini, you can search for and view all of your passwords and even generate new ones. If a password entry has a URL attached, one click opens the Web site in your default browser.

If you need to copy and paste more than one piece of information (for example, pasting your username and password into an app where the browser extensions can’t reach), click the anchor and you can keep that password window open indefinitely, even as you switch apps.

[image link] [14]

You’ll also notice a new feature carried over from the iOS app: favorites. To set a login as a favorite, open an entry in 1Password and click the star under its name. That copies the login to the Favorites category, making it even more easily accessibly in 1Password mini or the iOS app.

Wi-Fi Sync -- A feature I’m giddy to see return is the capability to sync 1Password between the Mac and iOS over a local Wi-Fi connection, a feature that was dropped on 1Password 4 for iOS. I (and many others) complained loudly at the time, and fortunately, it looks like AgileBits paid attention. (Wi-Fi Sync is currently awaiting an update to the iOS app.)

Why is this feature so important? Because I’ve never been crazy about storing my entire password database on Dropbox’s servers. (iCloud sync is also an option in 1Password 4.) Sure, 1Password uses strong 256-bit encryption [15] and files are additionally encrypted on Dropbox, but I’d still prefer to keep my 1Password data on machines I control entirely. I’d rather the bad guys not have access to my most important lockbox, even if I don’t believe they can open it. In this case, a “bad guy” is anyone that isn’t me or my wife, including Dropbox, Apple, and the NSA and their custom encryption-breaking chips.

Sure, you’ve always been able to copy data over a USB connection with iTunes File Sharing. But it’s only a one-way copy, not a sync, and who wants to have to fool with that terrible interface? 1Password’s Wi-Fi Sync is a perfect blend of security and convenience.

To activate Wi-Fi Sync, open 1Password 4 and choose Window > Wi-Fi Sync (or press Option-9). You’re presented with a secret passcode to enter into the iOS app to initiate pairing. On your iOS device, open 1Password 4, then go to Settings > Sync > Wi-Fi to enter the code and establish syncing. Wi-Fi Sync works only when the iOS app is open and unlocked and when the Wi-Fi Sync window is open on the Mac.

[image link] [16]

Security Audit -- Finally, we come to what I consider 1Password 4’s killer feature: Security Audit. It’s the single best new feature for anyone with even an inkling of interest in security, which should include you.

Security Audit warns you of weak passwords, duplicate passwords, and old passwords that you might want to consider changing, if the site allows stronger passwords than when you initially created your password. (There’s no reason to change passwords regularly, if they’re sufficiently strong.) Even better, Security Audit is dead-simple to use, since it’s basically just a set of smart folders that reveal which of your passwords need help. Hover over the Security Audit item in the sidebar, click Show to reveal its collections, and click the group you want to see. Once you have a password you want to change, log in to the Change Password page on the site in question, generate a new password, and use it to replace the old one in 1Password.

[image link] [17]

It’s an ingenious feature, and if you use it wisely, it will greatly improve your online security.

Locking It Up -- This is just a taste of what 1Password 4 has to offer. I didn’t even get to its improved password sorting, support for iCloud and custom folder syncing, and improved consistency between browser extensions. With all of these improvements and refinements, getting the new version is a no-brainer if you’re entitled to a free upgrade, and if not, there’s never been a better time to invest in 1Password. It’s one of the best investments you can make in your online security.

And if you’d like expert advice on using 1Password, including the new sync options, multiple vaults, 1Password mini, Security Audit, and numerous other new features, our own Joe Kissell is here to help with his new book, “Take Control of 1Password [18],” written with the support of AgileBits during 1Password 4’s beta testing period. This book picks up where Joe’s earlier and more general book, the best-selling “Take Control of Your Passwords [19],” leaves off, explaining how to get the most from 1Password 4 on the Mac, along with help for using it in iOS, Windows, and Android.

[1]: http://tidbits.com/article/13451
[2]: https://agilebits.com/onepassword/mac
[3]: http://tidbits.com/article/14168
[4]: https://agilebits.com/onepassword/win
[5]: https://agilebits.com/onepassword/android
[6]: http://keepass.info/
[7]: https://lastpass.com/
[8]: http://help.agilebits.com/1Password3/1passwordanywhere.html
[9]: http://tidbits.com/article/14106
[10]: http://tidbits.com/resources/2013-10/1P4-Mac-locked-cropped.png
[11]: http://tidbits.com/resources/2013-10/1P4-Mac-switch-vaults.png
[12]: http://tidbits.com/resources/2013-10/1P4-Mac-1P-mini-new-password.png
[13]: http://tidbits.com/resources/2013-10/1Password4-keyhole.png
[14]: http://tidbits.com/resources/2013-10/iPassword4-anchor-crop.png
[15]: http://learn.agilebits.com/1Password4/Security/keychain-design.html
[16]: http://tidbits.com/resources/2013-10/1P4-Mac-Wi-Fi-sync-setup-cropped.png
[17]: http://tidbits.com/resources/2013-10/1P4-Mac-Security-Audit.png
[18]: http://tid.bl.it/tco-1password-tidbits
[19]: http://tid.bl.it/tco-passwords-tidbits