Insights For Success

Strategy, Innovation, Leadership and Security

Ed's favourite things - Best Password Manager

GeneralEdward Kiledjian
safe-913452.jpg

There is no shortage of password managers. Anytime you listen to a podcast or read an online blog post, you will probably be bombarded with ads for tools like Lastpass, Dashlane or 1Password. Add to that list the neverending supply of free password managers (Keepass, BitWarden, RoboForm, etc.)

Free isn’t bad

The truth is there are a lot of very good free password managers. These are great options for users that can't or don't want to spend money. I'll mention my favourite free pic later in the article.

Favourite paid password manager

Before jumping to 1Password a couple of years ago, I had been a paid Lastpass customer for about ten years. I started looking for an alternative because of irritants and an issue I experienced when I needed support, and Lastpass was unresponsive. Plus Lastpass is unrefined and a little clunky. After testing 10 of the best rated paid password managers, I chose 1Password.

Here is why I chose it and why it may be a good fit for you. It supports all the platforms I use, such as Windows, Macs, Chromebooks, iOS devices and Android devices. WatchTower is a great feature Lastpass didn't offer that ensures you aren't reusing passwords, that you are using strong passwords and that you aren't using passwords that are part of a site breach (therefore would already be on a list of passwords hackers would use first to break accounts).

Tell me more, please

1PasswordX for easier browser integration

As a ChromeOS user, 1Password was off-limits for many years because it did not have a self-contained browser extension. The original version of 1Password required that you install the full client on Mac and Windows to support their light browser plug-in. This changed with the release of a product called 1Password X. 1PasswordX works in Google Chrome, Microsoft Edge (Chromium version), Firefox and Opera (Chromium version). 1PasswordX offers all of the password management functionality without requiring any client installation so it also works on ChromeOS.

1Password uses multiple Vaults

1Password has implemented a password grouping concept called a Vault. A Vault is a container that stores all of your 1Password information. During installation, you create a default vault and everything is stored there automatically. But if you are also storing business information, you can create a separate Vault for those.

Another interesting use of Vaults is to improve travel security. We live in a world where our personal privacy is constantly under attack. Nowhere is this more true than when crossing an international border. Border agents can order you to unlock your device and your password vaults. Which would give them access to all of your sites and personal information. You can mark certain Vaults as safe for travel and store the less sensitive passwords here. If your device is inspected at a border crossing, only the vaults marked as safe for travel will appear.

Biometric support

All versions of 1Password support biometric authentication (depending on the features available on the platform of use). Since your main unlock password should be painfully long, this is a wonderful feature to enable on smartphones and tablets.

1Password for the security-conscious

Security is a balancing act competing with usability. My default, 1Password encrypted all of your information (on device) using AES256 before the blob is sent to their servers. This means that if their servers are ever compromised, your passwords are safe, as long as you are using a good strong, long password. You can and should read about their security model here.

If you want, you can be extra paranoid and configure 1Password not to sync the vaults to their servers. This means you can manually copy the encrypted vaults to your devices using whatever mechanism you want. For users that want this standalone model, 1Password does sell a standalone license for Windows and MacOS. Know that the standalone license does not include 1PasswordX. Most users should opt for the “normal” subscription model.

1Password for files

1Password (like Lastpass) gives you 1GB of encrypted cloud storage to store sensitive information you may need while out (think scans of passports, credit cards, health cards, tax papers, etc).

Support

1Password is a Canadian company with Canadian support. Believe it or not, getting in touch with a real human is very easy, not buried 32 levels deep like other products. Their online support site is clean, has well-written articles with nice screenshots and video walkthroughs. This one item sets them apart from many of their competitors.

1Password isn’t perfect

Perfection doesn’t exist in nature or the computer world. By default, the Vaults lock after 1o minutes of inactivity to protect your information. I think this is a desirable feature, but some may find it slightly annoying. You can change this setting but.. should you? I say keep it as is.

A little annoyance is acceptable in exchange for better security. Lastpass has a forever free version that meets the requirements of “normal” users. 1Password does not offer a free version (only a 30-day trial). I believe in paying for good products to encourage the developers and ensure the product survives.

What is the best free password manager?

I tested about ten free password managers while investigating what product I should be using daily. And after reading privacy policies, reading the security model documentation, I tested about ten free password managers while investigating what product I should be using on a daily basis. And after reading privacy policies, reading security whitepapers and testing the products, the winner is…. Bitwarden.

There are three features 1Password offers that differentiate it from Bitwarden. If you don’t need these features, then BitWarden may be a better option for you. The three features are:

  • WatchTower’s password checkup features

  • physical hardware security key support (e.g. Yubico)

  • 1GB of encrypted storage

BitwarDen has the essential features every password manager should offer, such as the ability to manually synchronize your data on as many devices as you want, the ability to store an unlimited number of passwords. The free version of BitWarden allows you to share select passwords with one other person (e.g. spouse or partner).

Bitwarden supports a wide range of devices such as Windows, macOS and Linux. It supports all major browsers with a plug-in (Chrome, Firefox, Opera, Microsoft Edge, Safari, Brace). On mobile, it supports both IOS and Android. If you are an uber-geek, BitWarden supports Command Line Interface to its vaults (CLI).

BitWarden uses similar vault security as 1Password but… it does not submit itself to independent security auditing as 1Password does.

BitWarden apps and plug-ins aren’t as polished as 1Password but they are highly functional.

Anytime we talk about free products, I am reminded of the saying “If you aren’t paying for the product, you are the product”. I read the BitWarden privacy policy, Nothing glaringly bad popped out. They don’t sell or share your data for commercial purposes. Although they do have the right to share some anonymized data.

You will get ads for their premium version in their free products, which is understandable. Remember that if you decide to pay, take a look at 1Password first.