What password manager feature is most important to you? I'd be curious to hear. Also, if you want to try 1Password, you can support me by using this affiliate link: www.allthingssecured.com/try/1password
most important to me is that I don't have to ever worry that someone will be able to get them from me no matter how much I've had to drink while browsing the internet...
Assuming the manager already does the basics (logins, notes), I have a definite need for good support for custom fields, and accessing them from the rt-click menu. My bank requires answering a security question after name and password are accepted. I have 5 on file, so it chooses one at random. I'd like to have a manager that allows me to specify which custom field to enter on a given login attempt, based upon the security question asked. No password manager I've tried so far does this. Bitwarden comes close, as I can access the custom fields from the extension menu, and copy a specific field to the clipboard, but this is a little inelegant. I can easily rt-click to enter my name/password, but then have to move my mouse pointer to the extension to copy/paste my security question answer. Nordpass has no support for custom fields, and Roboform doesn't give me access to the custom fields using the extension (I have to go into the application or the website and copy/paste from there). I also have a need for properly searchable secure notes, to pick out specific information from longer notes. I can sort-of do this from the browser using Nordpass or Bitwarden, but that's only using the Ctrl-F functionality from the browser itself. I lose this option if I use the Android app.
@@HeWhoIsWhoHeIs Bitwarden is good -- very good. It's especially good knowing it's free for 90% of its features, and extremely inexpensive for 100% of its features. It has some minor drawbacks, as I mentioned already, but overall, it's a solid choice.
@@neuideas the thing is, they listen to their customers and are always adding new features. I started using it in about 2015ish and it has done nothing but get better and better. It has never failed me
Awesome video - Thank you! Quick summary for others: - 1Password uses zero- knowledge encryption - can store non-website/app passwords as well (eg. passport info, card pin codes) - has a mobile ap - has a browser extension - checks your password for strength - stores previous passwords in case you need to remember what they were - has family pack where you can store up to 5 password accounts and created shared passwords for logins you'd like to share
I’ve considered a password manager. But everyone putting their passwords in a big pile is just a big bullseye for hackers. Seems like not if, but when. You guys talking about LastPass hacked more than once. They worked every day for security also. Maybe a rung down the ladder.. I don’t know. But I hesitate to join in the target. And as far as biometrics, how long until AI bests that one. No thanks. IMO
Honestly, free version of bitwarden is already very competitive and for the most part better in my opinion than almost all of the other password managers. Then you add the premium version being about 3.5 times cheaper than 1password, and for what I need, not a lot of difference in their offerings, I think I'll stick with bitwarden. And the fact that it's open source, I think is a bonus. Anyone can be able too see how things are implemented and hold them accountable to fix things, and, if they don't, people will let everyone know about it. And there's also the added benefit of being able to self host on your own server and not rely completely on them if you have the know how or the patience to learn. And that's even on the free version of the plan from what I can tell.
Thank you very much for all your videos. all of them are excellent. I want to ask you about kaspersky Password Manager and compared to 1Password, which one is better? and incidentally also, between 1Password7 and 1Password8 ??
I appreciate you taking the time to walk us through the process. In addition, I would like to comment on another Password Manager - Bitdefender Password Manager, and what you think about it. Trying to decide which to choose, there are so many. Thank you again.
Thank you for your clip it was very informative and useful. I have a question regarding is secure keychain or USB adapter that connected to the computer and log into the windows and it's not necessary you type passport for log into your Windows login page is there any good quality for this matter is there anyone that combine with the software that you explain now
13:50 Great video. Thanks so much. How do you handle shared services or accounts that require a 2FA and we do not have any other option other than set up SMS(least preferred) or Authenticator app?
Just a couple of things, I am a big proponent of 1password, and you are right, separation of concerns is a good idea with not storing passwords on your browser, but storing other people's PII data in your account is not a great idea, a family account is available from 1password, that will let you administer the other accounts, but keep that seperation of concerns. Secondly, please do use a strong password for your Netflix account and, especially your Google account, streaming media tv apps (and google) have the ability to enter a code generated from a logged in browser account session and type that code ( usually 4-8 digits) into the tv. So please, please use a strong password for everything, there is no excuse, if you can't because of the limitations of the app, you probably should be having thoughts about how well the app has been written and maybe use something else.
Thanks, John! Unfortunately no. Signing up for something like Privacy.com requires you to go through a KYC (know your customer) process that verifies whether or not you're a US resident.
Can you exclude a single or a number of sites from autofill? These are where they ask for 3, 5 and 6 characters from your last school (which is one of 3 reminders you had to provide. Or 6 long PIN fill in the open boxes they want.
Is there any way to incorporate 1Password with a Roku device? For example, Netflix. On my laptop, it's no big deal to have the 1Password extension autofill on the laptop. But then if I want to watch Netflix on the Roku, is there an easy way to accomplish this without having to use the Roku remote to enter the password?
Man, you really answered everything I wanted to know. The only question that was outstanding was answered at 18:40, so I appreciate your thorough video!
Pretty good review and overview of 1password. Downside is that I have an Android phone & a PC. While the program may look and operate similar, the process is probably a different experience for me as I don't have Face ID and the other Apple integrations. I do have an older iPad and I wonder whether it would work on the older os, and I can't do face id on the iPad.
You can use biometrics on Android, (open your vault with your fingerprint), and set the length of time it takes until the session ends then asks you to re-enter your password. The same on Windows with Windows hello, either a pin or face recognition. So with Android and Windows you are all good with 1password.
Can u pls do a video on how to setup family password manager. Preferably with 1password. My thinking is to setup 1 admin account and then each user to have their own private vault. Everyone could have access to a shared vault. I was also keeping a copy of everyones password in admin.
It's been a while since I've used an Android smart TV but I know Roku, and I'd bet Android, let you use your phone/tablet as a remote so you can also enter your passwords from that.
11:55 I definitely loved your 1Password Walkthrough, but there was a slight issue regarding quickly accessing 1password from a public computer. for 1P to log you in, you need the master password as well as the secret key on a new device. the idea of being able to, in an emergency, access your account without some way of having the secret key readily available might cause inexperienced users to not understand why they cannot access 1P from any random computer.
I'm thinking of moving from LastPass given the latest incident, but don't they all have similar issues, so hard so say which one to go with. How easy is it to move all my lastpass details, over to 1P /. any why is 1P better than some of the others? Is this the one? At the end... Love your BLIND double Password idea.. I'm going to steal that one :)
Excellent video--I have abandoned Lastpass for obvious reasons and moving to 1Password has been an easy transition. I agree a free version doesn't support future development. And, $36/year is a pittance compared to the hassle and expense of a hack.
With many recent street holdups, I am getting very concerned about carrying a cell phone, which an attacker could use, to force me to withdraw / transfer cash, crypto, etc. So I deleted most personal / financial data. Is there any kind of secret Android app (no mention anywhere on the cell phone) , that would require a PIN # to make the Apps visible and usefull ?
Great video. Thanks for putting it all together. I use LastPass. I am happy with it and have gotten my family to use it under my family plan. Here is my question: Is there any reason for me to switch to 1Password? Thank you!
If you like Lastpass and everybody is already using it, just stay there. The only reason I’d say to move is if you’re uncomfortable with the various hacks that have happened to LastPass recently.
@@AllThingsSecured yes it happened to me about 6 months ago. couldnt get into lastpass. lost all my information. I made a move to 1pass months ago. very happy with it . never going back to lastpass
For cryptocurrencies, if I am storing my 12-24 word phrase into 1password, is there an additional pin that can be set up before seeing those words? Like, a specific Custom field that requires an additional level of security to see the contents?
No, there isn't a way to create a password-protect note inside of a password-protected vault. You'll have to either make sure your password manager master password is really strong and backed up by good 2FA...OR just find a different way to store your seed phrase.
I store my seed phrases in a password manager however I removed one of the words from each sequence. My captured seed phrase words are numbered so the omission is clear. I have 3 hardware wallets and I have removed 3 words that can be used to create a silly event/story for ease of remembering.
Does the iPhone Face ID work to log into the 1Password app? Or, do you have to type your master password to log into the 1Password app? Using the BitWarden iPhone app, you have to type the master password to log into the BitWarden app. FaceID only works to unlock BitWarden. LastPass allowed logging into the iPhone app using Face ID. I need to switch from LastPass to a different password manager, but typing the master password to log into the app would be a big hassle, verses using the Face ID to log into the app.
@@AllThingsSecured Thank you for answering my question about logging into the 1Password iPhone app with Face ID! One more question: Can I share a Personal account with my wife? Or, does that require a family membership. I don’t auto fill usernames and passwords, I only store the usernames and passwords in secure notes.
Thanks for this video. Newbie here. When I go to sign into my account under my username and email are the first 8 characters of my secret key. Is that supposed to be there?
@@AllThingsSecuredAnother question. I am ready to export my passwords and first get this message. What backup software would that be? I have a Mac and use Time Machine with an external hard drive. I assume as long as that is not plugged in, I’m fine but, is there any other backup software I need to be concerned about? Then once all Passwords from Keychain, Safari and Chrome are exported is there anything I need to delete? If so, how do I do that? Sorry, if these are silly questions, I’m not that tech savvy.
I created a convoluted password as my master password. The only problem is that since the app prompts me for the password every time I use it, I have to look it up. Is it ok to use a master password that isn't so complex?
Yes I think it’s okay to have an easy to remember master password. Just try to be sure it contains upper case, lower case, numbers and special characters and is at least 16 characters long.
Thanks for your thorough discussion. I have three questions: 1) if one uploads all their passwords from keychain access to 1password, should they be removed from keychain access? 2) if one later wants to cancel 1 password, can they be re-downloaded, if they had been removed? and, 3) do changes to passwords in 1password automatically change also in keychain access if they weren't removed from it originally? I know, a lot to answer, and maybe the answers are in some FAQ. Thanks again in any event.
1) ideally once you've moved over the passwords, to 1P,assword (1P) you won't need to re-access Keychain. I would say remove it from Keychain once you've confirmed the passwords have been moved over, but that becomes a personal choice. 2) it is possible to have 1P "freeze" your account by basically making the account essentially work as a read-only file. in this case, you could copy over your account back to Keychain or somewhere else. if you don't have a mac, you will have to manually enter the passwords to Keychain, although if you do have a mac, the process might not be that much smoother. Just remember if you want to delete the account, you will have to export the data first before the deletion of the account. 3) 1P and keychain are separate apps, and therefore any changes to either 1P or keychain would not affect the other app. even if you have the same login in both 1P and keychain, any changes to keychain would not cause 1P to update these changes
@June@97 if you're that worried about Bitwarden being hacked, secure it with a Yubikey. And make sure you get two of them so you have a backup. Just so you know, as long as you create a strong master password and set up 2FA (with at least an authenticator code, preferably with a Yubikey) it really isn't possible to be hacked. Bitwarden hashes everything on your end before it's sent over, and everything is encrypted. You're worrying over nothing, really. Besides, a second password manager won't do you much good even if you are hacked.
@@just__mike when I said hacked in my earlier comment, I was referring to someone guessing or somehow obtaining your password. If you're referring to the company, that's practically useless. They can't access your data. It's encrypted based on your password (and your yubi if you use one). Hacking them would be pointless (but good luck trying). In any case, what I said stands true; if you don't have the password and the yubi together, you're simply not getting the data. Period.
Just to add to Josh's point and to express my own opinion, using Facebook responsibly while being security focused is not a conflict (unless you're security focused in the sense of not wanting to be publicly known ie. face to a name and even with this you can choose not to have a profile picture). Using Facebook might conflict with someone who is heavily privacy focused and against the monitoring of ones online activities for marketing/profits. I'm a security professional, I have a Facebook account for various valuable purposes, I used it with caution and only when I really have to. I don't browse feeds, engage with any posts or post any content myself. It's as secure as it can be for me because it feeds me information from family members abroad rather than me feeding it (algorithmically). 😁
1Password is not an open source software. The public cannot see if the code is malicious. Keepass is an alternative to consider. Also password managers should not be requiring internet access.
1Password is not open source software, this is correct. They have had several independent audits to make sure they are doing what they say they are doing. That may be good enough for you - it may not.
Goodness sakes…I don’t delete comments unless you’re swearing. Otherwise, that’s between you and RUclips. They do their own kind of censoring so don’t get mad at me.
Password managers are unnecessarily hyped apps in my opinion. Default browser based password managers are so convenient and secure. Google, Firefox, Safari offer strong password suggestion these days.. and more over you can use your browser as an Autofill manager across platforms too. Ex: you can use FireFox or Chrome as a password manager in your iPhone. I don't think a dedicated password manager is essential in 2022
Thank you. Because of the complexity for new users - If anything - I'd suggest you not try to cover so much so quickly. Repetition also helps when teaching. I'd also benefit from just a video of someone taking a phone out of their pocket and going through "the motions". Sort of a cinéma vérité. but thanks again. I'll be viewing it again... and again... 🙂
I am on day 1 of using this manager and so far NOT IMPRESSED! 1. No way to delete duplicates! 2. So I figured OK I'll export all my data than delete everything and go into excel and cleanup my over 1000 passwords saved from Lastpass 3. So now I have a clean csv data to import and delete all my passwords to start over 4. What I can't delete more about 18 passwords at a time this will take hours! WTF! 5. So I than select and try to use keyboard and the damn keyboard is broken in the app! The delete key does not work so I can't even do Shift + page down to select twice than hit delete.. no I have to right click to damn well delete? Who the hell thought of designing a crappy app that has no delete recycle bin option? Are you development team total idiots? Basic functionality is missing in this app completely! WHY ARE THESE CONS NOT MENTIONED! ARE YOU BEING PAID BY 1PASSWORD AS THE UI IS AWFUL. Be truthful of the interface in reviews!
I was wondering if you are familiar with a password manager called Roboform. I have been using this one for about 10 yrs. & have been very satisfied with it. I wanted to know if you are able to compare these 2: Roboform & 1Password. I tried 1Password many years ago but didn't like the fact that I had to let it determine my passwords, instead of storing the passwords I had already had. Thanks! I watch alot of your videos.
Did not yet watch the video but, I get it when people use closed source apps but when it comes to security FOSS is better so really bitwarden or even keepassxc is better
So my biggest complaint against your argument is simply this: the FOSS community claims that open source is better, but have you EVER checked the source code of one of these apps that you used? If you're honest, the answer is likely no (unless you're a security researcher). So all you're really doing is trading your trust of a company with closed source software that has a reputation to uphold with the trust in an ambiguous group of security researchers who have no skin in the game. I'm not saying Bitwarden or Keepassxc are bad pieces of software. I'm sure they're great. But I'm not sure I buy the whole "because it's open source, it's automatically better" argument. I'm still doing my own research, though, so feel free to try to convince me otherwise!
@@AllThingsSecured Damn big comment, I respect it Look, as me little old Ismael, no. but as for Linux for example you have the eyes and more big project is more better. and at least you do not have to take words of devs. Look I'm not saying closed source is bad It just I really can't trust what FB dev say for example :p or google for that matter I did not say "because it's open source, it's automatically better" I'm just saying specially in security you do not have to trust anyone. and yes again I do not look up but at least I have the way to do unlike closed source and at least company will get scared to put spy in the wild you know, so many eyes on your project like what signal did when it waited year on their server side code. all called them out so I'm just saying at least it gives you the ability to look at code when you need to or push another pressure on your company to do the right thing because at least one security researcher looking at your code So you are right, I trade dev words with trust in open source but at least I can look at the code unlike closed source :p My English is not my first language so I know my grammar is bad, sorry xd
@@esmailelbob Unless you build your own password manager, you are always going to be trusting it to someone else, FOSS or not. Bitwarden is kept in the cloud, so theirs is just as dangerous (relatively speaking) as 1Password, Last Pass, etc unless you download a CSV and delete your passwords every time. It's all about your threat model vs convenience.
I have to say that since I left last pass and started using 1 pw....I hate it. It didnt import most of my data. When I open a site it doesn't automatically fill out the info...after you have to put in your 1pw pw all the time. It suggests passwords but wont let you use them. I decided to get rid of it and use bit warden but guess what..No way no how can I find a export option. Every video o find is wham bam here you go export. Yeah. Apparently I got the only one without that option. 2 thumbs down
now I'm dyslexic and use my only login with mfa on lastpass browser extension without using my master password but can they do the same Dashlane, 1password and bitwande and have to use a strong master password when you have to use it every time you log in to the browser extension. support cannot see that I only have to use mfa or 2fa to log in to the browser extension without using my master password, so try writing this please (izvF9!gHb$8Q!z^P5$@V3m ps is not my master password) how does a child log in with a password or 2fa / mfa and a child change the password
@All Things Secured: Your review is flawed in a couple of ways. First, you talk about the Secret Key as if this is something offered by most/all other password managers. This is not true. The Secret Key is a unique and incredibly desirable feature of 1password. Lastpass, Dashlane etc do not have this. They rely ONLY on your (salted) master password for vault encryption. If your vault is stolen, then the vault is only as secure as the user's chosen master password. If it is a weak master password, they are in BIG trouble. This is NOT the case with 1password since the high-entropy secret key is also driving the encryption, even if the master password is weak. This alone is a KILLER feature! Second, 1Password supports WebAuthn 2FA with Yubikey, on Mac, Windows, IOS and Android. This again, is great. Nearly all other password managers do not support this on all platforms, and some don't support it at all. Lastpass, for example only supports OTP with Yubikey and not proper FIDO2/WebAuthn authentication. OTP can be hacked with MITM attacks. WebAuthn cannot. The only other password manager that supports WebAuthn on Android is Bitwarden, and they support it badly, i.e. it is flaky. Again, props to 1password.
How secure are my passwords using 1Password if I have to unlock my phone going through customs traveling abroad? If I have entered a password using my iPhone keyboard or 1Password do I now have to change them all?
What password manager feature is most important to you? I'd be curious to hear. Also, if you want to try 1Password, you can support me by using this affiliate link: www.allthingssecured.com/try/1password
most important to me is that I don't have to ever worry that someone will be able to get them from me no matter how much I've had to drink while browsing the internet...
Assuming the manager already does the basics (logins, notes), I have a definite need for good support for custom fields, and accessing them from the rt-click menu. My bank requires answering a security question after name and password are accepted. I have 5 on file, so it chooses one at random. I'd like to have a manager that allows me to specify which custom field to enter on a given login attempt, based upon the security question asked. No password manager I've tried so far does this. Bitwarden comes close, as I can access the custom fields from the extension menu, and copy a specific field to the clipboard, but this is a little inelegant. I can easily rt-click to enter my name/password, but then have to move my mouse pointer to the extension to copy/paste my security question answer.
Nordpass has no support for custom fields, and Roboform doesn't give me access to the custom fields using the extension (I have to go into the application or the website and copy/paste from there).
I also have a need for properly searchable secure notes, to pick out specific information from longer notes. I can sort-of do this from the browser using Nordpass or Bitwarden, but that's only using the Ctrl-F functionality from the browser itself. I lose this option if I use the Android app.
I've tried them all, and only Bitwarden meets my standards.
@@HeWhoIsWhoHeIs Bitwarden is good -- very good. It's especially good knowing it's free for 90% of its features, and extremely inexpensive for 100% of its features. It has some minor drawbacks, as I mentioned already, but overall, it's a solid choice.
@@neuideas the thing is, they listen to their customers and are always adding new features. I started using it in about 2015ish and it has done nothing but get better and better. It has never failed me
I've been using 1PW for years and didn't know half of this. Where has this channel been all my life! keep up the great work.
Great to hear!
Thank you for the great tip about the double-blind password strategy. Subscribed!
Really good idea with the double blind password.
Awesome video - Thank you!
Quick summary for others:
- 1Password uses zero- knowledge encryption
- can store non-website/app passwords as well (eg. passport info, card pin codes)
- has a mobile ap
- has a browser extension
- checks your password for strength
- stores previous passwords in case you need to remember what they were
- has family pack where you can store up to 5 password accounts and created shared passwords for logins you'd like to share
I’ve considered a password manager. But everyone putting their passwords in a big pile is just a big bullseye for hackers. Seems like not if, but when. You guys talking about LastPass hacked more than once. They worked every day for security also. Maybe a rung down the ladder.. I don’t know. But I hesitate to join in the target. And as far as biometrics, how long until AI bests that one. No thanks. IMO
Great presentation Sir. Going to check it out.👏
Honestly, free version of bitwarden is already very competitive and for the most part better in my opinion than almost all of the other password managers. Then you add the premium version being about 3.5 times cheaper than 1password, and for what I need, not a lot of difference in their offerings, I think I'll stick with bitwarden.
And the fact that it's open source, I think is a bonus. Anyone can be able too see how things are implemented and hold them accountable to fix things, and, if they don't, people will let everyone know about it. And there's also the added benefit of being able to self host on your own server and not rely completely on them if you have the know how or the patience to learn. And that's even on the free version of the plan from what I can tell.
bitwarden is damn ugly (design) but yes is good
Thank you very much for all your videos. all of them are excellent. I want to ask you about kaspersky Password Manager and compared to 1Password, which one is better? and incidentally also, between 1Password7 and 1Password8 ??
I appreciate you taking the time to walk us through the process. In addition, I would like to comment on another Password Manager - Bitdefender Password Manager, and what you think about it. Trying to decide which to choose, there are so many. Thank you again.
There are so many, and while there isn't a "bad" choice, I think very highly of 1Password, which is why I use it exclusivly.
Double blind 🤯🤯🤯 Great video!! Thank you for sharing your knowledge!! 🙏🙏🙏
Thank you for your clip it was very informative and useful.
I have a question regarding is secure keychain or USB adapter that connected to the computer and log into the windows and it's not necessary you type passport for log into your Windows login page is there any good quality for this matter is there anyone that combine with the software that you explain now
Very good information sir - thank you
13:50 Great video. Thanks so much. How do you handle shared services or accounts that require a 2FA and we do not have any other option other than set up SMS(least preferred) or Authenticator app?
Thanks as always very helpful
Glad to hear it!
Would you please look into the safety and ease of use of Passkey.. Thanks
Awesome, very detailed and 1password has a lot more features then other password managers. very cool
🙏🙏
is the second code that you add different for every account? if so, won't need another app to keep a record of those extra bits?
Finally completed the transition from LastPass to 1Password
Great work!
Just a couple of things, I am a big proponent of 1password, and you are right, separation of concerns is a good idea with not storing passwords on your browser, but storing other people's PII data in your account is not a great idea, a family account is available from 1password, that will let you administer the other accounts, but keep that seperation of concerns. Secondly, please do use a strong password for your Netflix account and, especially your Google account, streaming media tv apps (and google) have the ability to enter a code generated from a logged in browser account session and type that code ( usually 4-8 digits) into the tv. So please, please use a strong password for everything, there is no excuse, if you can't because of the limitations of the app, you probably should be having thoughts about how well the app has been written and maybe use something else.
agree on PII data
Cheers Josh ,great video.....I hope they allow the virtual card in the UK soon / Josh would I be able to use a VPN from UK to get the virtual card??
Thanks, John! Unfortunately no. Signing up for something like Privacy.com requires you to go through a KYC (know your customer) process that verifies whether or not you're a US resident.
Great!
Can you exclude a single or a number of sites from autofill? These are where they ask for 3, 5 and 6 characters from your last school (which is one of 3 reminders you had to provide. Or 6 long PIN fill in the open boxes they want.
Is there any way to incorporate 1Password with a Roku device? For example, Netflix. On my laptop, it's no big deal to have the 1Password extension autofill on the laptop. But then if I want to watch Netflix on the Roku, is there an easy way to accomplish this without having to use the Roku remote to enter the password?
Man, you really answered everything I wanted to know. The only question that was outstanding was answered at 18:40, so I appreciate your thorough video!
Awesome! Glad to hear it.
Pretty good review and overview of 1password. Downside is that I have an Android phone & a PC. While the program may look and operate similar, the process is probably a different experience for me as I don't have Face ID and the other Apple integrations. I do have an older iPad and I wonder whether it would work on the older os, and I can't do face id on the iPad.
Using Android and Windows with 1password, has been seemsless intregration/connection. No worries.
You can use biometrics on Android, (open your vault with your fingerprint), and set the length of time it takes until the session ends then asks you to re-enter your password. The same on Windows with Windows hello, either a pin or face recognition. So with Android and Windows you are all good with 1password.
Can u pls do a video on how to setup family password manager. Preferably with 1password. My thinking is to setup 1 admin account and then each user to have their own private vault. Everyone could have access to a shared vault. I was also keeping a copy of everyones password in admin.
It's been a while since I've used an Android smart TV but I know Roku, and I'd bet Android, let you use your phone/tablet as a remote so you can also enter your passwords from that.
11:55 I definitely loved your 1Password Walkthrough, but there was a slight issue regarding quickly accessing 1password from a public computer. for 1P to log you in, you need the master password as well as the secret key on a new device. the idea of being able to, in an emergency, access your account without some way of having the secret key readily available might cause inexperienced users to not understand why they cannot access 1P from any random computer.
I'm thinking of moving from LastPass given the latest incident, but don't they all have similar issues, so hard so say which one to go with. How easy is it to move all my lastpass details, over to 1P /. any why is 1P better than some of the others? Is this the one?
At the end... Love your BLIND double Password idea.. I'm going to steal that one :)
i looked through previous videos and i hoped this one would answer the question: should we use the password managers that come with the browser?
You can, but I recommend against it. Browsers were made to browse the internet, not keep passwords secure.
Excellent video--I have abandoned Lastpass for obvious reasons and moving to 1Password has been an easy transition. I agree a free version doesn't support future development. And, $36/year is a pittance compared to the hassle and expense of a hack.
1Password costs the same as LastPass premium. SInce LastPass has been hacked again, I am leaving them and trying out 1Password which I like so far
With many recent street holdups, I am getting very concerned about carrying a cell phone, which an attacker could use, to force me to withdraw / transfer cash, crypto, etc. So I deleted most personal / financial data. Is there any kind of secret Android app (no mention anywhere on the cell phone) , that would require a PIN # to make the Apps visible and usefull ?
When using my desktop, my passwords already autofill, how do I change that?
Hi Josh, do you have plans on having this offered with subtitles in other languages?
I'd love to watch this the whole way through.
Thanks
Which language would you like to have added?
@@AllThingsSecuredSpanish (Latin American) por favor y gracias.
Great video. Thanks for putting it all together. I use LastPass. I am happy with it and have gotten my family to use it under my family plan. Here is my question: Is there any reason for me to switch to 1Password? Thank you!
If you like Lastpass and everybody is already using it, just stay there. The only reason I’d say to move is if you’re uncomfortable with the various hacks that have happened to LastPass recently.
@@AllThingsSecured yes it happened to me about 6 months ago. couldnt get into lastpass. lost all my information. I made a move to 1pass months ago. very happy with it . never going back to lastpass
Should you really start with 1password when Google and others are switching to Passkeys?
For cryptocurrencies, if I am storing my 12-24 word phrase into 1password, is there an additional pin that can be set up before seeing those words? Like, a specific Custom field that requires an additional level of security to see the contents?
No, there isn't a way to create a password-protect note inside of a password-protected vault. You'll have to either make sure your password manager master password is really strong and backed up by good 2FA...OR just find a different way to store your seed phrase.
I store my seed phrases in a password manager however I removed one of the words from each sequence. My captured seed phrase words are numbered so the omission is clear. I have 3 hardware wallets and I have removed 3 words that can be used to create a silly event/story for ease of remembering.
Does the iPhone Face ID work to log into the 1Password app? Or, do you have to type your master password to log into the 1Password app?
Using the BitWarden iPhone app, you have to type the master password to log into the BitWarden app. FaceID only works to unlock BitWarden.
LastPass allowed logging into the iPhone app using Face ID. I need to switch from LastPass to a different password manager, but typing the master password to log into the app would be a big hassle, verses using the Face ID to log into the app.
Yes, you can use Apple's Face ID to log in.
@@AllThingsSecured Thank you for answering my question about logging into the 1Password iPhone app with Face ID! One more question: Can I share a Personal account with my wife? Or, does that require a family membership. I don’t auto fill usernames and passwords, I only store the usernames and passwords in secure notes.
2:30 Is it safe to send images of important documents like passport by email?
Generally no. I would recommend using some kind of encrypted cloud storage or encrypted email like ProtonMail.
How Do I get passwords from keychain to Nordpass
can you share the 2fa functionality with say your wife so she doesn't have to have my phone to log into an account?
How do you add to a vault?
Thanks for this video. Newbie here. When I go to sign into my account under my username and email are the first 8 characters of my secret key. Is that supposed to be there?
If you’re logging onto the web app from a trusted computer, then yes. It’s not a security risk, don’t worry.
@@AllThingsSecured thank you
@@AllThingsSecuredAnother question. I am ready to export my passwords and first get this message. What backup software would that be? I have a Mac and use Time Machine with an external hard drive. I assume as long as that is not plugged in, I’m fine but, is there any other backup software I need to be concerned about? Then once all Passwords from Keychain, Safari and Chrome are exported is there anything I need to delete? If so, how do I do that? Sorry, if these are silly questions, I’m not that tech savvy.
Never ever expect privacy and security from proprietary software.
I got 1password because of your video and i love it ....... thank you . I also took your recommendation for blind PW
Thank you.......
I created a convoluted password as my master password. The only problem is that since the app prompts me for the password every time I use it, I have to look it up. Is it ok to use a master password that isn't so complex?
Also you may be able to set up an easier way to access on your app, like fingerprint, PIN, etc. Check the settings on your app.
Yes I think it’s okay to have an easy to remember master password. Just try to be sure it contains upper case, lower case, numbers and special characters and is at least 16 characters long.
ProtonPass is the new contender
Thanks for your thorough discussion. I have three questions: 1) if one uploads all their passwords from keychain access to 1password, should they be removed from keychain access? 2) if one later wants to cancel 1 password, can they be re-downloaded, if they had been removed? and, 3) do changes to passwords in 1password automatically change also in keychain access if they weren't removed from it originally? I know, a lot to answer, and maybe the answers are in some FAQ. Thanks again in any event.
1) ideally once you've moved over the passwords, to 1P,assword (1P) you won't need to re-access Keychain. I would say remove it from Keychain once you've confirmed the passwords have been moved over, but that becomes a personal choice.
2) it is possible to have 1P "freeze" your account by basically making the account essentially work as a read-only file. in this case, you could copy over your account back to Keychain or somewhere else. if you don't have a mac, you will have to manually enter the passwords to Keychain, although if you do have a mac, the process might not be that much smoother.
Just remember if you want to delete the account, you will have to export the data first before the deletion of the account.
3) 1P and keychain are separate apps, and therefore any changes to either 1P or keychain would not affect the other app. even if you have the same login in both 1P and keychain, any changes to keychain would not cause 1P to update these changes
Bitwarden blows the doors off the competition
@June@97 if you're that worried about Bitwarden being hacked, secure it with a Yubikey. And make sure you get two of them so you have a backup.
Just so you know, as long as you create a strong master password and set up 2FA (with at least an authenticator code, preferably with a Yubikey) it really isn't possible to be hacked. Bitwarden hashes everything on your end before it's sent over, and everything is encrypted. You're worrying over nothing, really.
Besides, a second password manager won't do you much good even if you are hacked.
@June@97 For what it's worth, I use a Yubikey.
@@HeWhoIsWhoHeIs A little late, I know 😃 But - if Butwarden itself gets hacked, doesn‘t this make 2FA on the client side obsolete and useless?
@@just__mike when I said hacked in my earlier comment, I was referring to someone guessing or somehow obtaining your password. If you're referring to the company, that's practically useless. They can't access your data. It's encrypted based on your password (and your yubi if you use one). Hacking them would be pointless (but good luck trying).
In any case, what I said stands true; if you don't have the password and the yubi together, you're simply not getting the data. Period.
@@HeWhoIsWhoHeIs isn't 1 password do the same exact thing. Would be good to know how bitwarden is better. Thanks.
I need a new password for Verizon and I need more than 5 mintes to find my email to off my tablet
Josh - Isn't doing things on FB and being a security-focused person a 180 degree conflict in efforts?
Yes and no. I don’t use Facebook personally, but I want to reach and educate people who do. That requires me to maintain a Facebook account.
Just to add to Josh's point and to express my own opinion, using Facebook responsibly while being security focused is not a conflict (unless you're security focused in the sense of not wanting to be publicly known ie. face to a name and even with this you can choose not to have a profile picture).
Using Facebook might conflict with someone who is heavily privacy focused and against the monitoring of ones online activities for marketing/profits. I'm a security professional, I have a Facebook account for various valuable purposes, I used it with caution and only when I really have to. I don't browse feeds, engage with any posts or post any content myself. It's as secure as it can be for me because it feeds me information from family members abroad rather than me feeding it (algorithmically). 😁
Why hasn’t 1 password come up with a legacy option? It’s such a simple thing to integrate.
No password generator on the iPhone that’s bad
Is that a sponsored material?
Manually entering 2FA opens you to malformed URLs and phishing.
I’m not sure I follow what you mean by manually entering?
1Password is not an open source software. The public cannot see if the code is malicious. Keepass is an alternative to consider. Also password managers should not be requiring internet access.
Thanks, Brad. You don't need internet access to use 1Password.
1Password is not open source software, this is correct. They have had several independent audits to make sure they are doing what they say they are doing. That may be good enough for you - it may not.
Bitwarden is open source, cheaper than 1Password, and better IMO
I did not expect u to delete my comment on bitwarden not being restrictive abt number of passwords or number of devices sync.
Goodness sakes…I don’t delete comments unless you’re swearing. Otherwise, that’s between you and RUclips. They do their own kind of censoring so don’t get mad at me.
@@AllThingsSecuredI am sorry, I didn't swear at all, and my comment was still deleted, thats why i got a bit angry.
Im on my phone and have to signin to my tablet, open it, get my mail up, yada, ysda...then go back to my phone and purr, "time expired, shows up!!
This “SHARED” stuff for Netflix is why they are changing their policies.
EASIEST PASS MNGR?
basically you sell your soul to 1Password Servers LOL
Password managers are unnecessarily hyped apps in my opinion. Default browser based password managers are so convenient and secure. Google, Firefox, Safari offer strong password suggestion these days.. and more over you can use your browser as an Autofill manager across platforms too. Ex: you can use FireFox or Chrome as a password manager in your iPhone. I don't think a dedicated password manager is essential in 2022
Thank you. Because of the complexity for new users - If anything - I'd suggest you not try to cover so much so quickly. Repetition also helps when teaching. I'd also benefit from just a video of someone taking a phone out of their pocket and going through "the motions". Sort of a cinéma vérité. but thanks again. I'll be viewing it again... and again... 🙂
I really appreciate the feedback, Tom. That's helpful.
I am on day 1 of using this manager and so far NOT IMPRESSED!
1. No way to delete duplicates!
2. So I figured OK I'll export all my data than delete everything and go into excel and cleanup my over 1000 passwords saved from Lastpass
3. So now I have a clean csv data to import and delete all my passwords to start over
4. What I can't delete more about 18 passwords at a time this will take hours! WTF!
5. So I than select and try to use keyboard and the damn keyboard is broken in the app! The delete key does not work so I can't even do Shift + page down to select twice than hit delete.. no I have to right click to damn well delete?
Who the hell thought of designing a crappy app that has no delete recycle bin option? Are you development team total idiots? Basic functionality is missing in this app completely!
WHY ARE THESE CONS NOT MENTIONED! ARE YOU BEING PAID BY 1PASSWORD AS THE UI IS AWFUL. Be truthful of the interface in reviews!
I was wondering if you are familiar with a password manager called Roboform. I have been using this one for about 10 yrs. & have been very satisfied with it. I wanted to know if you are able to compare these 2: Roboform & 1Password. I tried 1Password many years ago but didn't like the fact that I had to let it determine my passwords, instead of storing the passwords I had already had. Thanks! I watch alot of your videos.
Did not yet watch the video but, I get it when people use closed source apps but when it comes to security FOSS is better
so really bitwarden or even keepassxc is better
So my biggest complaint against your argument is simply this: the FOSS community claims that open source is better, but have you EVER checked the source code of one of these apps that you used?
If you're honest, the answer is likely no (unless you're a security researcher). So all you're really doing is trading your trust of a company with closed source software that has a reputation to uphold with the trust in an ambiguous group of security researchers who have no skin in the game.
I'm not saying Bitwarden or Keepassxc are bad pieces of software. I'm sure they're great. But I'm not sure I buy the whole "because it's open source, it's automatically better" argument. I'm still doing my own research, though, so feel free to try to convince me otherwise!
@@AllThingsSecured Damn big comment, I respect it
Look, as me little old Ismael, no. but as for Linux for example you have the eyes and more big project is more better. and at least you do not have to take words of devs. Look I'm not saying closed source is bad It just I really can't trust what FB dev say for example :p or google for that matter
I did not say "because it's open source, it's automatically better" I'm just saying specially in security you do not have to trust anyone. and yes again I do not look up but at least I have the way to do unlike closed source and at least company will get scared to put spy in the wild you know, so many eyes on your project like what signal did when it waited year on their server side code. all called them out so I'm just saying at least it gives you the ability to look at code when you need to or push another pressure on your company to do the right thing because at least one security researcher looking at your code
So you are right, I trade dev words with trust in open source but at least I can look at the code unlike closed source :p
My English is not my first language so I know my grammar is bad, sorry xd
@@esmailelbob Unless you build your own password manager, you are always going to be trusting it to someone else, FOSS or not. Bitwarden is kept in the cloud, so theirs is just as dangerous (relatively speaking) as 1Password, Last Pass, etc unless you download a CSV and delete your passwords every time. It's all about your threat model vs convenience.
@@RogierYou wait, cloud sync? I think bitwarden syncs itself
I have to say that since I left last pass and started using 1 pw....I hate it. It didnt import most of my data. When I open a site it doesn't automatically fill out the info...after you have to put in your 1pw pw all the time. It suggests passwords but wont let you use them. I decided to get rid of it and use bit warden but guess what..No way no how can I find a export option. Every video o find is wham bam here you go export. Yeah. Apparently I got the only one without that option. 2 thumbs down
now I'm dyslexic
and use my only login with mfa on lastpass browser extension without using my master password but can they do the same Dashlane, 1password and bitwande
and have to use a strong master password when you have to use it every time you log in to the browser extension. support cannot see that
I only have to use mfa or 2fa to log in to the browser extension without using my master password, so try writing this please (izvF9!gHb$8Q!z^P5$@V3m ps is not my master password)
how does a child log in with a password or 2fa / mfa and a child change the password
@All Things Secured: Your review is flawed in a couple of ways. First, you talk about the Secret Key as if this is something offered by most/all other password managers. This is not true. The Secret Key is a unique and incredibly desirable feature of 1password. Lastpass, Dashlane etc do not have this. They rely ONLY on your (salted) master password for vault encryption. If your vault is stolen, then the vault is only as secure as the user's chosen master password. If it is a weak master password, they are in BIG trouble. This is NOT the case with 1password since the high-entropy secret key is also driving the encryption, even if the master password is weak. This alone is a KILLER feature!
Second, 1Password supports WebAuthn 2FA with Yubikey, on Mac, Windows, IOS and Android. This again, is great. Nearly all other password managers do not support this on all platforms, and some don't support it at all. Lastpass, for example only supports OTP with Yubikey and not proper FIDO2/WebAuthn authentication. OTP can be hacked with MITM attacks. WebAuthn cannot. The only other password manager that supports WebAuthn on Android is Bitwarden, and they support it badly, i.e. it is flaky. Again, props to 1password.
How secure are my passwords using 1Password if I have to unlock my phone going through customs traveling abroad? If I have entered a password using my iPhone keyboard or 1Password do I now have to change them all?
You can use "Travel Mode" when traveling with 1Password to make sure this isn't an issue.