A complete tool – 1Password
In the previous article “How to manage secrets” we learned how to manage sensitive data and what tools are best for keeping your credentials safe. This time I will try to introduce the "1Password manager" tool.
You are probably wondering why the title of this post is "A complete tool". The definition of the word "complete" is "having all parts or elements; lacking nothing" and that is what this tool is. And even more ;)
All credentials in one place
In most companies, employees store private keys (logins, test card credentials) in a local tool such as a keypass or keychain. All public keys for company employees (base auth, api keys etc) are stored in online tools such as Vault.
We've all been there. You want to login to the admin panel -> searching for keys in a local tool. Now that you are on the login page, the system tells you that you need Basic Authentication for the server. You're already irritated but you have no choice but to search for your keys in the online tool (vault).
Do you see where I'm going with this? It is a waste of time to create and store keys in separate tools.
In the 1Password tool, we can migrate all our private and public keys. During the migration, you decide which keys are for your use only and which are public.
The Main Vault is private. It is a fully secured space where you can save and store your private keys. Creating public vaults is very easy. Just select the group you want to give access to credentials. And that’s all.
More than just safe
The more tools we have to store keys, the greater the risk of data leakage. The greatest risk occurs if we have the same password for all databases. I don't need to explain what the consequences are.
Otherwise, when we have different passwords for each tool, we must remember these passwords. The most important thing is that they should be unique and difficult to break.
As the name of the tool, "1Password", suggests, you only need one password :D but that's not the only way to protect your data.
1. To log in to your account on any new device you need a secret key (code).
Without it, the password itself is useless.
2. Two-factor authentication for mobiles devices.
To keep our keys safe on mobile devices, we can secure them with a password and a six-digit authentication code.
3. Travel mode.
Many times our work travels with us. We have private keys on our cells and laptops. In the event of theft or loss of the device, our keys will be secured with the travel mode. In this mode, the tool will remove keys from tools that you consider (mark) as endangered. You can find more info about it here
If you forget to log off your device from time to time, this option is for you. You can set the time after which the 1Password tool will log you out of your account.
5. Nothing will disappear
At any time you can check where, at what time and on what device you have logged in to the tool.
Sharing keys - simple and secure
The big advantage of 1Password is the secure sharing of keys. The person or organization with whom you share the keys does not have to be a user of the 1Password tool to receive credentials from you.
In a few sentences I will show you how to safely share your keys.
There are a few ways to share credentials. You can create and send a link for the key but this is the least secure solution.
The best solution is the most complex and complicated way of sharing the keys.
Set the exipiration time (1h to 30 days). An expiration time set to 1h will be the most secure.
In the option “Available to” select “only some people”. This way you will be sure that no one except the person you shared the keys with will have access to them.
The “Can be viewed only 1 time per person” checkmark is an additional security feature. If you select this option, the recipient of this message will only be able to open the message with the credentials once. This significantly reduces the risk of keys being taken over by unauthorized persons or organisations.
How does it look from the recipient of the keys? We define the recipients of the link with the credentials using the e-mail address.
After opening the link, the recipient must provide their e-mail address and confirm the operation with the "send code" button.
Once this is done, a six-digit (secure) code will be sent to their e-mail inbox. The next step is to enter the code and confirm it with the “View item” button.
And that's all. From now on, the client or co-worker has 1 hour to use or save the key in a safe place.
As you can see, sharing keys is not only simple for both sender and recipient but it also well secured.
Is that enough?
Of course not. The "1Password" tool offers many more functions that will facilitate your daily work.
- Saving the credentials (autosave) when logging in to the store's website, office, etc. When entering the login keys, the tool (1Password) will ask you to save your login and password. Additionally, 1Password will suggest a (encrypted) password.
- Saving address data (Identity), payment cards, data for bank accounts etc. directly in the 1Password tool.
- Autofill - a function that helps (especially testers) to quickly test checkouts and card payments. You do not need to fill out all the address fields, just select the appropriate data from the tool and click "autosave".
- The 1Password tool is available on multiple platforms. Desktop, mobile, native application. Thanks to the variety of available options, we can have access to our credentials all the time and wherever we are.
The 1Password tool is complex, compatible, user-friendly and secure. It is one of the best confidential data management tools on the market. 1Password fully deserves a high position in user rankings.