Security Audits with 1Password

1Password from AgileBits Software is the only tool I use for managing my online credentials. In fact, I use it to store anything that I consider to be sensitive or mission critical in my life. This can be passport numbers, certificate IDs, software licences, secure network information - it’s all contained within this secure database, accessible on any device that I choose. 

If that was all that 1Password did, then I’d be happy and ask them to take my money. This isn’t the case. One other feature that I urge all 1Password users to look at is Security Audit

If you open 1Password on macOS and look in the left hand pane, you’ll see the Security Audit section. You can hide this if you wish, by hovering over the heading and choosing Hide. I wouldn’t recommend this as the Security Audit is a great addition, helping you to keep on top of any web vulnerabilities via the excellent Watchtower integration as well as identifying, at a glance, any weak, duplicate or old passwords. 

Watchtower - Watchtower will identify any website vulnerabilites and alert you when found. This information is refreshed daily in order to verify items contained within your vault. 1Password then downloads this information and runs a local check against your logins. 

Please note the use of the word local here. AgileBits assure us that no data is ever sent to them.

Watchtower is enabled within Preferences.

Weak Passwords - 1Password runs an algorithm that assesses the strength of your passwords within your vault. A password that may seem complex to you may not be complex to software designed to crack your credentials. If you see an item count badge here (you’ll see I have 4), then it’s recommended to run the Strong Password Generator and change these passwords immediately. 

Duplicate Passwords - We’ve all used duplicate passwords from time to time (easier to remember, am I right?!). The issue we have here is that not all websites have the same level of security. If you have the same passwords on multiple sites and one of those is compromised, then the attackers have the keys to your castle on the others. Here you can quickly find duplicate passwords and replace them with strong, unique ones. 

Old Passwords - It’s always good security practice to change your passwords from time to time. 1Password makes it easy. 

Short and sweet, but I cannot over-emphasise the importance of the Security Audit feature within 1Password. It’s there, use it!