We know there are several password managers to choose from. They all have different names but promise to do the same thing: protect your employees’ accounts with complex, hard to guess passwords. So why choose 1Password for your business? There are many reasons, but the most important is our promise to prioritize your privacy over everything else.
Encryption you can rely on
We have many protections in place to stop would-be attackers from accessing our servers. (It’s no coincidence that we’ve never been hacked!) And even if a thief somehow slipped through, they would only have access to reams of scrambled information. That’s because 1Password uses end-to-encryption to safeguard everything that your team has in their accounts. Unless the hacker had access to everyone’s decryption keys, the data would be worthless.
Every team member’s decryption key comes in two parts. There’s a Master Password, which you need to remember to access your account, and a Secret Key. The latter is a long series of letters and numbers, separated by dashes, which can be copied from your Emergency Kit or by scanning a Setup Code, if you’re already logged in on another device.
Without both pieces, a theoretical thief is toast. They could try a brute-force trial-and-error attack, but it would take millions of years for even the most powerful supercomputer to find the correct solution.
Built on top of open standards
It might sound counterintuitive to share how 1Password works. You wouldn’t give a burglar a blueprint for your home, after all. But we believe transparency makes 1Password stronger. It was developed on top of open standards that anyone with the technical knowhow can investigate, implement, and improve.
Our defences have been reviewed by independent security specialists, including Cure53 and Onica. And Troy Hunt, a security specialist and founder of the invaluable “Have I Been Pwned” database, sits on our board of advisers.
All of these perspectives give us a greater chance of spotting and fixing any potential weaknesses. We want everyone to understand 1Password, though – not just the experts. That’s why we created a white paper that explains 1Password’s approach to security.
1Password keeps your data safe in other ways
Encryption and keys are only the beginning. 1Password offers a variety of tools that can protect your team’s information:
Auto-lock and manual locking. Team members can set 1Password to automatically log out after a period of inactivity. Alternatively, they can manually lock 1Password with a keyboard shortcut on Mac, Windows, Linux and in the browser.
Multi-factor authentication. Many services offer two-factor authentication as an extra layer of security. Your team can set up 1Password to deliver these codes, removing the need for SMS messages or a separate authentication app such as Authy.
Obscured passwords. 1Password will only show a person’s passwords if they select Reveal. Otherwise, they’re presented as a series of dots or asterisks, making sure that no-one nearby has any chance of writing them down.
Clipboard clearing. Team members can set up 1Password to automatically remove copied passwords from their clipboard, ensuring no hacker can pick them up that way.
Careful autofill. 1Password will only offer to autofill passwords on sites that your team members have specified. This way, your business will never be caught out by phishing attacks that use fake but easily believable websites.
Privacy Cards. If your team members are based in the US, they can use virtual Privacy Cards to pay for goods and services online. So if a service they use was ever breached – and, heaven forbid, exposed card details – no one could access their actual cash.
We’ll let you know about any known data breaches
We can’t stop data breaches from happening at other companies. But we can let your team know when something goes wrong. 1Password Watchtower checks the Have I Been Pwned database and will alert your colleagues if any of their passwords appear in a data breach. It will also flag weak and reused passwords, as well as services where two-factor authentication can be enabled.
Administrators can also create a domain breach report that shows every company email address affected by a known data breach. The results can be alarming, depending on the size and behaviour of your team. But it means you know exactly what’s been exposed and who needs to update their passwords pronto.
No in-app trackers
You might have heard that 1Password is one of the few password managers that doesn’t have third-party trackers in-app. The reason why is simple: we don’t need them. We do collect a small amount of information about you, such as your name, email address and how many passwords you’ve stored in your account, but only to provide you with the best possible experience and solve any problems you might have. We’ll never, ever share your information with a third-party company.
Your data is always yours
We hope that your team will use 1Password forever, but we understand that everyone’s circumstances change. If your company ever decides to leave, everyone will be able to export their data, no questions asked. Everyone will also have a way to download their information, even after you’ve stopped paying for 1Password Teams or 1Password Business. Because trust starts with having the freedom to delete and move your information between services.
Want this level of privacy? Switch your business to 1Password
If you’re already paying for another password manager, no problem: let us know, and we’ll give you some credit toward 1Password Teams or 1Password Business. We’ll even walk your team through the switching process, so no-one is left without access to their important accounts. And remember, every employee using 1Password Business also gets a free 1Password Families membership. That way, every team member can protect their privacy at home and at work.
Tweet about this post