While your personal passwords can be managed however you’d like – a sticky note or spreadsheet, it’s important to take extra precautions when handling logins for your business. As a company that’s working with a dozen or more clients at a time, a system for handling client logins is a necessity.
We use 1Password by AgileBits to store and access internal and client passwords. Here's what 1Password does, how to set it up, and how we use it every day.
Pricing and Service
There are tons of extensions and applications out there that handle passwords. For us, 1Password was the best value with the best usability. You pay per user based on the level of service you need. For an individual, 1Password is $2.99/month. For teams, it ranges from $3.99-$11.99 per person, per month. The upper end of this gives advanced access control and authorization levels, along with priority customer service support.
All tiers of their service include unlimited installations on all of your devices, the same high level of encryption, and a watchtower feature to receive around-the-clock security alerts for the services and sites that you use.
When you get started with 1Password, you set up your account using basic information and create a strong master password. 1Password is named for the one password you need to remember – your master password. This is what allows you to access all of the other logins. When you set up your account, you’ll also receive an Emergency Kit with your secret Account Key, which protects your data, and which you will need to sign in to 1Password from new devices.
It’s best to save this PDF somewhere safe, and perhaps also print out a copy just in case.
From here, you can download the browser extension, desktop app, and mobile application. You’re now able to access any shared logins if you’re on a team account, or you can begin adding your own logins.
You can organize logins into different “vaults”, which is similar to a folder structure. For an agency, it’s helpful to use these vaults for different clients. You can keep all of the logins for a client’s staging environment, Github, testing, and app monitoring service all in one place.
You can then have a vault for different areas of your company internally too, like keeping all of the social media and marketing logins in one place, and all of your dev tools in another.
1Password is also set up to give every user a personal vault for their logins. Here, you can stash the logins that only you will need.
In day to day usage, interaction with 1Password mainly exists through the browser extension. When you arrive at a site that needs a login stored in 1Password, you simply click the extension button and enter your master password. You’ll see the login listed, or if it’s a site where there are multiple logins for different clients, such as Amazon S3, you’ll see a list of potential logins. Click the one you need and the username and password will be auto filled.
Once you’re logged in with your master password, you can log into any site in two clicks.
When you're switching between apps multiple times a day, this little bit of time saved really makes a difference.
You can also use 1Password when setting up a new account login. They have an automated password generator that creates a tough to crack password. This login can then automatically be stored in 1Password after it's generated. You can adjust the password complexity based on the requirements for the website and your preference.
This eliminates the need to think up a new password for every new account, and prevents you from leaning on the same old password again (We've all done it before!)
Overall, 1Password is a useful tool for our development agency to use when interacting with client and internal account information. Their end to end encryption gives us and our clients peace of mind that every precaution is taken to protect sensitive information.
What tool (if any) do you use for storing your passwords? What do you like or dislike about it? Leave a comment below and let us know!