What password manager feature is most important to you? I'd be curious to hear. Also, if you want to try 1Password, you can support me by using this affiliate link: www.allthingssecured.com/try/1password

@dedhippi

2 жыл бұрын

most important to me is that I don't have to ever worry that someone will be able to get them from me no matter how much I've had to drink while browsing the internet...

@neuideas

Жыл бұрын

Assuming the manager already does the basics (logins, notes), I have a definite need for good support for custom fields, and accessing them from the rt-click menu. My bank requires answering a security question after name and password are accepted. I have 5 on file, so it chooses one at random. I'd like to have a manager that allows me to specify which custom field to enter on a given login attempt, based upon the security question asked. No password manager I've tried so far does this. Bitwarden comes close, as I can access the custom fields from the extension menu, and copy a specific field to the clipboard, but this is a little inelegant. I can easily rt-click to enter my name/password, but then have to move my mouse pointer to the extension to copy/paste my security question answer. Nordpass has no support for custom fields, and Roboform doesn't give me access to the custom fields using the extension (I have to go into the application or the website and copy/paste from there). I also have a need for properly searchable secure notes, to pick out specific information from longer notes. I can sort-of do this from the browser using Nordpass or Bitwarden, but that's only using the Ctrl-F functionality from the browser itself. I lose this option if I use the Android app.

@HeWhoIsWhoHeIs

Жыл бұрын

I've tried them all, and only Bitwarden meets my standards.

@neuideas

Жыл бұрын

@@HeWhoIsWhoHeIs Bitwarden is good -- very good. It's especially good knowing it's free for 90% of its features, and extremely inexpensive for 100% of its features. It has some minor drawbacks, as I mentioned already, but overall, it's a solid choice.

@HeWhoIsWhoHeIs

Жыл бұрын

@@neuideas the thing is, they listen to their customers and are always adding new features. I started using it in about 2015ish and it has done nothing but get better and better. It has never failed me

Awesome video - Thank you! Quick summary for others: - 1Password uses zero- knowledge encryption - can store non-website/app passwords as well (eg. passport info, card pin codes) - has a mobile ap - has a browser extension - checks your password for strength - stores previous passwords in case you need to remember what they were - has family pack where you can store up to 5 password accounts and created shared passwords for logins you'd like to share

@CP-ux9zd

11 сағат бұрын

I’ve considered a password manager. But everyone putting their passwords in a big pile is just a big bullseye for hackers. Seems like not if, but when. You guys talking about LastPass hacked more than once. They worked every day for security also. Maybe a rung down the ladder.. I don’t know. But I hesitate to join in the target. And as far as biometrics, how long until AI bests that one. No thanks. IMO

Thank you for the great tip about the double-blind password strategy. Subscribed!

I've been using 1PW for years and didn't know half of this. Where has this channel been all my life! keep up the great work.

@AllThingsSecured

Жыл бұрын

Great to hear!

13:50 Great video. Thanks so much. How do you handle shared services or accounts that require a 2FA and we do not have any other option other than set up SMS(least preferred) or Authenticator app?

Thank you very much for all your videos. all of them are excellent. I want to ask you about kaspersky Password Manager and compared to 1Password, which one is better? and incidentally also, between 1Password7 and 1Password8 ??

Great presentation Sir. Going to check it out.👏

Really good idea with the double blind password.

Thank you for your clip it was very informative and useful. I have a question regarding is secure keychain or USB adapter that connected to the computer and log into the windows and it's not necessary you type passport for log into your Windows login page is there any good quality for this matter is there anyone that combine with the software that you explain now

is the second code that you add different for every account? if so, won't need another app to keep a record of those extra bits?

Honestly, free version of bitwarden is already very competitive and for the most part better in my opinion than almost all of the other password managers. Then you add the premium version being about 3.5 times cheaper than 1password, and for what I need, not a lot of difference in their offerings, I think I'll stick with bitwarden. And the fact that it's open source, I think is a bonus. Anyone can be able too see how things are implemented and hold them accountable to fix things, and, if they don't, people will let everyone know about it. And there's also the added benefit of being able to self host on your own server and not rely completely on them if you have the know how or the patience to learn. And that's even on the free version of the plan from what I can tell.

@JohnSmith-zl8rz

Жыл бұрын

bitwarden is damn ugly (design) but yes is good

Double blind 🤯🤯🤯 Great video!! Thank you for sharing your knowledge!! 🙏🙏🙏

Cheers Josh ,great video.....I hope they allow the virtual card in the UK soon / Josh would I be able to use a VPN from UK to get the virtual card??

@AllThingsSecured

2 жыл бұрын

Thanks, John! Unfortunately no. Signing up for something like Privacy.com requires you to go through a KYC (know your customer) process that verifies whether or not you're a US resident.

I appreciate you taking the time to walk us through the process. In addition, I would like to comment on another Password Manager - Bitdefender Password Manager, and what you think about it. Trying to decide which to choose, there are so many. Thank you again.

@AllThingsSecured

Жыл бұрын

There are so many, and while there isn't a "bad" choice, I think very highly of 1Password, which is why I use it exclusivly.

Very good information sir - thank you

Thanks as always very helpful

@AllThingsSecured

2 жыл бұрын

Glad to hear it!

Is there any way to incorporate 1Password with a Roku device? For example, Netflix. On my laptop, it's no big deal to have the 1Password extension autofill on the laptop. But then if I want to watch Netflix on the Roku, is there an easy way to accomplish this without having to use the Roku remote to enter the password?

Awesome, very detailed and 1password has a lot more features then other password managers. very cool

@AllThingsSecured

Жыл бұрын

🙏🙏

Just a couple of things, I am a big proponent of 1password, and you are right, separation of concerns is a good idea with not storing passwords on your browser, but storing other people's PII data in your account is not a great idea, a family account is available from 1password, that will let you administer the other accounts, but keep that seperation of concerns. Secondly, please do use a strong password for your Netflix account and, especially your Google account, streaming media tv apps (and google) have the ability to enter a code generated from a logged in browser account session and type that code ( usually 4-8 digits) into the tv. So please, please use a strong password for everything, there is no excuse, if you can't because of the limitations of the app, you probably should be having thoughts about how well the app has been written and maybe use something else.

@JohnSmith-zl8rz

Жыл бұрын

agree on PII data

Would you please look into the safety and ease of use of Passkey.. Thanks

Can you exclude a single or a number of sites from autofill? These are where they ask for 3, 5 and 6 characters from your last school (which is one of 3 reminders you had to provide. Or 6 long PIN fill in the open boxes they want.

Great!

Hi Josh, do you have plans on having this offered with subtitles in other languages? I'd love to watch this the whole way through. Thanks

@AllThingsSecured

2 жыл бұрын

Which language would you like to have added?

@pedroblanco8311

2 жыл бұрын

@@AllThingsSecuredSpanish (Latin American) por favor y gracias.

I'm thinking of moving from LastPass given the latest incident, but don't they all have similar issues, so hard so say which one to go with. How easy is it to move all my lastpass details, over to 1P /. any why is 1P better than some of the others? Is this the one? At the end... Love your BLIND double Password idea.. I'm going to steal that one :)

Pretty good review and overview of 1password. Downside is that I have an Android phone & a PC. While the program may look and operate similar, the process is probably a different experience for me as I don't have Face ID and the other Apple integrations. I do have an older iPad and I wonder whether it would work on the older os, and I can't do face id on the iPad.

@idkbruhimhigh

Жыл бұрын

Using Android and Windows with 1password, has been seemsless intregration/connection. No worries.

@benandrewtyler

Жыл бұрын

You can use biometrics on Android, (open your vault with your fingerprint), and set the length of time it takes until the session ends then asks you to re-enter your password. The same on Windows with Windows hello, either a pin or face recognition. So with Android and Windows you are all good with 1password.

Can u pls do a video on how to setup family password manager. Preferably with 1password. My thinking is to setup 1 admin account and then each user to have their own private vault. Everyone could have access to a shared vault. I was also keeping a copy of everyones password in admin.

Finally completed the transition from LastPass to 1Password

@AllThingsSecured

Жыл бұрын

Great work!

Great video. Thanks for putting it all together. I use LastPass. I am happy with it and have gotten my family to use it under my family plan. Here is my question: Is there any reason for me to switch to 1Password? Thank you!

@AllThingsSecured

Жыл бұрын

If you like Lastpass and everybody is already using it, just stay there. The only reason I’d say to move is if you’re uncomfortable with the various hacks that have happened to LastPass recently.

@aussieman8738

Жыл бұрын

@@AllThingsSecured yes it happened to me about 6 months ago. couldnt get into lastpass. lost all my information. I made a move to 1pass months ago. very happy with it . never going back to lastpass

Man, you really answered everything I wanted to know. The only question that was outstanding was answered at 18:40, so I appreciate your thorough video!

@AllThingsSecured

2 жыл бұрын

Awesome! Glad to hear it.

For cryptocurrencies, if I am storing my 12-24 word phrase into 1password, is there an additional pin that can be set up before seeing those words? Like, a specific Custom field that requires an additional level of security to see the contents?

@AllThingsSecured

2 жыл бұрын

No, there isn't a way to create a password-protect note inside of a password-protected vault. You'll have to either make sure your password manager master password is really strong and backed up by good 2FA...OR just find a different way to store your seed phrase.

@tubbytee7096

2 жыл бұрын

I store my seed phrases in a password manager however I removed one of the words from each sequence. My captured seed phrase words are numbered so the omission is clear. I have 3 hardware wallets and I have removed 3 words that can be used to create a silly event/story for ease of remembering.

11:55 I definitely loved your 1Password Walkthrough, but there was a slight issue regarding quickly accessing 1password from a public computer. for 1P to log you in, you need the master password as well as the secret key on a new device. the idea of being able to, in an emergency, access your account without some way of having the secret key readily available might cause inexperienced users to not understand why they cannot access 1P from any random computer.

With many recent street holdups, I am getting very concerned about carrying a cell phone, which an attacker could use, to force me to withdraw / transfer cash, crypto, etc. So I deleted most personal / financial data. Is there any kind of secret Android app (no mention anywhere on the cell phone) , that would require a PIN # to make the Apps visible and usefull ?

2:30 Is it safe to send images of important documents like passport by email?

@AllThingsSecured

2 жыл бұрын

Generally no. I would recommend using some kind of encrypted cloud storage or encrypted email like ProtonMail.

i looked through previous videos and i hoped this one would answer the question: should we use the password managers that come with the browser?

@AllThingsSecured

Жыл бұрын

You can, but I recommend against it. Browsers were made to browse the internet, not keep passwords secure.

Does the iPhone Face ID work to log into the 1Password app? Or, do you have to type your master password to log into the 1Password app? Using the BitWarden iPhone app, you have to type the master password to log into the BitWarden app. FaceID only works to unlock BitWarden. LastPass allowed logging into the iPhone app using Face ID. I need to switch from LastPass to a different password manager, but typing the master password to log into the app would be a big hassle, verses using the Face ID to log into the app.

@AllThingsSecured

Жыл бұрын

Yes, you can use Apple's Face ID to log in.

@daveborchard2019

Жыл бұрын

@@AllThingsSecured Thank you for answering my question about logging into the 1Password iPhone app with Face ID! One more question: Can I share a Personal account with my wife? Or, does that require a family membership. I don’t auto fill usernames and passwords, I only store the usernames and passwords in secure notes.

Thanks for this video. Newbie here. When I go to sign into my account under my username and email are the first 8 characters of my secret key. Is that supposed to be there?

@AllThingsSecured

4 ай бұрын

If you’re logging onto the web app from a trusted computer, then yes. It’s not a security risk, don’t worry.

@mahriweitz384

4 ай бұрын

@@AllThingsSecured thank you

@mahriweitz384

3 ай бұрын

@@AllThingsSecuredAnother question. I am ready to export my passwords and first get this message. What backup software would that be? I have a Mac and use Time Machine with an external hard drive. I assume as long as that is not plugged in, I’m fine but, is there any other backup software I need to be concerned about? Then once all Passwords from Keychain, Safari and Chrome are exported is there anything I need to delete? If so, how do I do that? Sorry, if these are silly questions, I’m not that tech savvy.

Should you really start with 1password when Google and others are switching to Passkeys?

When using my desktop, my passwords already autofill, how do I change that?

Excellent video--I have abandoned Lastpass for obvious reasons and moving to 1Password has been an easy transition. I agree a free version doesn't support future development. And, $36/year is a pittance compared to the hassle and expense of a hack.

@davinp

Жыл бұрын

1Password costs the same as LastPass premium. SInce LastPass has been hacked again, I am leaving them and trying out 1Password which I like so far

can you share the 2fa functionality with say your wife so she doesn't have to have my phone to log into an account?

I created a convoluted password as my master password. The only problem is that since the app prompts me for the password every time I use it, I have to look it up. Is it ok to use a master password that isn't so complex?

@ChemSteve

Жыл бұрын

Also you may be able to set up an easier way to access on your app, like fingerprint, PIN, etc. Check the settings on your app.

@Bushchannel

10 ай бұрын

Yes I think it’s okay to have an easy to remember master password. Just try to be sure it contains upper case, lower case, numbers and special characters and is at least 16 characters long.

It's been a while since I've used an Android smart TV but I know Roku, and I'd bet Android, let you use your phone/tablet as a remote so you can also enter your passwords from that.

How Do I get passwords from keychain to Nordpass

How do you add to a vault?

I got 1password because of your video and i love it ....... thank you . I also took your recommendation for blind PW Thank you.......

Josh - Isn't doing things on FB and being a security-focused person a 180 degree conflict in efforts?

@AllThingsSecured

2 жыл бұрын

Yes and no. I don’t use Facebook personally, but I want to reach and educate people who do. That requires me to maintain a Facebook account.

@Barry_Kavanagh

Жыл бұрын

Just to add to Josh's point and to express my own opinion, using Facebook responsibly while being security focused is not a conflict (unless you're security focused in the sense of not wanting to be publicly known ie. face to a name and even with this you can choose not to have a profile picture). Using Facebook might conflict with someone who is heavily privacy focused and against the monitoring of ones online activities for marketing/profits. I'm a security professional, I have a Facebook account for various valuable purposes, I used it with caution and only when I really have to. I don't browse feeds, engage with any posts or post any content myself. It's as secure as it can be for me because it feeds me information from family members abroad rather than me feeding it (algorithmically). 😁

I need a new password for Verizon and I need more than 5 mintes to find my email to off my tablet

Is that a sponsored material?

I did not expect u to delete my comment on bitwarden not being restrictive abt number of passwords or number of devices sync.

@AllThingsSecured

2 жыл бұрын

Goodness sakes…I don’t delete comments unless you’re swearing. Otherwise, that’s between you and KZread. They do their own kind of censoring so don’t get mad at me.

@himanshuchhabra1942

2 жыл бұрын

@@AllThingsSecuredI am sorry, I didn't swear at all, and my comment was still deleted, thats why i got a bit angry.

ProtonPass is the new contender

Never ever expect privacy and security from proprietary software.

Why hasn’t 1 password come up with a legacy option? It’s such a simple thing to integrate.

Manually entering 2FA opens you to malformed URLs and phishing.

@AllThingsSecured

2 жыл бұрын

I’m not sure I follow what you mean by manually entering?

Bitwarden blows the doors off the competition

@HeWhoIsWhoHeIs

Жыл бұрын

@June@97 if you're that worried about Bitwarden being hacked, secure it with a Yubikey. And make sure you get two of them so you have a backup. Just so you know, as long as you create a strong master password and set up 2FA (with at least an authenticator code, preferably with a Yubikey) it really isn't possible to be hacked. Bitwarden hashes everything on your end before it's sent over, and everything is encrypted. You're worrying over nothing, really. Besides, a second password manager won't do you much good even if you are hacked.

@HeWhoIsWhoHeIs

Жыл бұрын

@June@97 For what it's worth, I use a Yubikey.

@just__mike

Жыл бұрын

@@HeWhoIsWhoHeIs A little late, I know 😃 But - if Butwarden itself gets hacked, doesn‘t this make 2FA on the client side obsolete and useless?

@HeWhoIsWhoHeIs

Жыл бұрын

@@just__mike when I said hacked in my earlier comment, I was referring to someone guessing or somehow obtaining your password. If you're referring to the company, that's practically useless. They can't access your data. It's encrypted based on your password (and your yubi if you use one). Hacking them would be pointless (but good luck trying). In any case, what I said stands true; if you don't have the password and the yubi together, you're simply not getting the data. Period.

@bobby350z

Жыл бұрын

​@@HeWhoIsWhoHeIs isn't 1 password do the same exact thing. Would be good to know how bitwarden is better. Thanks.

No password generator on the iPhone that’s bad

Im on my phone and have to signin to my tablet, open it, get my mail up, yada, ysda...then go back to my phone and purr, "time expired, shows up!!

EASIEST PASS MNGR?

Thanks for your thorough discussion. I have three questions: 1) if one uploads all their passwords from keychain access to 1password, should they be removed from keychain access? 2) if one later wants to cancel 1 password, can they be re-downloaded, if they had been removed? and, 3) do changes to passwords in 1password automatically change also in keychain access if they weren't removed from it originally? I know, a lot to answer, and maybe the answers are in some FAQ. Thanks again in any event.

@TimOfKenya

2 жыл бұрын

1) ideally once you've moved over the passwords, to 1P,assword (1P) you won't need to re-access Keychain. I would say remove it from Keychain once you've confirmed the passwords have been moved over, but that becomes a personal choice. 2) it is possible to have 1P "freeze" your account by basically making the account essentially work as a read-only file. in this case, you could copy over your account back to Keychain or somewhere else. if you don't have a mac, you will have to manually enter the passwords to Keychain, although if you do have a mac, the process might not be that much smoother. Just remember if you want to delete the account, you will have to export the data first before the deletion of the account. 3) 1P and keychain are separate apps, and therefore any changes to either 1P or keychain would not affect the other app. even if you have the same login in both 1P and keychain, any changes to keychain would not cause 1P to update these changes

1Password is not an open source software. The public cannot see if the code is malicious. Keepass is an alternative to consider. Also password managers should not be requiring internet access.

@AllThingsSecured

2 жыл бұрын

Thanks, Brad. You don't need internet access to use 1Password.

@ryanthompson3492

2 жыл бұрын

1Password is not open source software, this is correct. They have had several independent audits to make sure they are doing what they say they are doing. That may be good enough for you - it may not.

@ChemSteve

Жыл бұрын

Bitwarden is open source, cheaper than 1Password, and better IMO

This “SHARED” stuff for Netflix is why they are changing their policies.

basically you sell your soul to 1Password Servers LOL

Password managers are unnecessarily hyped apps in my opinion. Default browser based password managers are so convenient and secure. Google, Firefox, Safari offer strong password suggestion these days.. and more over you can use your browser as an Autofill manager across platforms too. Ex: you can use FireFox or Chrome as a password manager in your iPhone. I don't think a dedicated password manager is essential in 2022

Thank you. Because of the complexity for new users - If anything - I'd suggest you not try to cover so much so quickly. Repetition also helps when teaching. I'd also benefit from just a video of someone taking a phone out of their pocket and going through "the motions". Sort of a cinéma vérité. but thanks again. I'll be viewing it again... and again... 🙂

@AllThingsSecured

Жыл бұрын

I really appreciate the feedback, Tom. That's helpful.

I am on day 1 of using this manager and so far NOT IMPRESSED! 1. No way to delete duplicates! 2. So I figured OK I'll export all my data than delete everything and go into excel and cleanup my over 1000 passwords saved from Lastpass 3. So now I have a clean csv data to import and delete all my passwords to start over 4. What I can't delete more about 18 passwords at a time this will take hours! WTF! 5. So I than select and try to use keyboard and the damn keyboard is broken in the app! The delete key does not work so I can't even do Shift + page down to select twice than hit delete.. no I have to right click to damn well delete? Who the hell thought of designing a crappy app that has no delete recycle bin option? Are you development team total idiots? Basic functionality is missing in this app completely! WHY ARE THESE CONS NOT MENTIONED! ARE YOU BEING PAID BY 1PASSWORD AS THE UI IS AWFUL. Be truthful of the interface in reviews!

I was wondering if you are familiar with a password manager called Roboform. I have been using this one for about 10 yrs. & have been very satisfied with it. I wanted to know if you are able to compare these 2: Roboform & 1Password. I tried 1Password many years ago but didn't like the fact that I had to let it determine my passwords, instead of storing the passwords I had already had. Thanks! I watch alot of your videos.

I have to say that since I left last pass and started using 1 pw....I hate it. It didnt import most of my data. When I open a site it doesn't automatically fill out the info...after you have to put in your 1pw pw all the time. It suggests passwords but wont let you use them. I decided to get rid of it and use bit warden but guess what..No way no how can I find a export option. Every video o find is wham bam here you go export. Yeah. Apparently I got the only one without that option. 2 thumbs down

now I'm dyslexic and use my only login with mfa on lastpass browser extension without using my master password but can they do the same Dashlane, 1password and bitwande and have to use a strong master password when you have to use it every time you log in to the browser extension. support cannot see that I only have to use mfa or 2fa to log in to the browser extension without using my master password, so try writing this please (izvF9!gHb$8Q!z^P5$@V3m ps is not my master password) how does a child log in with a password or 2fa / mfa and a child change the password

Did not yet watch the video but, I get it when people use closed source apps but when it comes to security FOSS is better so really bitwarden or even keepassxc is better

@AllThingsSecured

2 жыл бұрын

So my biggest complaint against your argument is simply this: the FOSS community claims that open source is better, but have you EVER checked the source code of one of these apps that you used? If you're honest, the answer is likely no (unless you're a security researcher). So all you're really doing is trading your trust of a company with closed source software that has a reputation to uphold with the trust in an ambiguous group of security researchers who have no skin in the game. I'm not saying Bitwarden or Keepassxc are bad pieces of software. I'm sure they're great. But I'm not sure I buy the whole "because it's open source, it's automatically better" argument. I'm still doing my own research, though, so feel free to try to convince me otherwise!

@esmailelbob

2 жыл бұрын

@@AllThingsSecured Damn big comment, I respect it Look, as me little old Ismael, no. but as for Linux for example you have the eyes and more big project is more better. and at least you do not have to take words of devs. Look I'm not saying closed source is bad It just I really can't trust what FB dev say for example :p or google for that matter I did not say "because it's open source, it's automatically better" I'm just saying specially in security you do not have to trust anyone. and yes again I do not look up but at least I have the way to do unlike closed source and at least company will get scared to put spy in the wild you know, so many eyes on your project like what signal did when it waited year on their server side code. all called them out so I'm just saying at least it gives you the ability to look at code when you need to or push another pressure on your company to do the right thing because at least one security researcher looking at your code So you are right, I trade dev words with trust in open source but at least I can look at the code unlike closed source :p My English is not my first language so I know my grammar is bad, sorry xd

@homesteadishdad

2 жыл бұрын

@@esmailelbob Unless you build your own password manager, you are always going to be trusting it to someone else, FOSS or not. Bitwarden is kept in the cloud, so theirs is just as dangerous (relatively speaking) as 1Password, Last Pass, etc unless you download a CSV and delete your passwords every time. It's all about your threat model vs convenience.

@esmailelbob

2 жыл бұрын

@@RogierYou wait, cloud sync? I think bitwarden syncs itself

@All Things Secured: Your review is flawed in a couple of ways. First, you talk about the Secret Key as if this is something offered by most/all other password managers. This is not true. The Secret Key is a unique and incredibly desirable feature of 1password. Lastpass, Dashlane etc do not have this. They rely ONLY on your (salted) master password for vault encryption. If your vault is stolen, then the vault is only as secure as the user's chosen master password. If it is a weak master password, they are in BIG trouble. This is NOT the case with 1password since the high-entropy secret key is also driving the encryption, even if the master password is weak. This alone is a KILLER feature! Second, 1Password supports WebAuthn 2FA with Yubikey, on Mac, Windows, IOS and Android. This again, is great. Nearly all other password managers do not support this on all platforms, and some don't support it at all. Lastpass, for example only supports OTP with Yubikey and not proper FIDO2/WebAuthn authentication. OTP can be hacked with MITM attacks. WebAuthn cannot. The only other password manager that supports WebAuthn on Android is Bitwarden, and they support it badly, i.e. it is flaky. Again, props to 1password.

How secure are my passwords using 1Password if I have to unlock my phone going through customs traveling abroad? If I have entered a password using my iPhone keyboard or 1Password do I now have to change them all?

@AllThingsSecured

Жыл бұрын

You can use "Travel Mode" when traveling with 1Password to make sure this isn't an issue.