Almost every day, we create accounts on websites: loyalty programs, banks (credit cards), online shopping, government sites, etc.
And of course, we try to simplify our lives by using the same password every time. But what happens when one of these sites becomes the target of hackers? Our email address and this famous password are found on the web. Almost anyone is free to test this combination on many sites such as Aeroplan, Marriott Bonvoy or a banking institution.
It’s simple: by testing my different email addresses on the Have I Been Pwned site, I was able to see that more than 25 sites had been hacked (such as Canva, Dropbox, Adobe, Bitly, LinkedIn or Houzz) and that contained my credentials, now in the wild.
Of course, some safeguards have been put in place by major sites such as double authentication (most often with your phone number). But this double authentication can often be bypassed, especially if the person has had access to your mailbox.
This happened to me recently with the use of one of my – many – rewards program accounts. The person used more than 100,000 points for an airline reservation.
I quickly realized this having received an email to change my password. I contacted the rewards program in question and they cancelled the reservation and credited the points back to me.
And this is happening more and more frequently, as evidenced by this message from Elie left in the Milesopedia Community:
Browsers like Chrome, Firefox or Safari now allow you to create and manage very secure passwords. But for family use – or when connecting from one computer to another – these solutions are not practical.
So I looked for a reliable tool that would allow me to secure my digital life and above all to simplify all this management. And after various trials with Bitwarden and Lastpass, I now use 1Password in its family version, which has the advantage of being an easy-to-access solution from a Canadian company, founded in 2005.
1Password: Step-by-step registration
To sign up for 1Password, go to this page. You can choose the solution that suits you best:
- Personal Account: $3.75 per month
- Family Account: $5.99 per month (up to 5 people)
- Teams account: $24.95 per month (up to 10 people)
- Business account: $9.99 per month per user
You can use 1Password for free for 14 days to see if it’s right for you. But believe me: once you’ve set everything up correctly, you’ll never go back!
I chose the 1Password Families Account since 2 of us are sharing our credentials, and I could integrate up to 3 additional people for only $5.99 per month (or $71.88 per year).
Download the applications
Import your passwords
Once the applications are installed, it will be time to import your passwords from Chrome, Safari or other tools you currently use.
Now, on every site you visit, you’ll see a 1Password icon in the username field with a suggested login.
And if it’s your first time visiting a site, 1Password will offer to register the new login and suggest a complex and unique password.
Thanks to 1Password, most of my passwords now contain more than 20 characters like this one:
Admit that it’s something rather complicated to remember mentally!
Change your passwords
You will soon realize that most of your passwords are:
- low security
It will then be time to go and change each of your passwords. This is the most time-consuming part of the process (especially when you have over 800 credentials). But it’s the most crucial part of ensuring your digital security.
To help you figure out where to start, 1Password‘s Watchtower feature may be helpful (I describe it below).
Here is a list of the main features of 1Password.
Searching for vulnerabilities with Watchtower
When I started using 1Password a few weeks ago, most of my passwords were weak or even compromised in various databases.
With the Watchtower feature, you can quickly locate them:
So I started by securing the most important: access to bank accounts, credit cards and loyalty programs. As well as anything else related to Milesopedia.
But in the process, I made a mistake with Audrey’s Facebook account, which could have been very damaging to us, and I’ll explain why you need to be careful when changing your passwords.
By changing Audrey’s credentials, I also asked Facebook to disconnect her open session on all devices (there were more than a dozen). Except that when re-logging in with her new ultra secure password, Facebook did not recognize the browser. And offered 3 methods to connect:
- SMS (we never received the identification text message)
- Acknowledge 3 comments posted in the last few months (this never worked)
- Ask 3 friends for a code to access the Facebook account (the problem: Audrey – like most people – had not activated this feature).
It was therefore impossible for her to reconnect to Facebook (and therefore to manage the Milesopedia Facebook page or group). And incidentally to access Messenger or other services of Facebook/Meta.
After 48 hours, an email identification option “magically” appeared, allowing her to regain access to her account.
This problem has been inherent to Facebook for many months, and many topics about it appear on forums (Infinite Login Loop). So beware!
Storage of private identifiers and documents
In addition to logins and passwords, 1Password can also store many private documents:
- Driver’s license
- Health Insurance Card
- Social Insurance Number
- And more!
It’s handy to be able to store this information somewhere, especially when you travel regularly (and need to access this information on the go). Especially since we have Canadian and French nationality, which doubles all this information!
Storing credit card data
Another interesting feature of 1Password is the storage of credit card data.
In our couple, we have nearly forty credit or debit cards between Canada, the United States and France.
By registering your credit cards in 1Password, you will be able to access them at any time: whether to pay in your Internet browser for your online purchases, or to share your card with your spouse through shared safe deposit boxes.
Dual TOTP authentication
1Password also supports dual authentication.
Personally, I don’t like the double authentication by SMS because it can be easily hijacked by the SIM Swap technique.
I prefer time-based one-time password authentication. This authentication, known as TOTP (Time Based One Time Password), is becoming more and more widespread and is much more secure.
Synchronization between devices
The purpose of choosing a tool like 1Password – Family is to make your life easier on a daily basis. We have PCs and MACs, iPhones, iPads: 1Password has been installed on all our devices.
As soon as a password is changed on a device, it is immediately synchronized in 1Password.
Private and shared safes
As I said in the introduction, a single person can be satisfied with free tools like Apple’s iCloud Keychain or the version offered by Google.
But as a couple or a family, these solutions are not effective.
With 1Password – Family, you have safes. These safes can be private or shared. For example, here are the safes I created in 1Password to quickly find the credentials I need.
And I must say that with this tool, I have just solved a couple’s worry: how to access the accounts managed by the spouse (credit cards, loyalty programs, services, etc.) if the spouse was suddenly unable to do so (accident, death)?
From now on, each spouse has access to what the other has decided to share. No more password transmission by instant messaging, email or the famous notebook or post-it note on the desk!
1Password has become an indispensable tool, not only for me, but also in the family.
In addition, through April 13, 2022, if you’ve been targeted by American Express for an online promotional offer, you’ll get $70 in credit after purchasing a subscription worth at least $70 (enough to almost pay off the entirefamily subscription)