I’ve been using 1Password for years and it is probably the most important software I use, since I have so many websites that I need to log into on a regular basis. Yes 1Password can store all your passwords, as well as credit card numbers, and other secure data. And yes it can create super strong passwords at any length you choose (I’m now asking it to create 20-character passwords).
But did you know it can also check the passwords you’re already using, to see if they are secure? It’s called Watchtower, and if you open up 1P on your computer you will see “Watchtower” at the left. Click on the triangle next to it, and you get a dropdown for all the different vulnerabilities it spots. These are the ones I think are the most important:
- Compromised websites: If a website is known to have had a data breach, 1P will let you know here, so you can log in and update your password.
- Vulnerable passwords: That password has been exposed in a data breach, but not necessarily connected with your account. Still a good idea to log in and update your password.
- Reused passwords: Yes, a password that you’ve used on multiple websites. Change those!
- Weak passwords: These passwords are too short, or too easy to guess.
- Unsecured website: I have a lot of these but it’s not actually serious. When I added the URL to 1P, it was a long time ago, before every website was using HTTPS for security. So for example my entry for AirB&B has the URL http://airbnb.com, but the URL now is https://airbnb.com and I haven’t gone into 1P to make the change. Almost every website has an auto-redirect from http:// to https://, so my 1P entry still works, and it’s not a true security risk. But if you ever go to a site that is just http:// and not https://, be careful.
- Two-Factor Authentication: Notifies you of websites that now allow you to have two-factor authentication (2FA) for additional security, so you can choose to set that up at each website if you want.
I strongly recommend checking out what’s in your Watchtower area of 1P – and if you aren’t using 1P (or another password management system), now is the time!