I love 1Password. A lot. So this is a bittersweet post.
I love 1Password so much, in fact, that after several months -- maybe a year -- of using it for my personal password management, I recommended it as a way for my team to share passwords. We have ~30 applications we maintain, and each has sql passwords, api keys, etc, for each environment (dev, stage, prod)... plus a gamut of other passwords that need to be shared, so something was necessary. The series of text files we inherited wasn't scaling well.
It worked out great... For a while.
I keep my personal 1Password keychain file in my dropbox, for various reasons:
- Access to it from anywhere, including my phone (making it easy to copy+paste those complex generated passwords on the go) and computers without a 1Password client installed
- Sharing it across various machines I work from, with automatic sync. If I sign up for a new site while at work, the password is waiting for me when I get home.
- Free & encrypted cloud-based backup
When we started sharing a 1Password keychain for our team, it only made sense to also put that file in dropbox too. We have a folder that we share with everyone on the team, and we just put it in there.
For a while, this worked quite well. The only problem was that switching between keychain files could be annoying. Luckily, I figured out a workaround that made this pretty painless: Just drag shortcuts to both keychain files onto the OSX Dock (YMMV on other operating systems), and click them to tell 1Password which one you want to use. The browser extensions will always associate with the last file you had open in the application.
That was then. The good ole days. These days, if you use this approach, you may find your credit card numbers (and other private information) in the wrong keychain! Unless you want your coworkers ordering prank books for you, this is probably bad.
So, after much agony and strife, I reluctantly decided to switch my personal password repository to LastPass. I figured switching myself would be less hassle for the rest of the team, who are likely not using 1Password for their personal data.
I was thrilled to find that you can export your 1Password data and import it into LastPass. In fact, that made my day! I was not excited at the prospect of having to manually copy over the details of several hundred accounts. So thank you, LastPass team, for that feature.
So that's the story of how I got here. But what do I think of LastPass so far?
- The chrome extension lacks polish. In just about every way imaginable, it's usability and user experience is inferior to 1Password. But it works.
- I really dig how it auto-fills password forms for you without even a button press or keyboard shortcut (in most situations).
- The software serials that I had in 1Password don't seem to have imported well. There are entries for them, but all of the useful information (license number, amount paid, date purchased, etc) are lost. They end up in the "form fill profiles" section.
It's only been a day. We'll see how I feel about it in a week/month/year. Maybe I'll follow up further down the road.