[NewsPoster]

Admit it: if you've already got 1Password, then you use it for creating superbly strong passwords for any site you use -- but the password you use to unlock the app itself is rubbish. That's partly because you've used this password since the dawn of time, and it's ingrained in you, but it's also because changing it across your Mac, iPhone and iPad is a pain. Not anymore. The new update is to the iOS version, but now if you change you password on your Mac, it will automatically change on your iOS devices.

All of the very many updates in this new release are to do with convenience, and greater security. A key addition is to do with easing two-factor authentication: 1Password will now create a one-time password for such sites. You may never need it, but when you do, it's a boon.

One big change that ought to help everyone is in how quickly you can add in a login to a well-known site. Tap the + to add a new login, and 1Password now offers you hundreds of prepared websites, from the AA to Zagg. Choose one, and it prompts you through adding a username and then letting 1Password create your strong password for the site. It automatically adds the URL of the site, so once you've entered these details, tap on the site name and away you go.

Despite what it looks like, though, you are not creating a login to that site. What you're really doing is giving 1Password the details to create that account. You have to then go to the site, choose Create Account, and have 1Password pop those details in to register you. After you've done that once, 1Password will then always take you to the site and log you in automatically.

This is one of our very favourite apps, and if it's not on our Mac, we add it. That said, this new way of adding popular logins doesn't seem to have been tested much in our experience. When we'd try going through to a new site, 1Password would sometimes pop our username or password into the wrong fields.

One site also rejected our strong password because it didn't comply with rules about how many characters, how many capitals and digits and so on. There is no way for us to know, as users, what the site is going to accept -- so we'd like to see 1Password including that information, alongside the various sites' addresses and logos.

Little details like this feel a bigger deal because in its core features, 1Password is superb. The makers, Agilebits, are very good developers -- yet this apparent missing of details has previously given us headaches (like trying to upgrade from 1Password 3 to 4, for instance). We'd also like them to be clearer about problems: a bug in one minor update to version 4 switched off Dropbox backup, and we only discovered this when we upgraded to version 5, and lost data.

The company has now admitted that bug, but tells us there has been no way to warn people. We think one line in any of the release notes for later updates, or one line in any of the 1Password emails, would've been a start. This of course makes us wary, but 1Password is so very good, so very useful, and so downright clever that we keep coming back to it, and most of its latest features are good.

1Password requires iOS 8 or later, and is free in the App Store -- but we strongly recommend buying the Pro Features as an in-app purchase for $10. You need that for most of the new features.

Who is 1Password for:
Everybody who has a computer, so long as they backup their 1Password database regularly. While there are other alternatives, including the built-in Keychain Access, 1Password is still the king of functionality.

Who is 1Password not for:
Seriously there must be someone, somewhere, but we can't think of anyone. Even PC users can, and should, get this -- and start using stronger passwords.

-William Gallagher (@WGallagher)

[daqman]

The strange thing about the "new feature" of having a common password across all devices is that I had thought that is how it already worked! If the 1Password file on my Mac is encrypted with a password and the data is passed via iCloud to an iOS device surely I need the same password on the iOS side to decrypt?

[Inkling]

I agree with your remarks about 1Password being "good but..." I've had similar problems with Dropbox synching turning off without any notification. And one version had a most irritating bug. If users didn't manually save the password for a new website, 1Password would go to sleep without saving that password and without offering a way to log back in and save it. That meant that new password was lost. Like you, I'm not sure the developers are aggressive enough at looking for gotchas like that. Their testing doesn't look at enough different angles.

[Stuke]

mSecure is an affordable, excellent alternative.

[Steve Wilkinson]

I guess my impression of the company was also 'a bit sloppy and lacking in features' instead of 'good' or 'the best out there.' It's an OK product with decent support so long as you aren't expecting them to care about adding important features (like auto-type, so you can easily use it outside the browser), and don't mind a bit of sloppy implementation and somewhat poor testing, etc.

While it isn't perfect either, I much prefer PasswordWallet by Selznick. Aside from some issues I've had with advanced multi-user sync attempts, it's been rock solid since the my Palm days and runs on almost every platform. It also takes up WAY less screen space and has the above mentioned auto-type feature (which is important if you use non-brower-based stuff like terminal windows, remote desktop, etc.).

Either way, in today's world, you ABSOLUTELY need one of these kind of password managers, with a strong, unique password for every site/account. Just be very sure that whatever app you use, your backup and archive (yes, there is a difference) of it's data file is well thought out and operational. In fact, no matter how you do so, I'd manually grab and test a copy of it at least once per month. The last thing you want is for something to go wrong and you lose all your login/account information with strong, unique passwords.