Jump to content
  • 0

EN Encryption vs 1Password


JoshJ1

Idea

3 replies to this idea

Recommended Posts

Posted

There's no comparison. 1Password is far superior to Evernote in terms of encryption. ONLY YOU know your passcode for decrypting your 1Password data, this is called "zero-knowledge encryption", which means that nobody, not even AgileBits who makes 1Password can unlock your 1Password data. Even if someone hacks your computer (or iCloud, or Dropbox, or your phone or wherever you store your 1Password data), there's no database of decryption keys to steal, so the hacker would have to brute force some of the best encryption around. This would be a VERY difficult task. 

 

Evernote does not use zero-knowledge encryption, while what you put in evernote is secure, it is less secure than 1Password which is about as secure as you can get. 

 

The Keychain on your Mac is MORE secure than Evernote. I would say it isn't quite as secure as 1Password, it is darn close. Here is more info on how your Mac Keychain is secured:

http://support.apple.com/kb/HT5813?viewlocale=en_US&locale=en_US

 

In general your Mac's Keychain and 1Password are designed purely for the purposes of storing passwords, and doing so safely. Either option is great for securing your passwords. I would never put passwords in Evernote because 1) They aren't as secure; 2) it doesn't automatically generate passwords for me; 3) Backing it up isn't as easy as 1Password; 4) updating changed passwords is a pain; 5) Does not auto-fill browser forms... I'm sure there are more. 

 

I personally use 1Password, but I also let iCloud Keychain store my passwords because I don't always want to use 1Passwords built in browser on iOS. Since I don't know any of my passwords (1Password has generated them for me), I can't type them in manually. Using both is a good middle ground and generally doesn't cause much confusion (though is marginally less secure...) 

 

When iOS 8 comes out with extension support (1Password has created an extension), I may reduce my reliance on iCloud keychain and may delete my auto-submit data from it, or maybe not.....

 

You could get by fairly well with iCloud keychain. I'd be reasonably happy with that alone, if I wasn't already a 1Password user. 

  • Level 5*
Posted

There's no comparison. 1Password is far superior to Evernote in terms of encryption. ONLY YOU know your passcode for decrypting your 1Password data, this is called "zero-knowledge encryption", which means that nobody, not even AgileBits who makes 1Password can unlock your 1Password data. Even if someone hacks your computer (or iCloud, or Dropbox, or your phone or wherever you store your 1Password data), there's no database of decryption keys to steal, so the hacker would have to brute force some of the best encryption around. This would be a VERY difficult task. 

 

Evernote does not use zero-knowledge encryption, while what you put in evernote is secure, it is less secure than 1Password which is about as secure as you can get. 

 

The Keychain on your Mac is MORE secure than Evernote. I would say it isn't quite as secure as 1Password, it is darn close. Here is more info on how your Mac Keychain is secured:

http://support.apple.com/kb/HT5813?viewlocale=en_US&locale=en_US

 

In general your Mac's Keychain and 1Password are designed purely for the purposes of storing passwords, and doing so safely. Either option is great for securing your passwords. I would never put passwords in Evernote because 1) They aren't as secure; 2) it doesn't automatically generate passwords for me; 3) Backing it up isn't as easy as 1Password; 4) updating changed passwords is a pain; 5) Does not auto-fill browser forms... I'm sure there are more. 

 

I personally use 1Password, but I also let iCloud Keychain store my passwords because I don't always want to use 1Passwords built in browser on iOS. Since I don't know any of my passwords (1Password has generated them for me), I can't type them in manually. Using both is a good middle ground and generally doesn't cause much confusion (though is marginally less secure...) 

 

When iOS 8 comes out with extension support (1Password has created an extension), I may reduce my reliance on iCloud keychain and may delete my auto-submit data from it, or maybe not.....

 

You could get by fairly well with iCloud keychain. I'd be reasonably happy with that alone, if I wasn't already a 1Password user.

While I agree with your conclusion that password services should be used for passwords, and I do not store passwords in Evernote, in fact, as far as I know, Evernote does use zero-knowledge encryption for text you choose to encrypt using the service. If you lose your password (for the encryption, not for the account), Evernote cannot retrieve it.

Posted

While I agree with your conclusion that password services should be used for passwords, and I do not store passwords in Evernote, in fact, as far as I know, Evernote does use zero-knowledge encryption for text you choose to encrypt using the service. If you lose your password (for the encryption, not for the account), Evernote cannot retrieve it.

True on both counts.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...