Keeping your information secure is an important factor in our daily lives. For a long while, I’ve kept a lot of my important private information hidden inside of Evernote. And never have I been confident in it, I knew it was not a safe solution, but I took the risk.
As the time goes by, and more and more of my financial and identity information reside in the cloud, I’ve decided to pull a plug, and make it at least a little bit secure, yet still retain the benefits of the cloud.
Recently I was lucky enough to get a review copy of 1Password and wanted to honestly compare it with LastPass. While my honest opinion of the battle between the two is a close match on the functionality side, 1Password is in the lead when it comes to design and user experience. But something more important happened. 1Password made an impact on my Evernote usage.
Even though LastPass has similar functionality as 1Password wallet, it simply doesn’t have the details and time invested into it the same way as the former does. And then there is another reason. As with any large database, your LastPass is compromised to a certain degree. It is found in a centralized location, with a layer of a hashed password as a protection. Though I am not a security expert, I can safely assume that your username database is located with everyone else residing in the cloud. It’s centralized database.
So if I was a hacker, all I would need to do is to obtain the database, and I would have all the usernames, and I could attempt brute force attacks from there. The same would go for Evernote, which happened a couple of months ago.
Let’s take it from another angle now. You have 1Password, and your database is within Dropbox. I am a hacker attacking a large Dropbox database. Once I breach the database, I brute force your account, but once I am in, instead of having the access to your sensitive information, I actually have another layer of protection. If I want to access your sensitive information I have to breach the master password of your encrypted database of 1Password.
In my mind, this is giving me a peace of mind, that it will be really hard for anyone to hijack my sensitive information. And that is why I started storing my credit cards, passports, id copies and other sensitive information in Wallet instead of LastPass and Evernote.
So how does it look like now?
Well, now I have another layer of fragmentation of my data, but I believe it was necessary. Perhaps some of my information is scattered across the services, but I have a necessary peace of mind in the world where digital information is equally important as physical one. I don’t have to worry nor wait when will Evernote introduce 2-factor authentication. I can safely sleep knowing that my data is mathematically impenetrable for the duration of my life.
Also seems like I am moving away from LastPass for the majority of my passwords, and making 1Password slowly but surely my only password manager on my main browser. LastPass will certainly have its place and purpose. Kinda feel bad that I stated that LastPass is a more secure password manager because it seems they are on the pair. And in the end, I always yearn for a more qualified user experience.