I'm a new user from LastPass trying out 1Password before I and 7 other friends move away from LastPass Families. We have been with LastPass in one form or the other since its launch, currently for the last 5 years in a families plan.
Our initial pick after loads of research was either to go with 1Password or BitWarden and those are the two we are testing and trialling before the entire gang migrates.
We are a majority Android/Windows Userbase, and we have had Apple vs Android battles all along in our life. But when it comes to features, a successful feature that will surely help the userbase regardless of corporate benefits to those companies, I say there's no shame in copying those features. And that's something that I love about Google and Apple. How both the companies kinda copy features and give them a personal touch and roll it out to their user base. Google is at the forefront of innovative features (sometimes not investing in it and then completely ditching it), while Apple taking their own time even if it's years to implement the same feature on their eco-system but do it really good than Google ever did. This is what we as users like.
Coming to Password Managers, other than the core security model that differs from company to company, the purpose is the same and feature should also be the same or if a company has come up with an innovative feature, it should be implemented by all so that it benefits their user base.
So I decided to submit feature requests here in the community that will benefit this userbase even if we end up using 1Password or not. Your user base will appreciate it. Here are a few out of many to come.
1) Geo Block Login (added security on top of Secret Key/MasterPassword/2FA): Ability to auto-reject new login requests (or pending approval) from new or old approved devices but from countries that are not approved. Users can manage a list of approved countries from where they can log in to their accounts usually their home countries. They can add/remove countries as they go for travel. This feature is available with LastPass but I couldn't find it in 1Password or BitWarden. This will work really well with your Travel Mode (that is not available in LastPass or BitWarden), where vaults can be made visible while in your home country, even if users are forced to log into 1Password.com rather than their devices.
2) Shared Vaults/Sharing: The whole sharing of an entry works via Vaults. As much as I can understand the reason behind this in 1Passwords; in the current day and age, sharing a password or any type of entry to authenticated users has become a fundamental right. With pretty much every single PM tool offering the same. Newcomer BitWarden has gone to an extent to create something called the "Send" feature that shares text/content to non BitWarden Users securely.
It will be great if 1Password can implement few designs that can achieve:
i) Ability to Share a Password or an Entry without the use of Vaults with other 1Password users by creating something called "Sharing Centre" inside where the shared vaults sit, anything outside "Sharing Centre" is of course Private Vault(s). (I know it's a pretty big ask, considering people have been asking this for more than half a decade to almost a decade, and nothing has been done from the 1Password front).
ii) Ability to hide the password from those it's been shared via Vaults or without Vaults by maintaining ownership of individual records (like current ownership of the vaults) and providing read-only, edit access on individual records. So ultimately if the owner of the shared password/record specifies something like "Read-Only or Hide Password", the other users of the Vault (regardless of being members or managers) or the non-vault users (if shared outside Vault; in future maybe), can't do a reveal on the password record and can't edit it. They can only use this record now to auto-fill on sites or services without ever knowing the password.
Use Case: they can't know the history of the password, to recover it in future. They just don't need to know (maybe I have my gf's name).
3) Categories: 1Password already offers a wide array of categories to store data against, one of the few in the market to offer that many; along with the ability to add custom fields.
Can I request the addition of those categories to include:
Insurance Policy, Medical Insurance Card, SSH Key and IM?
I get that few users use Secure notes and custom fields to record these types of data, it will be great to see 1Passport providing separate categories with cool icons in the future. Let users create their own custom category, whichever works best.
Among the 3 PMs we are using, LastPass has the highest number of categories but the way they display/look is bad. 1Password is slight misses few categories but makes it really cool how it looks and displays within the vault.
When I first installed the 1Password 7 or Idk on my Windows device a couple of days ago, I had an instant sigh, until I found the 1Password 8 Beta. Now that's something PC users will love and use. But in those 2 days intervals, I used the sort by Category a lot of times since I just imported a massive data file from LastPass.
But that sort by Category was gone in 1Password 8 BETA. It will display entries by their category. But there's no sort by Category, where you display your data with "All Category" but still, sort by category. Not sure if it's coming in the stable release of 1Password 8, if not It will be really great if you guys include it.
4) Tags? I believe for user's custom/personal organisation of their vault items there's only Category (which is already very good) and then tags to just tag them and lookup via tags.
But what if I want to use something like "Folders" and "Nested Folders", is tags replacing folders in 1Password?
For now, I have used tags like they were folder and using nested tags ("Tag1/Tag2/Tag3" like a folder structure).
The good thing is when opening the vault in my android app, shows the tags as if they are folders and lets me navigate in and out. But the native Windows app is not so much, it's just ugly under the tag section.
If I want to group items under Categories together based on need/purpose, there's isn't an option. Except for tags
If I want to group items across Categories together based on need/purpose, there's isn't an option. Except for tags
Both LastPass and BitWarden allow users to organise their vault data via folders and sub-folders or nested folders, on top of classifying the category of the item.
Something similar would benefit the 1Password userbase.
5) Emergency Access I really appreciate what 1Password did in terms of account recovery by family admins. I guess that's a step toward bringing Emergency Access fully functional. The emergency kit with the secret key (a place to write MasterPassword) looks all fancy but in the 21st Century, even the Will are digital and often stored inside Valuts like this. And a piece of paper with info is nothing more than writing it on a sticky note and posting it on my monitor. What if the Emergency Kit falls with someone who is good but turned bad person LOL; someone, that I don't want to share my info with anymore but they have the sheet already, someone who I shared it with but they had a peak at it before my death. There are so many ways how the paper can go wrong and I won't even know for most of it, coz I will be probably dead.
While LastPass and BitWarden both offer emergency access, while BitWarden makes emergency access set-up and working safer than LastPass. I believe 1Password can make this possible in near future.
While I realise the pain point is Secret Key, which even 1Password doesn't have. And LastPass and BitWarden don't have this but only MasterPassword and 2FA, when emergency access is provided it will override the 2FA.
I believe 1Password can make use of the secret key as an added protection in "Emergency Access". While I can assign and approve users to my emergency rescue. If any of my contacts request emergency access to my account, I can cancel their request in the waiting period. But when I am truly gone, and the waiting period expired, they can only reset my master password and bypass 2FA but will still need the secret key to gain access.
So leaving me to physically or digitally (since it's already in the vault) share the secret key/emergency kit without having to write my Master Password on it to that one person who I want to leave everything. So as anyone in my emergency access list can request for resetting my master password, only the one with my secret key can log in with the newly set master password.
Not sure of the complexity of implementing this, but will be really handy.
These are few things that stood out in the two days I started migrating and using 1Password. Overall it's an amazing tool, so happy with the designs and UI. Hopefully, I can make this work and get everyone migrated here.
Sorry for the long post. Here's a POTATO
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided