The recent update to 1Password 4.2 for iOS introduced several nice enhancements. One of the more interesting ones is adding the ability to share your passwords with others.
I’ll admit my first reaction at the idea of sharing passwords was negative. If you’re someone who has gone to the trouble of using a password manager like 1Password and go to great lengths to use randomly generated, strong, unique passwords for all your sites, why would you want to compromise that security by sharing your password? Passwords should not inherently be a social thing.
Then I thought about it some more. First, the folks at 1Password are really smart, so surely they figured out a more secure way to share this information (they did.) Second, there is certainly information within 1Password I want to share with family and co-workers for shared accounts. For example, we just created a new site for Mac Power Users (if you haven’t yet, go check it out.) We took the opportunity to change our hosting company which meant new FTP accounts, new logins, etc. I set all these accounts up but needed to share the information with David. Normally the way I would do that would be to copy and paste the information into an email or iMessage and send it off to him. The message would be encrypted and I’d probably separate the username and password into separate buckets for security, but it’s still not very secure. Then David has to take that information and create his own entries in 1Password. If I could securely send him the information I have stored in 1Password that he could then directly import into his 1Password database, it would certainly be better.
1Password explains the sharing process in detail on their blog. One thing to note, 1Password is very clear that although the information is sent in a method that isn’t human-readable, it can be read by someone who has access to a copy of 1Password. So the sender and receiver do need to find a secure channel for sharing items and preferably delete the messages once the transfer has taken place.