Get to know 1Password Teams: Security Audit & Watchtower
You’ve moved over to 1Password Teams, invited your team, set up custom groups and laid out a recovery plan. Simply by using 1Password, your company is now far more secure than when you started. But how can you know your team is safe from online security breaches? Your teammates could go through their passwords one by one and make them stronger, but there’s a better way: Security Audit.
Save time with Security Audit
Security Audit is a powerful and essential tool designed to help your teammates take charge of their online safety. It’s available to all 1Password Teams customers.
Security Audit lives in the sidebar in the 1Password desktop apps. It highlights any passwords which are too weak or which have been reused in multiple places. When you see a password in this list, it’s probably time to change it.
Because everyone in your team has his or her own unique set of passwords, Security Audit looks different for each person. By asking your teammates to review their own Security Audit every once in a while, you can ensure they stay as safe as possible online.
Keep a watchful eye on Watchtower
Watchtower tells you about security breaches on the websites you have saved in 1Password. It’s included on Mac and iOS with every 1Password subscription.
Every day, Watchtower downloads a list of new vulnerabilities to your devices. It then checks this list against your logins—if any match, they’re flagged by Watchtower.
When you see the red “Vulnerability Alert” banner on a password, it’s definitely time to change it! Train your teammates to recognize this banner and respond appropriately.
How we use Security Audit and Watchtower
As a security company, we lead by example. It’s important to us that all our staff use unique, random passwords for each one of their accounts. When new team members join, they often have bad password habits that need fixing, so for them, Security Audit is a big help. Security Audit shows them exactly which accounts need their attention. They can tackle the list a chunk at a time, or change a password when they next log in to that account.
And, of course, whenever we see the red Watchtower banner, it’s all hands on deck!
Keep ahead of future problems
The overall security of your team depends on the security of each individual. It’s each person’s responsibility to keep their passwords strong and up-to-date. Security Audit and Watchtower help make this easy.
To get even more benefit out of these features, ask your teammates to:
- Avoid reusing passwords. Always use the password generator when they sign up for for a new account.
- Turn on item counts. Choose View menu > Show Item Counts, and you’ll be able to see at a glance if Watchtower is reporting any vulnerabilities.
By the way, while Security Audit is most useful on an individual level, it also works in shared vaults. If your team has a shared vault with lots of flagged passwords, you don’t need to tackle them alone. Why not get help from others? When someone changes a password in a shared vault, it will automatically update for everyone else. By making it a joint effort, you’ll have stronger passwords in no time.
Next steps
Customize permissions for your team members, so they have as much or as little control as they need. With Pro, you can elect managers for vaults and groups, and allow others to recover accounts. To upgrade, sign in to 1Password.com and go to the Billing page.
If you’re not using 1Password Teams, it’s time to start. Sign up for a free 30-day trial, or talk our sales team at sales@agilebits.com.
The content in this article relates to 1Password for Mac. While Watchtower is available for Windows, some of the other Security Audit features mentioned here are still in development for Windows.
My team is really unhappy. Still no Linux application :(
Hello, Linus!
I’m sorry your team is unhappy on Linux! I hope to be able to fix that soon.
We don’t have anything to announce yet but please keep an eye on this blog as any announcements will appear here first 😃
Take care,
++dave;
Really insightful article Lisa. Thanks a lot for sharing it.
And thank you, Tutu, for taking the time to read it. I’m glad you enjoyed it. :)
I’d really like to see a tool in Watchtower that not only identifies passwords that need to be changed, but also changes them for me with those websites in just one click (versus me having to do it manually).
Thanks so much for the feedback Scott, I’ll be sure to pass your feedback on to our development team as a feature request.
My colleague Brenty shares some thoughts on why we don’t include this feature in 1Password right now. You can read them on our forum here https://discussions.agilebits.com/discussion/71415/feature-request-auto-change-passwords
Have a great day!
All I see under Security Audit is Watchtower. Where do I find the Weak Passwords and Duplicate Passwords lists? In version 4 I used to be able to sort the main list by password weakness, but since switching to teams I’ve completely lost visibility to password weakness.
Hi Larry,
Thanks for the comment. I am assuming that you are using 1Password from a Windows machine?
The content in this article relates to 1Password for Mac. While Watchtower is available for Windows, some of the other Security Audit features mentioned here are still in development for 1Password 6 for Windows.
I’ve added a footnote to the article to reflect this.
Thanks again
Will