Security is not just a feature. It’s our foundation.

Every design decision in 1Password begins with the safety and privacy of your data in mind. It takes a combination of policy, innovative thinking, and a deep respect for your right to privacy.

Control where you keep your most important information.

1Password gives you full control over where you store your data and how you keep it in sync.

Keep your data offline, or sync with Dropbox, iCloud, or your local wireless network. Or benefit from the end-to-end security of a 1Password account. It's your choice.Explore sync options.

Lock up your data, but don't get locked in.

We believe security shouldn't be proprietary. 1Password only uses standard, documented data formats and encryption methods, so you can import and export your most important information at any time.

Made of strong stuff.

A potent cocktail of AES-256 encryption and PBKDF2 key derivation ensures that no one but you can see into your data. Everything from your passwords to the addresses of your saved websites are fully encrypted whenever you aren't using 1Password.Learn more about 1Password security.

Encrypted from End to End.

Every time you use 1Password, your data is encrypted before a single byte ever leaves your devices. Your encryption keys are protected by your Master Password, so only you have the keys to unlock your secrets.

The following security features are unique to accounts on 1Password.com, including family and team accounts.

Encrypted Once. Twice. Thrice.

Our security recipe starts with AES-256 bit encryption and uses multiple techniques to protect your data at rest and in transit.

Master Password

Not just the password you use to unlock your vault, it also plays a key role in encryption. Only you know your Master Password and it is not stored anywhere.

Account Key

Also a star player in key derivation, this unique 128-bit identifier is generated locally. Only you have your Account Key and it never leaves your devices.

Secure Remote Password

A zero knowledge protocol that encrypts all traffic over the network. It also verifies the authenticity of the remote server before sending your information over TLS/SSL.

Account Key: Better than Two Factor.™

Security professionals recommend using multiple authentication factors: “something you know”, like your password, and “something you have”, like an authenticator app on your phone.

The Account Key takes this idea to the next level. It doesn’t just authenticate you with our servers; it also plays a direct role in encrypting your data. That’s important, because it strengthens your Master Password exponentially. And since it never gets sent over the network, your Account Key can’t be reset, intercepted, or evaded.Learn more about the Account Key.

WebCrypto: Setting New Standards.

1Password is the first and only password manager to use WebCrypto, the next generation standard from the W3C.

WebCrypto provides direct access to the system’s secure random number generator, making truly secure cryptography possible in the browser for the first time.

And did we say it’s fast? WebCrypto is over 10x faster than traditional crypto libraries, so you don’t have to wait to get first-class security.

Transparent, Open Design.

We document our entire encryption design so security experts from across the globe can review it. Here are just a few of the processes we document:

We cover all these (and more) in great depth in our white paper. It’s a great read and stuffed with geeky details, illustrations, and fun stories. We highly recommend it.

Read the White Paper