Hey 1Password

    After quite some delay I started to use hey.com, as my email. It immediately looked like an approach I would like:

    • the imbox for important emails,
    • the feed for info you want to see at your own pace,
    • the paper trail for the receipts

    just sounds natural to me, and indeed I do like it.

    What I don’t like is that I cannot use my kitabi.eu address. I understand why:

    • It is simpler to handle
    • It helps with marketing

    The second point is quite clever: instead of having an intrusive “sent with hey.com” signature (also ugly when trying to sell being a privacy-conscious entity), it just allows @hey.com addresses, making recipients aware of hey.com (as much as the email client shows it). This spreads awareness of hey.com in an understated but effective way.

    Still, I will surely switch to using my own @kitabi.eu address as soon as it becomes available, having your own domain is the best way to maintain control of your email address, and being able to change who administers it (or administer it yourself), without a very disruptive change of address.

    Anyway Hey asked me to set up 2-factor authentication (2fa), and that was the trigger for me to move to 1Password. Apple does a good job with keychains, and keeping your passwords secure, while sharing them between your machines if you only use Apple devices. When using Linux this quickly becomes an issue, also sharing passwords securely with others can be very useful. I was using LastPass, which works and has a usable free tier, but I knew that from a security and reliability point of view 1Password would be better.

    Other 2fa solutions exist (I did use Microsoft Authenticator), but I decided to use this as an impetus to switch to 1Password. It went relatively smoothly, the only annoyance was importing apple keychain passwords.

    Not being able to easily export all passwords can be a security feature, but is definitely also a lock-in “feature” that keeps you in the Apple ecosystem. As I had only a few entries, so I just Ctrl/Right-Clicked on every entry to copy it in a .csv file, that I then imported in 1Password. Exporting from LastPass on the other hand was easy, a point in its favor.

    2fa with 1Password stores the key in the vault along with everything else. This is convenient but means that whoever has access to the vault has access to everything, so it is less independent (but is still effective against someone guessing your password). Indeed this is the drawback of password managers in general: the password manager itself becomes a high-value target and losing it is more damaging. This is a well-known trade-off: the best security is the one you use, excellent security that you don’t use doesn’t really help. And here 1Passwort shines: they really care for security, and also give options to change a bit the tradeoff between convenience and security: one can have local vaults that are not synchronized across devices.

    Anyway, I went with the family option and so far I am satisfied, I prefer to pay for such a service, incentivize healthy relationship with the customers, time will tell if things will stay so.