Is 1password.com legit?

85
/ 100
Trusted
Industry: SaaS

1Password.com appears to be a highly trustworthy website, backed by a long-standing domain and robust security measures. While there are a few minor areas for improvement, particularly regarding external scripts and DNSSEC, these don't detract significantly from its overall reliability as a password management service.

SaaS average: 81/100 · based on 62 sites

Checked: April 18, 2026 at 7:53 AM UTC · Refresh

Is 1password.com a scam? Here's what we found.

Security 80/100

The site employs strong security protocols like TLS 1.3 and HSTS, and Google Web Risk found no threats. The high number of external scripts is a slight concern that could increase vulnerability if not managed carefully.

Identity 95/100

With a domain age of over 22 years, 1Password.com demonstrates strong historical credibility and stability in its online presence, suggesting a well-established company.

Reputation 90/100

The extremely high Tranco Rank signifies a well-known and heavily trafficked website, reinforcing its established reputation. The absence of a Trustpilot profile is not unusual for a B2B or specialized SaaS company, and certainly doesn't detract from its positive standing.

Transparency 95/100

The site clearly presents contact information, legal pages, and maintains an active presence across multiple social media platforms, indicating a commitment to open communication and accessibility for its users.

Compliance 95/100

The presence of both a privacy policy and terms of service pages shows a responsible approach to user data handling and legal obligations, which is crucial for a service managing sensitive information like passwords.

Infrastructure 85/100

The site benefits from a robust infrastructure with Cloudflare and diverse DNS providers, fast page loads, and comprehensive email authentication. However, the lack of DNSSEC is a minor oversight that could be addressed for an even more resilient setup.

Signals Detected

[+]
Tranco Rank: Rank #2697

This is a well-known, high-traffic website

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
SSL Certificate: Valid

Valid certificate, expires in 43 days

[?]
Certificate Issuer: Let's Encrypt

Certificate issued by Let's Encrypt

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
Branding: Complete

Site has custom branding and social media metadata

[?]
Certificate Transparency: Unable to check

crt.sh returned status 429

[+]
Domain Age: 22 years, 8 months

Domain created 2003-11-30T04:56:20Z (22 years, 8 months ago)

[?]
Registrar: Tucows Domains Inc.

Registered through Tucows Domains Inc.

[+]
Domain Expiry: 2027-03-28T20:55:37Z

Expires in 344 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
Sitemap: 10 pages

Site maintains a proper sitemap with 10 indexed pages

[~]
External Scripts: 33 scripts

Excessive number of external scripts — may indicate malicious injection

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[?]
Server: cloudflare

Web server: cloudflare

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
DNS Resolution: 4 IP(s)

Resolves to: 2a06:98c1:58::18b, 2606:4700:7::18b, 162.159.141.147, 172.66.1.143

[+]
Email (MX Records): 5 record(s)

Mail servers: aspmx.l.google.com., alt2.aspmx.l.google.com., alt1.aspmx.l.google.com., aspmx3.googlemail.com., aspmx2.googlemail.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 4 server(s)

DNS providers: ns-1527.awsdns-62.org., ns-1850.awsdns-39.co.uk., ns-671.awsdns-19.net., ns-109.awsdns-13.com.

[+]
robots.txt: Present

robots.txt has 4 directives and references a sitemap

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[+]
Social Media Presence: 4 platforms

Website links to multiple social media platforms

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
Page Load Time: 82ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for 1password.com
<a href="https://verified.fyi/review/1password.com"><img src="https://verified.fyi/badge/1password.com?size=medium&style=full&theme=dark" alt="1password.com trust score — verified.fyi" /></a>
[![1password.com trust score](https://verified.fyi/badge/1password.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/1password.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a service like 1Password, which handles your most sensitive digital keys, trust isn't just a nicety—it's a necessity. We analyze various signals to help you understand if this platform meets the high standards required for a password manager. First, consider its longevity: 1Password.com has been online for over 22 years. In the fast-evolving tech world, this is an eternity and speaks volumes about the company's stability and sustained commitment to its service. For a password manager, a long history often means battle-tested security features and a mature operational model. A brand this established is typically far more reliable than fleeting newcomers. Next, the traffic. 1Password.com isn't just old; it's popular, ranking among the top websites. This high volume of users means it's under constant scrutiny, and issues would quickly surface. For a service protecting crucial personal data, this kind of widespread adoption by millions suggests a high degree of user confidence and operational robustness. You should always be cautious if a service meant to protect your digital life has little to no online footprint or user base. Finally, while the site shows strong security fundamentals like HTTPS enforcement and clean Google Web Risk checks, a common challenge for many modern web applications, including 1Password, is managing external scripts. While these scripts often power crucial features and analytics, a large number can introduce potential vulnerabilities if not diligently managed. For any software-as-a-service provider, especially one in security, maintaining tight control over third-party dependencies is paramount. This isn't a red flag but a point of ongoing vigilance from the provider.