Secure your desktop with 1Password wallpaper

I might be a little biased here, but I think 1Password’s lock screen looks pretty sharp. If you agree, this post is for you!

We’ve had requests for 1Password wallpaper, and there have been a few made over the years. We thought it was about time to start collecting and sharing them all in one gallery, much like the one you see below.

If you have any ideas for more 1Password wallpapers (a classic version 3 lock screen or another nerdy mash-up perhaps?), let us know on Twitter, Facebook, or our forums!

1Password 4 for Windows Tip: How to upgrade from the previous version

1P4 Windows hero banner 600pxLet’s face it: the new 1Password 4 for Windows is awesome. Everybody’s upgrading, and I want to make that process as seamless as possible. You can see more details on our upgrade policy and process in this support document, but here’s the cliff notes version.

If you purchased in 2013 or 2014, version 4 is free!

Nope, not a typo. Our free upgrade window for 1Password 4 for Windows is a whopping one-and-a-half years wide. All you need to do is:

  1. Download and install 1Password 4 for Windows
  2. open 1Password and go to Help > Enter License Key
  3. Enter your existing license key
  4. Enjoy 1Password 4 for Windows!

If you purchased before 2013, take advantage of our upgrade pricing!

There’s an extra step, but it’s still super simple. Before you install 1Password 4:

  1. Open 1Password, find your 1Password license item, and copy it, OR
    1. Go to Help > Enter License Key and click the Replace License button
    2. Select and copy your entire license from that window
  2. Visit AgileBits.com/Store/Upgrade
  3. Paste your license code, click ‘Search’, and check out your upgrade options
  4. Download and install 1Password 4 using your spiffy new license
  5. Enjoy 1Password 4 for Windows!

This should get you on your way, but you can follow a more detailed process in our support document if you like. As always, thanks for using 1Password!

1Password 4 for Android and Windows are a hit!

Windows Android hero

June has been quite the month for us! We released 1Password 4 for Android and Windows, and we’re thrilled that you like us. You really, really like us!

For the v4 Android debut, Android CentralBoy Genius Report, Lifehacker, and PCMag were excited, with SlashGear saying it “does justice to its namesake.” The Next Web went in-depth with the new version, The Verge says “this is the password manager you should be using,” and then there’s GreenbotGotta Be Mobile, International Business Times, and plenty more.

On the Windows side, InfoWorld called v4 a “strong password manager” and lists it among the best. SlashGear and Engadget are excited, and TechCentral says it’s an “impressive password management tool”. Then there’s PC & Tech Authority, SoftonicTechgear, iPhoneclub… and that’s probably enough links for one day.

We are absolutely delighted to get these major releases out there, and the feedback to support and in our forums has been fantastic! We put “Agile” in our name for a reason, so there’s plenty more where this came from. To see what we have coming next, follow us on Twitter, Facebook, and our newsletter!

1Password 4 for Windows is here

1P4 Windows hero banner 600px

After months of beta testing, a small lake’s worth of coffee, and a possibly illegal number of pizzas, 1Password 4 for Windows is here.

The goods

This is a huge release for us, as it brings many of our latest features to Windows and a cleaner, more intuitive interface. Windows users can enjoy Favorites, Multiple Vaults, Wi-Fi Sync, and Security Audit, as well as our new, free 1Password Watchtower service that warns you when a Login’s site has been compromised and helps you decide when it’s safe to update your passwords.

All together, this release includes 374 new features, improvements, and fixes spread over 85 betas. You can comb through the full beta release notes, learn more in our documentation, or check out our feature overview down below the gallery.

1P4 Win new extensionAll-new browser extension

Perhaps best of all, our legendary browser extension is now on Windows. You can drill down to view vault items, search your vault, access your Favorites, change extension settings, and, of course, it’s still just a single click to open a new site, fill your credentials, and login.

The extension looks and behaves the same in Firefox, Chrome, Safari, and Opera, and it’s even a great experience in Internet Explorer! It now resembles its Mac brother while still being all Windows.

The prices

You can get 1Password 4 for Windows now in the AgileBits Store. It requires Windows 7 or 8, and here’s how pricing breaks down:

  • If you bought 1Password for Windows anytime in 2014 or even 2013, v4 is free! Your current license will just work
  • Upgrade price for all other customers is $24.99
  • Single user regular price is $49.99
  • Family 5-pack is $69.99
  • Multi-seat business licenses are also available

What’s new in 1Password 4 for Windows

Our latest features

  • Watchtower – if a Login’s website has had a security breach, our new, free Watchtower service alerts you to whether it’s safe to change your password
  • Favorites – give your VIP items the VIP treatment so they’re just a click away
  • Security Audit – new categories that point out Weak Passwords & Duplicate Passwords to help you stay on top of your security
  • Tags – a flexible way to organize and find items with one or more keywords
  • Sharing – Send an obfuscated copy of a Login or any other item to someone you trust via email
  • New toolbar – a simplified, powerful, and beautiful new toolbar puts all the important features at your fingertips, including search!
  • Demo Vault – show off 1Password without showing off your personal information
  • Multiple URLs per Login item – sometimes one just isn’t enough
  • Custom fields – store all the information you need in each item

Sync

  • Wi-Fi Sync for mobile – you can now sync with an iPhone or iPad on your network, no cloud required
  • Vault awareness – during setup, 1Password detects all vaults in your Dropbox

All-new browser extension

  • One extension, many browsers – our extension now looks and behaves the same way in all browsers 1Password supports
  • Analog to Mac – our extension features, design, and overall awesomeness are now nearly identical across Mac and PC
  • Multiple Vaults – switch vaults right from the extension
  • Detect password change – when you change an existing Login’s password, the extension will verify that you want to update the existing Login
  • Auto-Type in all web browsers
  • Unlock on Secure Desktop
  • Tray icon is now more informative about 1Password’s status

No, you do not need to change passwords in response to the OpenSSL CCS bugs

For the third time this year, there is yet another flaw in an underlying security technology used across the net: the recently fixed OpenSSL bugs announced on June 5. For our customers, we are happy to report that 1Password is not affected by bugs in SSL implementations, nor do these bugs require that most people change passwords.

1Password is not affected and your data remains secure, and you do not need to make password changes. The bug that everyone is talking about, lovingly referred to as “ChangeCipherSpec (CCS)” (also known as “CVE-2014-0224″ or “SSL/TLS MITM vulnerability”), is not in the same category as the recent, catastrophic Heartbleed. It does not require a response from most people in the way that Heartbleed did.

Why no password changes?

As bad as the CCS bug is, here is what makes it different from Heartbleed from a user’s perspective.

1. The attacker must be in a “privileged network position”

Not anyone can launch a CCS-based attack. The attacker must be the operator of some of the network between you and the site you are using. In this respect, the attack is similar to the GotoFail bug in February on Apple’s Secure Transport. In contrast, Heartbleed could be easily launched by anyone anywhere on the net.

2. Both the client and the server must be vulnerable for the attack to work

This means that if you are not using a vulnerable SSL client (web browser, email program, etc), then you remain safe from this attack even if the server is vulnerable. Few desktop browsers use the OpenSSL libraries to manage their SSL connections. Chrome on Android and Konqueror on KDE (linux) are the two most popular ones I can think of that do. Chrome on desktops does not use OpenSSL. In contract, Heartbleed only required the server to be vulnerable.

3. Many systems were fixed before the news of the bugs were made fully public

It is very tricky to fix a bug in open source software without making knowledge of the bug public at the same time. The OpenSSL team and the discoverers of Heartbleed attempted, but failed, to get most systems fixed before going public. With these bugs, they did a better job, so the window of vulnerability was much shorter.

Each of the first two reasons, on their own, are sufficient for me to conclude that the large majority of people do not need to worry about changing passwords. The combination of them and the other two make me extremely comfortable in this advice.

If you are concerned about governments or network operators having exploited this bug, and if you used clients that relied on OpenSSL for their SSL operations (such as Chrome on Android or Konqueror and other KDE tools on Linux), you may wish to change those passwords. But most people don’t need to take any action. It remains important that you do change passwords for systems that had been vulnerable to the Heartbleed bug reported in April. With Heartbleed, there really is a wolf we are crying about.

These new OpenSSL bugs do mean that system administrators need to update their systems quickly, but it does not require them to rekey their server certificates. These bugs are substantial, but the response is the usual “upgrade affected systems promptly”.

Everything that follows goes into technical details explaining what the recent bugs are and what they may mean in general. They have no specific impact on 1Password, but I know that some of you are curious, and I do indeed suffer from a pathological compulsion to explain things.

Continue reading

1Password 4 for Android is here

1P4 Android bot 230Ladies and gentlemen, 1Password 4 has gone green.

Well, ok, we haven’t added solar panels (yet), I meant the other green: 1Password 4 for Android is now rolling out for phones and tablets. It is a brand new app and should be available in Google Play soon as soon as Google’s servers update!

This is a fully operational, add-and-edit-all-your-items-able, one-tap Login-able new version of 1Password that has been rebuilt from the first line of code to the last icon.

It’s also free!

An experiment

We don’t call ourselves AgileBits for nothing, so we’re trying something new with this release. 1Password 4 for Android is a free app, and through August 1, 2014, all features are unlocked and free for everyone to try. After that, it will switch to being a reader client for your vault, a perfect companion for syncing your data with 1Password for Mac and PC.

If you want all editing features of 1Password 4 for Android after August 1, you can unlock them with a one-time in-app purchase. We’re still figuring out what that price is going to be, but we’ll have details soon!

Available now-ish and full release notes

We just hit the big red button in Google Play, so 1Password 4 for Android is rolling out as a free upgrade to our previous Android edition. If you don’t see it yet, you should soon, and thanks for your patience.

For those who like to dig through the full release notes, they’re just below the gallery.

Overall package

  • Phone and Tablet UI – a true, modern app for both devices
  • Rich and redesigned icons
  • Free app
  • All features free to try until August 1
  • Turns into a reader on August 1, unlock all features with a one-time in-app purchase (price TBD)

Editing

  • Manage your vault – add, edit, and delete items
  • Support for viewing attachments added from Mac or PC
  • Strong Password Generator
  • Viewing custom fields
  • Viewing web form details

Organization

  • Mark items as Favorites for quick access
  • Updated and expanded item categories
  • Folders and sub-folders

Browsing

  • Built-in browser so you can log in with a tap
  • Easily copy Login and other details to use in other apps

Syncing

  • Dropbox sync
  • Folder sync
  • Automatic sync
  • Background sync
  • Sync notifications (notification drawer and on-screen)
  • Merge local data with an existing vault

Security

  • Lock all of your important items behind a secure Master Password
  • Tamper-proof Authenticated Encryption using AES-256 using Encrypt-then-MAC
  • Same solid foundation as 1Password for Mac and 1Password for iOS
  • PIN code (not limited to 4 digits)
  • Automatically clear clipboard
  • Automatically lock vault when idle

On iOS 8, App Extensions, OS X Yosemite, and 1Password

iOS 8 App Extensions iconHonestly, we’d like to exclaim from atop Yosemite’s cliffs about our excitement for the other Yosemite, iOS 8, and all the incredible things Apple announced during WWDC 2014′s opening keynote.

But the great news is we’re actually here, in San Francisco, to learn first-hand about all this amazing new stuff straight from Apple (though the not-so-great news is we’ll have to hold off on the road trip)! If you’re in the area and see us around, we love to meet fellow developers and our amazing customers—be sure to say hi!

iOS 8 App Extensions, Touch ID opening up, and what this all could mean for 1Password

By now you may have heard about App Extensions, one of the many, many new features Apple announced is coming to iOS 8 in the fall. In short, App Extensions allow third-party apps to plug into other apps, including Apple’s own.

iOS extensions

Combine that with Apple’s announcement that Touch ID is also opening up to third-party developers, and you can see why we were doing Snoopy dances in our keynote seats. Then pile on other great new stuff like user-installable keyboards, OS-wide support for third-party cloud storage, Spotlight improvements, and… well, you can see we have a lot of dancing to do. Then, we have a lot of research and testing to do.

This all is incredibly exciting, and we are looking into the delectable possibilities these features might be able to unlock for 1Password. Might.

Right now, we have nothing to announce since we learned of all this awesomeness at the same time as you. We still need to explore the actual capabilities of these features and whether we can even use them.

As soon as we can say more about whether iOS 8′s HomeKit features will let 1Password turn off your lights and lock your front door along with your vault, we’ll exclaim it from atop our blog here, Twitter, Facebook, and our newsletter!

Password reuse lands Find My iPhone users in expensive hot water

1Password 4 for Mac icon

There are plenty of examples as to why friends shouldn’t let friends reuse passwords, but some users of Apple’s Find my iPhone have become the latest omen of why this practice is so dangerous.

On Tuesday, May 27, The Verge reported that Apple’s Find my iPhone feature was being used to lock devices for ransom. Some people found their Mac or iPhone locked—a legitimate feature of Find my iPhone—with a message of “Device hacked by Oleg Pliss” and a demand of $50 to unlock it.

At first it wasn’t clear how the malicious hacker(s) were able to compromise these devices, but today Apple stated that it wasn’t through an iCloud flaw. The most likely culprit, then, would be password reuse. Thanks to all the recent major breaches at some of the internet’s largest companies, including eBay, Adobe, and Yahoo, the hackers probably had plenty of material to rummage through.

Let this be yet another unfortunate and pricey lesson about reusing passwords. Don’t do it. Don’t let your friends and family do it. Send them these stories and get 1Password to effortlessly create strong, unique passwords for all your accounts.

1Password button 4.2: The Greatly Improved Edition is out!

OPb new 2014We just pushed an update to our current browser button that’s so big, I’m calling it The Greatly Improved Edition. 1Password 4 for Mac and Windows 4.0 beta testers can check to make sure their auto-update features are locked in their upright positions and take the new button out for a spin now.

You can read the full release notes after the break below, but the gist of this release is that everything about the 1Password button is Improved: filling your username and password where they’re supposed to go, dealing with fancy hidden login forms, filling credit card details, and just a whole bunch of button-fillingy stuff. Oh, and Identities now fill in birthdays.

By the time you finished reading this, Mac v4 users and Windows v4 testers should already have the update, but you can always check your extension settings to make sure. Enjoy the 1Password button Greatly Improved Edition and let us know what you think in our forum!

Continue reading

1Password 4 for Android is coming [UPDATE: It's here!]

1P4 Android bot[Major important update: it's here!]

We’ve been busy. Not just busy—busy. A while ago we decided that we could rebuild 1Password Reader for Android. We have the technology. We have the capability to build the greatest 1Password for Android the world has ever seen. We then set out to do it.

Now it’s done.

1Password 4 for Android arrives on Tuesday, June 10. It is an entirely new and full-featured app, built for both phones and tablets!

It is also an experiment. All new features will be unlocked and free for everyone to use through August 1, 2014. After that, 1Password 4 for Android will go into a reader mode, and all features can be unlocked for an in-app purchase.

To be among the first to get the whole kit-n-kaboodle about the all-new 1Password 4 for Android, subscribe to our newsletter below (and be sure to respond to the confirmation email!). Press folks who want to give it a look, get in touch with me directly or via the bottom of our Press Room.

 

We’d like to thank our existing Android users and all 1Password customers for all the enthusiasm over the past year. We can’t wait to show you the incredible new 1Password 4 for Android.

OPa 4 lock screen 2