Apps that Love 1Password: Diet Coda, VSCO Cam

Our growing Apps that Love 1Password page got even more diverse recently with some great new additions: Diet Coda from the fine folks at Panic, and VSCO Cam.

Diet Coda iconDiet Coda

Diet Coda is an iPad-ified version of Coda for Mac, Panic’s venerable web code editor. Diet Coda speaks all the big web languages, sports a powerful text editor, and has great S/FTP tools to bring it all together.

In the new Diet Coda 1.5, adding a website you need to work on is easier than ever. When adding a new site, the password field has a new 1Password button that will switch over and automatically search your vault for the domain you entered. Just tap your item, tap the password field, tap “copy” in the popover that appears, and switch back to Diet Coda to enter your password and get editing.

VSCOcam iconVSCO Cam

VSCO Cam is a photo shooting, editing, and sharing app for iPhone from Visual Supply Co. It has its own unique sense of style and is backed by people who have done work for everyone from Apple to Levi’s to Nintendo. In other words: they know photography.

In a big VSCO Cam 3.0 upgrade, the company added quite the unique way to automatically search 1Password for your VSCO account password. Instead of a 1Password button in the password field, you can triple-tap the cam app’s login screen to make the switch. Once in 1Password, just swipe across your item to trigger the Action Bar, tap the clipboard to copy your password, then switch back to VSCO Cam to paste and get shooting and sharing.

We’d like to thank Panic and Visual Supply Co. for making it easier to login with 1Password. We really do appreciate it, and our mutual users love it.

1Password for Mac Tips: How to update your passwords

1P4 Mac update Login

In every password’s life, there comes a time to get changed. Maybe it was never a very good password to begin with, maybe you were a victim of password reuse, or maybe you were among the 200 million accounts stolen in the recent Adobe and Sony breaches.

Fact is: every password dies, not every password really lives.

When it’s time to change a password, the latest versions of our browser extension and 1Password 4 for Mac make it really, really easy. Give this a shot:

  • Use the extension to log into your service of choice
  • Go to the password reset page, it’s usually in Settings or Options somewhere
  • (Optional) If your current password is required, click our extension and mouse to the right of the Login you want to update. Your details will appear in a menu to the right. Mouseover your password and click to copy it to your clipboard, then paste it into the Current Password field in the webpage (keyboard shortcut fans will be happy to know you can do all this with arrows keys and Return to copy the password)
  • Click our browser extension and go to the Password Generator to get a unique, super strong new password. Customize any details you like (such as length or special characters), then click Fill to automatically fill it into the New Password fields on the page
  • Click the Save button in the password reset form, and the 1Password extension will offer to update your existing Login, much like that glorious window you see above. If you have multiple Logins for the current site, be sure to pick the right one to update

Click Update in that window, and your new password is now saved for your existing Login! But wait, there’s more, and you can see it if you click that little details arrow next to the Login name:

1P4 Mac update Login extra details

If you make use of 1Password’s tags and folders (you should, they’re really handy!), you can add tags and file this updated Login into an existing folder, all right from the extension. Plus, if you give 1Password 4 for Mac’s new Security Audit feature a whirl, you can get a good idea of which passwords you might want to update first. Super cool?

Very super cool.

Get 1Password for Mac, Fantastical, and more in the Parallels bundle!

Parallels bundle DEAL OF THE CENTURY

Hear ye, hear ye! Step right up and get yer Parallels Bundle with seven of the most incredible, irrefutably exceptional, absolutely indispensable apps this side of the moon!

That’s right, for a limited time—and I do mean “limited”—the good folks at Parallels are offering a Mac app bundle designed just for you! Naturally, the headliner is the full (non-upgrade) version of their own Parallels Desktop for running Windows, Linux, and any other OS right on your Mac, but accompanying it are:

  • 1Password 4 for Mac
  • Fantastical
  • Kaspersky Internet Security for Mac
  • CleanMyMac 2
  • MacHider
  • Parallels Access for iPad
  • all for just $79.99!

But wait, there’s more! if you already own Parallels Desktop version 7 or later, you can get a Parallels upgrade version of the bundle for just $49.99!

But keep waiting because there’s one more thing! If you’re looking to get everything but Parallels Desktop, you can get the bundle for the low, low price $39.99!

Ok, that’s enough exclamation points for one day. But seriously, the bundle is available only for a limited time, so run, don’t walk!

Fifth AgileBits team trip finishes with great 1Password plans but not enough labadoozies

Every year, AgileBits likes to gets its employees out of the home office. Also the new office, as it were. We want to get our increasingly global team, now over 40 members strong, together for all manner of trust falls, face-to-face time, and whiskey (ok maybe not trust falls). We usually prefer someplace warm, and this year it was both warm and mobile.

Mike Verde, an Android dev, doing his best 1:1 ship ratio

Mike Verde, an Android dev, doing his best 1:1 ship ratio

We call this newly minted tradition AGConf, and for AGConf[4] our Minister of Magic, Sara Teare, chose to take us on-the-go with Royal Caribbean’s Liberty of the Seas. It’s an incredible vessel, practically a floating city, which was perfect because there were plenty of lounges for us to commandeer for daily sessions of customer support and collaboration.

We took over the deck 14 lounge every morning to answer emails and synnergize (no, not trust falls)

We took over the deck 14 lounge every morning to answer emails and synergize (no, not trust falls)

Of course, our all-hands AgileBits gatherings aren’t complete without the team taking on some kind of challenge. This year we decided on the Liberty’s FlowRider and, courtesy of our own Chris Meek and his iPhone 5S’s slow-mo shooting, you can see how that ended in the following video.

Our cruise stopped in Labadee, Haiti and Falmouth, Jamaica, which were nice changes of scenery. Both had their share of excursions, Falmouth’s port had your typical round of touristy shopping, but Labadee had a gorgeous private beach and a delightful drink invention known as the Labadoozie.

It truly was a fantastic week. AgileBits has nearly doubled in size over the past year and it was wonderful getting nearly all of us together in the same floating city room. Emails were answered, great product and company plans were forged, and, of course, drinks were had. These trips are as much about getting everyone some fun in the sun (while still responding to customer support) as they are about making 1Password the best it can be. Now that we’re all energized and back in the office, we can’t wait to show you what’s next.

‘Take Control of 1Password’ ebook updated for all our big v4.1 Mac features!

Take Control 1P 1-1Remember how Joe Kissell wrote an entire book about 1Password? It covers how to get started with creating unique, strong passwords for all your sites, then how to get the most out of 1Password by securing all the other critical aspects of your identity, financials, and more. Well, Joe didn’t stop there—he’s already back with a free update!

Take Control of 1Password v1.1 covers the big changes we brought to 1Password 4.1 for Mac, including the excellent new ability to update an existing Login’s password right in your browser, new printing options, and much more. It’s a great update and we thank Joe for covering all our new goodies so thoroughly!

If you already own a copy, you may have received an email with instructions on how to update, or you can log into your Take Control Books account and grab it there. If you have yet to pick up your copy—run, don’t walk, and grab Take Control of 1Password for yourself or a friend to learn about all the ways 1Password can make security more convenient.

There’s 1Password documentation in your head, we need it out. Yes, we’re hiring again!

Train tracks

You have experience building documentation for powerful, popular products that span more than one platform. You also laugh at the task of organizing these labyrinths of documentation because you eat labyrinths for breakfast. If you’re nodding right now because I really get what you’re all about, we’d like to talk to you.

Yes, AgileBits is growing again, and this time we need someone with strong documentation experience. Someone who can create the greatest 1Password documentation and user guides for Mac, iOS, Windows, and Android the world has ever known.

What can we offer ye wizard of documentation? I believe you would have more success asking what we can’t offer. We’re a remote-friendly company based in downtown Toronto, Canada, so we’re interested whether you can work with our incredible team in our office or roll in your pajamas at home. We have:

Now, what do we ask for in exchange? Beyond the aforementioned experience and drive to build incredible documentation and user guides for 1Password, we want to see that you can:

  • Demonstrate a great work ethic
  • Translate 1Password and its great features into languages that everyone can understand, newbies and power-users alike
  • Handle a fast-paced environment
  • Hang with some of our tools like Confluence, HipChat, and TextExpander
  • Bring some of your own tricks

If you have documentation and user guide experience, and you’re still nodding your head, email us. Tell us who you are, what you’ve done, and how you can make our documentation shine.

Apps that Love 1Password: Treehouse for iPad – Learn programming and design

Treehouse iconWe’ve been blown away by the number of developers who have added 1Password support to their apps. So far we have browsers like iCab, enterprise tools like Cisco Meraki, and social media apps like Riposte and Tweetbot. Today we’re delighted to add education to this list, as Treehouse: Learn Programming and Design for iPad recently showed 1Password some love!

Treehouse bills itself as “the best way to learn technology.” Through a huge library of tutorial videos, code challenges, and quizzes, Treehouse can help you learn everything from Objective-C to CSS to starting a business. And it’s all right on your iPad.

Naturally, you’ll need to log into your Treehouse account, and now you can just tap the 1Password button on the account screen. You will be switched to 1Password with an auto-search for your Treehouse Login. Just swipe the item to trigger 1Password’s Action Bar, tap the clipboard to copy it, then switch back to Treehouse and paste to get your learn on.

Treehouse iPad 1P button

Apps that Love 1Password: Turbine Reader, Glassboard, Cisco Meraki

It’s that time of the year, at least here in the U.S.’s upper midwest and Canada. The first couple of winter storms have done their worst, it’s warmed up a little so the snow is starting to melt, and yet more iPhone and iPad apps have added support for 1Password.

Turbine Reader iconTurbine Reader

Turbine Reader for iPhone and iPad is a news client Feed Wrangler and News Blur, with more services coming soon. It’s a great iOS 7 citizen sporting a clean look, background updating, and an automatic night mode.

When it’s time to log into your chosen service, a “Launch 1Password” option above the login form will bounce you over to 1Password to make finding your Login a breeze. Just swipe your Login for the new Action Bar to copy your password and head on back.

Turbine Reader is just $4.99 in App Store.

Glassboard iOS icon 512Glassboard 3.0

Glassboard for iPhone is a private chat service for teams, groups, or just two individuals. You can share everything you would expect—photos, videos, and files—and even your location, and you can join as many different boards as you want.

Second Gear recently gave Glassboard a major overhaul, making it a sleek, beautiful iOS 7 citizen and even easier to use. While signing in, a new 1Password button makes it easy to switch to 1Password and find your Glassboard Login. Just swipe the item for 1Password’s Action Bar, tap the clipboard to copy your password, then switch back, paste, and get on with messaging your boards.

Glassboard is free in App Store and the free service lets you create up to three boards and host 100MB of stuff per board. If you want more, a small yearly subscription gives you all the boards you want, some extra features, and a ton more storage space.

Cisco Meraki iconCisco Meraki

Cisco Meraki for iPhone and iPad is an app for managing your Cisco Meraki wireless switches and access points for your business. You can view your wireless network’s status, check on specific Meraki access points and device types, and add more wireless capacity, all right from the app.

When logging into the Meraki app, a 1Password button makes it easy to find your Login. Swipe it to trigger the Action Bar, tap the clipboard to copy your password, and switch back to quickly log in and get on with work.

Meraki is free in App Store.

Your Master Password is your defense from Dropbox breaches, real and imagined

1Password in DropboxRumors of a Dropbox data breach spread this weekend, a breach that ultimately turned out to be false. But even in instances of false alarms, it is useful to remind 1Password users that their 1Password data cannot be decrypted without the Master Password. So let me take this opportunity to remind everyone that your 1Password data cannot be decrypted without your Master Password. If someone steals your 1Password data – whether from the theft of your own computer or through the breach of a sync service – they cannot decrypt it.

Fact checking

It is worth noting that when a perpetrator of a rumor like this self-identifies as “Operation Troll Security”, it might be worthwhile to double check their claims before jumping to conclusions or even reporting the claims further. This is particularly true if a perpetrator has a history of claiming responsibility for every notable site outage, then laughing at people who believed them. Operation Troll Security doesn’t often tell the truth, but it may be wise to heed one particular tweet:

Despite the fact that the claims of a Dropbox breach were a complete hoax, it still is worthwhile to point out some things about the security of your 1Password data if it ever does fall into the wrong hands.

End-to-end encryption

1Password uses what is called “end-to-end” encryption. 1Password on your computer or mobile device encrypts your data with keys that are derived from your Master Password. Those keys are never stored anywhere or transmitted. Nobody, not even us at AgileBits, ever see those keys or your Master Password. This is why it absolutely essential that you don’t forget your Master Password. We cannot reset it or reconstruct it. Your data can only be decrypted by you.

We designed 1Password this way from the outset because we knew that computers get stolen and services get compromised. By placing all encryption and decryption under your control, we become far less reliant on the security of any sync service.

Protecting Master Passwords

If an attacker does get hold of your 1Password data, the only feasible way for them to attempt Password Based Key Derivation Function diagramto decrypt it would be to try to guess your Master Password. Of course, they wouldn’t sit there typing in guesses. Instead they would run automated password guessing systems against the data.

We have a long history of building mechanisms into 1Password’s data format that make it harder for attackers to guess your Master Password. When we released 1Password 2.5 in 2007 with the then new Agile Keychain data format, we added PBKDF2 so that anyone trying to run automated password guessing systems against captured 1Password data would have to perform lots of slow computation for each guess. You can read more about PBKDF2 and this aspect of our design in an older article of mine, Defending against crackers: Peanut Butter Keeps Dogs Friendly, Too. Many of the details have changed over the intervening years, but the essential concept remains the same.

Toward better Master Passwords

DicePBKDF2 makes it harder for those automating password guessing, but it does have limits. You need to do your part by choosing a good Master Password. Even a small improvement to a Master Password goes a long way. Adding a single truly randomly chosen digit to the end of your Master Password makes the attacker work ten times longer to guess it. Adding a truly randomly chosen word make the attacker work thousands of times longer. Adding two truly randomly chosen words makes the attacker work tens of millions of times longer.

You will note that I emphasized the phrase “truly randomly” a few times there. That part is crucial. People turn out to be very unrandom even (especially?) when they are trying to be random. If you follow our advice in Toward Better Master Passwords, you will see how you can securely pick words at random to add to a Master Password. Hint: It involves rolling dice. It’s fun!

A hoax is a hoax, of course of course

Even though the report of a Dropbox breach was a hoax, you still may ask what role Dropbox security plays in the security of  your 1Password data. I hope that this article helps explain that and how using 1Password can keep your secrets safe. I look forward to further discussion in our forums.

Here’s to 2013 and a happy and secure 2014!

fireworks

I think it’s safe to say 2013 was the best yet for AgileBits. We laughed, we cried (at some really funny stuff), and we fell in love with our first-ever office space. It’s about that time to glance back at everything we accomplished over the past 365 days, then look forward to what we have on the way in 2014.

2013 Retrospective

This was easily our biggest and busiest year ever:

2014 Awesomespective

Glancing back is a great way to see how far we’ve come, but looking forward to next year is even more fun because we have so much more in store.

With a major Windows upgrade and full Android version in beta, we’re making sure everyone gets the fantastic password and digital wallet experience they deserve. We also have a big, free iOS update on the way and… well, I should probably wait on the rest until we can show you.

Thanks to all of you for making 2013 our best year yet, and let’s all toast to a happy and secure 2014!