1Password X: A look at the future of 1Password in the browser

“Wouldn’t it be cool if 1Password could do X?” is a question we often ask ourselves. The values for X are always changing, but some ideas come up again and again. Wouldn’t it be cool if…

  • When you log in to a site, 1Password is right there on the page ready to fill?
  • You could use 1Password without downloading the app?
  • Linux users and Chrome OS users could join in on the fun?

Now 1Password can do all these and more. We call it 1Password X, and it’s our brand new, full-featured experience that runs entirely in your browser.

It’s super easy to set up, deploy, and use. It works everywhere Chrome works, including Linux and Chrome OS. And it’s a re-imagination of how 1Password works on the web.

X is for extension

Before we jump in, I want to address one thing you may be thinking: our X is a letter, not a version number. Our X is a hat tip to one of the most beloved features of 1Password, namely our 1Password extension.

The extension is what allows us to have the little 1Password icon in your browser toolbar. I call it our bread and butter, and I couldn’t live without it. 😊

1Password X builds on this experience and takes it to the next level. The most visible change you just saw above – your logins are now available directly within the webpage you are viewing!

It’s smart, too. 1Password anticipates what you need and shows you the options that are most relevant to your current task. If you are signing up for a new site, 1Password suggests a generated password for you right then and there.

You can also save your new login, name it, and pick which vault to store it in.

X is for Linux

One of the most popular requests of all time has been Linux support. In fact, the forum thread asking for Linux has over 75,000 views. That’s a lot of cold penguins. 🙂

Because 1Password X is a Chrome extension, it works everywhere Chrome is available, including Linux. In fact, we initially shared 1Password X exclusively with Linux users as we wanted to make sure we nailed it.

Tim, our chief sysadmin and “beardless keeper of keys and grounds” is a hardcore Linux evangelist who, until now, has had no other choice than to use Wine to run 1Password. Tim has been our toughest critic over the years for our lack of Linux support, and so far he’s been thrilled.

There’s still lots of work to do, but we have thousands of happy Linux users already enjoying 1Password X. And we can’t wait to invite all of the other penguins in out of the cold! 😘

X is for exceedingly powerful

1Password X has all of the power of a full-featured app. And because it connects directly to your 1Password account, everything you expect from 1Password is there – your vaults, your items, and all their details.

And we’ve sprinkled in some additional features to absolutely delight you:

  • Keyboard navigation: We know this is a big one for power users, so we made sure everything can be done without lifting your fingers from the keyboard.
  • Smart search: Just start typing to find exactly what you need – ideal for when you have multiple logins for a site.
  • Perfect memory: 1Password remembers what you were doing last, whether you were in the middle of a search or looking at an item’s details.
  • One-time password filling: Your two-factor authentication codes are filled just like usernames and passwords.
  • Authentication dialog filling: If you ever see one those old-school HTTP authentication prompts, rest assured that 1Password can fill them.

My personal favourite has to be our amazing new search – I just start typing and my matching items appear automatically. I love it so much that filling one-time passwords had to take second factor place. It was close, though – only 30 seconds behind! 😃

X is for extra easy setup

Historically, we’ve needed to teach people how to first install and set up the app, and then take them out of the app to install the extension. With 1Password X, they’re one and the same. Just install it, enter your Master Password, and you’re in.

Because there’s no need to install a separate desktop app, deployment within team environments is as simple as can be. And by using multiple Chrome profiles, your team members can share the same machine while having access to their own 1Password data.

1Password X can even be installed on Chrome OS, which makes me super excited as now I can finally buy one of those lovely new Pixelbooks. 🤘

X is for Excelsior!

1Password X is a radical new way of using 1Password, but it’s not (yet) for everyone. It’s still in its early stages so some features are not yet available. For example, it’s not yet possible to customize generated passwords or use browsers like Safari, Firefox, and Edge.

But it is an exciting new way to use 1Password on the web, and for me, that outweighs any drawbacks. I’ve been using 1Password X exclusively for the last 6 months, and I couldn’t be happier.

So is 1Password X for you? If you’re running Linux or Chrome OS, you should jump right in. Or if you’re adventurous and enjoy the thrill of discovering new things while being on the cutting edge, then 1Password X is for you – it runs fine alongside the 1Password apps and extension you already use.

1Password X was designed for our hosted 1Password service and connects directly to your account. It is available in English, French, German, Italian, Russian, and Spanish and can be installed from the Chrome Web Store:

Install 1Password X

I hope you’re as excited about 1Password X as I am! Learn how to get started with 1Password X and join the discussion in the 1Password Support forum to let us know what you think! ❤️

Now let’s all go join Harold in that rocket ship and explore what’s possible! 😃 🚀

150 replies
Newer Comments »
  1. Tim
    Tim says:

    X for exclamation!

    Thank you Dave and the whole 1Password X team! Thank you for your patience and attention to my strange requests. (Item sort, keyboard navigation, field focus and many more).

    Last 6 months was a break-through. AWS login form, I can’t thank you enough for that one! Wine version still in my auto start (I need backup, you know :) ), but I don’t remember last time when I clicked that icon.

    –Tim
    Beardless keeper of keys and grounds

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey Jeff! I’m sorry you’re not feeling the love here, but 1Password X relies on many features of our hosted service to work properly, so this isn’t likely to change. As cool as it is, though, 1Password X is one option among many. The desktop apps and existing extensions aren’t going anywhere and still support standalone vaults, same as they always did. We’re not taking any choices away, just adding a new one to fill in some gaps for folks who previously had no way to use 1Password. You can always give it a try free for 30 days, if you’d like, or just stick with what you’ve got. If you’re happy, we’re happy, and how you use 1Password is and always will be your choice. ❤️

    • Fabian
      Fabian says:

      Agreed. I was thinking about moving back to 1Password in the hopes of a new standalone app, but now they do this again. “New features only possible this way!” Yeah… Guess I’ll keep other .

    • Kate Sebald
      Kate Sebald says:

      Hey Fabian! The desktop apps will be seeing upgrades soon too. 1Password 7 for iOS is already available and the rest are being furiously developed as we speak. Plus, all of them will support standalone vaults. Of course, we think 1Password X is well worth giving a 1Password membership a try, but if it’s not for you new desktop apps are on the way. Come on back! We’ll keep the light on for you. ❤️☺️

    • Jeff
      Jeff says:

      I am so worried that AgileBits is going to going to abandon the local store and go all in with the hosted service. That will be a sad, sad, day if it does happen. I can not ever imagine having my data unencrypted anywhere other than on my local machines. AgileBits team, if you do do that, please either release the source for the old apps to the community or at least give us a heads up so that we can find an alternative.

    • Dave Teare
      Dave Teare says:

      I agree 100%, Jeff. I wouldn’t want my data unencrypted anywhere other than my local machine, either! And I certainly would never want your unencrypted data or anyone else’s stored on our servers. That would be a horrible thing! I don’t know how other companies who do such things can sleep at night. I really don’t.

      On our servers, all your data is fully encrypted and completely useless to anyone who doesn’t have the keys to decrypt it. Namely you. You can see our security page for more details on how we keep your data safe using mathematics instead of just policies to ensure we never have access to your secrets.

      With that said, if you’re set on managing your own local vaults, more power to you. That’s still an option and we continue to sell licenses for this approach so you’re welcome to continue rocking to that tune if that’s your groove. As for worrying that we will abandon them, it’s interesting how the human mind loves to find things to worry about, isn’t it? My mind does that as well and one of the ways I put my mind at ease is to remind myself that 99% of the things I worry about never happen. The same can be said here. I expect when you look back at this is a few years you’ll feel the same way. 🙂

      Take care,

      ++dave;

  2. Tangible
    Tangible says:

    A vote for Safari as your next implementation. The Safari browser is much more respectful of privacy than Chrome, because unlike Google, Apple isn’t in the ad business.

    A question: Is this new version available to those of us who are purchasers of your software rather than subscribers to your pay-us-forever plan?

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey Tangible! Other browsers are definitely part of the plan, but we wanted to start on the smaller side and Chrome seemed a good choice with ChromeOS being a gap in our 1Password offerings. I’m a Firefox on PC and Safari on Mac gal myself, so I will admit I might maybe have nagged Dave a bit about giving my browsers of choice some love, but I also ordered him to rest first so you and I will need to be patient for a bit. He and the team really have been busting their butts for the past few weeks to get everything ready to go and they deserve a break.❤️

      Is this new version available to those of us who are purchasers of your software

      I’m going to pick some nits here and totally understand if you roll your eyes at me, but all of our customers have purchased 1Password, no matter how they did it. No, 1Password X will not work with standalone vaults. It relies on your data being online and sever other features of our hosted service in order to work properly, so it simply wouldn’t be able to function as it does if it needed to get data from your local device, which means this isn’t likely to change.

      I fully understand that the idea of a subscription doesn’t sit well with some folks, but one thing I always like to mention is that nothing about 1Password forces anyone to pay forever. A frozen account is still accessible to you and allows you to export and copy and paste your data. You don’t need to have your membership auto-renew and the apps themselves are included some a portion of what you spend on your 1Password membership would have been spent anyway on paying for a license. We are not your cable company, nor are we that gym you signed up for on New Years Day three years ago and are still trying to cancel. You can leave at any time and while we may try to convince you to stay, we don’t have a retention department that will try to keep you on the phone until you give up out of frustration.🙂

      Thant said, as Dave mentioned in previously replies, many of the feature of 1Password X are slated to be added to the desktop apps as well, which will benefit all of our customers no matter how you purchased 1Password or where you store your vaults. 1Password X is yet another choice available to you if it fits your needs, and quite awesome on its own to merit giving a 1Password membership a try in our opinion, but that choice is always yours. 👍🏻

    • Dave Teare
      Dave Teare says:

      It’s a great question, Jonah!

      Firefox Quantum looks awesome and we will be adding support for it as soon as we can.

      ++dave;

    • Kate Sebald
      Kate Sebald says:

      Hey James! 1Password X relies on many of the features of our hosted solution to work properly, so you’re correct and that’s not likely to change. That said, as I and Dave have mentioned in previous replies, many of the features of 1Password X are slated to be added to the desktop apps down the road, which will benefit all of our customers no matter where you choose to store your vaults. If you’re wanting to get in on the cutting edge, you can always give a 1Password membership a try free for 30 days to see what the fuss is all about. If it’s not for you, well, hang tight for a bit and look to see the future of 1Password come to a desktop app near you later on. 👍🏻

  3. Alex Bencz
    Alex Bencz says:

    X is for “eXcept for self-hosted 1Password users” :(

    Self-hosting and allowing me to maintain control of my data was a major differentiator in favour of 1Password vs. competitors like Lastpass. Now, non-cloud 1Password is clearly a second class citizen in the 1Password ecosystem. I think it’s time for me to move on to another password manager.

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey Alex! The introduction of 1Password X doesn’t mean the desktop apps are going away. As a Firefox/Safari gal, I’m still using them myself, even though I have a 1Password Families account. Standalone vaults aren’t going anywhere either. They are still available, if that’s your preference, and in the same desktop apps our membership customers use no less. Even if we wanted to make standalone vaults second class (and we certainly don’t), it would be quite a bit of work to segregate features within a single app and we see no reason to put in all that work just to be jerks. That would be about as unCandaian as can be, after all.🍁

      Of course, 1Password.com does give us a lot of tools to build cool new things and we’re not going to hold back building something exciting simply because we cannot offer it to our standalone customers. As Dave mentioned, we’ll certainly work towards adding many of the features of 1Password X to the desktop apps as well so that all of our customers can take advantage of them. 1Password X is a new and exciting choice that we feel merits giving a 1Password membership a try all on its own, but if our hosted service isn’t for you, the desktop apps are still here for you and we’ll continue to improve them and add features like we always have, including some you see in 1Password X.❤️🙂

    • Kate Sebald
      Kate Sebald says:

      Hey Chris! 1Password X does require a 1Password.com account, but you can always give it a try if you’d like. 1Password memberships are free for 30 days and come with a host of other cool features above and beyond 1Password X. Of course, if a 1Password membership isn’t for you, the desktop apps aren’t going anywhere. Of course, we hope you’ll give a 1Password membership a try, but 1Password X is meant to expand the array of choices available to 1Password customers, not limit them, and the choice of how to use 1Password is always your own. ❤️

    • Dave Teare
      Dave Teare says:

      Thank you so much for saying so, Sam! I’m rather smitten with it myself! 😀

      Firefox support is something near and dear to my heart and we’ll be making that happen. It will hopefully be sooner than later, but first we’re going to enjoy the release celebrations. 🎉

  4. Kevin Burke
    Kevin Burke says:

    I’m really worried about the security of my data on 1Password servers. I feel much more secure knowing that it doesn’t leave my computer. It is impossible for a compromise to jeopardize my data if it isn’t there to begin with.

    Is there a mode I can run the new application in where the data never leaves my machine?

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey Kevin! 1Password X will not work with standalone vaults, but your data isn’t ever on our servers, in reality. What’s on the servers is a meaningless encrypted blob of uselessness and no keys to unlock it. Those keys are only on your device (your Secret Key) and in your head (your Master Password). As our Chief Defender Against the Dark Arts has said, we can’t mismanage what we never have. Of course, we’ll always do everything possible to prevent our servers from being compromised, including offering a substantial reward to anyone able to extract usable 1Password data, but it’s always a good practice to limit the potential damage of mistakes even if they are unlikely to happen.👍🏻

      That said, what matters is that you’re comfortable with the security your chosen 1Password solution offers. We hope that being transparent about what we do to protect your data and offering resource to learn about 1Password’s security model help you feel comfortable with a 1Password membership. At the end of the day, though, the choice of how and where to store your data is totally up to you.🙂

  5. Jonathan
    Jonathan says:

    Please keep the old extension alive or at least allow us to turn off the in-page integration. I’m having horrifying flashbacks to Dashlane (which works like this) pegging my CPU at 100% due to environmental quirks. That bug is precisely why I threw in the towel and switched to 1Password.

    The minimalism of your current browser extension is an incredibly desirable feature.

    Reply
    • Dave Teare
      Dave Teare says:

      Thanks for sharing, Jonathan.

      So a few things come to mind. 🙂

      First, we know all to well how obtrusive extension can be if they choose to be. We took a different path and instead chose to err on the side of conservatism and only show the 1Password menu when we really think you need it. So from the get go you should not find 1Password getting in your way. We respect your workflow too much to do that!

      With that said, you can indeed customize how 1Password integrates with websites. You can turn everything off completely, or, you can choose to have the 1Password icon appear automatically while keeping the menu itself closed until you open it manually. You can customize your settings by ctrl-clicking on the toolbar icon and selecting Options.

      Please give it a try and let us know how it turns out.

  6. Josh
    Josh says:

    X is for x..tra secure?

    I’m curious how you handled security with the new extension. Do you enter your account key into it? How is that stored? How does the extension do cryptographic operations and store other sensitive secrets, without falling into the common JavaScript crypto pitfalls?

    Reply
    • Dave Teare
      Dave Teare says:

      Great questions, Josh!

      With every blog post I need to decide what makes it into the final announcement and what needs to be cut or wait for a followup post. I would have absolutely loved to included a X is for exemplary security but I was already well over my 1000 word target. 🙂

      I’m running on just a few hours sleep so I’m going to give the quick answer to your questions – hopefully our Chief Defender Against the Dark Arts and I will be able to get together soon to create a white paper dedicated to how 1Password X works.

      So first and foremost all encryption and decryption is handled locally. The encryption key are derived from your Master Password and Secret Key, and this key is only kept within memory. Your Master Password is discarded once the encryption key is derived, while the Secret Key is not meant to be memorized or typed in each time so it is stored locally on your device. Your data itself is only stored on the 1Password servers and is downloaded on demand. There is no local storage of your data. All cryptographic operations are performed using WebCrypto, running in our own isolated world, using code that is bundled in the downloaded (and signed) Chrome extension.

      Whew! That was a mouthful. I apologize that I just don’t have the right mindset to structure that in a better way. Once I get my sleep schedule back on track and soothe the RSI in my wrists, I’ll take a crack at taking a deeper dive on all these points.

      I hope that helps in the meantime.

      Cheers!

    • Dave Teare
      Dave Teare says:

      Me too! I’ve needed to use all my willpower to focus on publishing this 1Password X announcement while avoiding the amazing Firefox 57 release. I’m looking forward to the after party so I can add 1Password X support there 🙂

      Thanks for your encouragement, Jesse! It’s fuel for my fire! 🔥

      ++dave;

  7. Joshka
    Joshka says:

    Going one step further, wouldn’t it be cool if I could sign up for a site in 3 clicks?

    Vision:
    Click the 1p icon in the toolbar, click create new login for this site, click submit on the site’s sign-up form.

    Constraints:
    * I want to have a different username / email per site so let me configure how this auto-generated data is created. In the same way that using a unique password protects me from credential exposure across services, unique emails / usernames protects me from easy cross service profiling and allows me to self-manage data breaches of my information.
    * There’s obviously a lot of variability in every site, but this would get 80% of the way. Feedback on the missing elements of a sign-up form could drive perfection for the next user coming along to that site.

    Reply
    • Dave Teare
      Dave Teare says:

      I love seeing you pushing the boundaries, Joshka! You’re speaking my kind of language there! 🤘

      We have actually had similar discussions during some of our Chipotle-fueled brainstorming sessions while Game of Thrones played in the background. I can’t promise anything right now but I do know this is a feature I would use personally, so hopefully we can get there sooner than later.

      Take care,

      ++dave;

  8. Nzall
    Nzall says:

    This sounds nice. Is there some form of compatibility with the desktop app or Dropbox integration planned for those of us who aren’t yet willing to switch to the subscription based model?

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey Nzall! 1Password X will only work with our hosted service. 1Password X itself relies on our hosted service to work as it does, so this isn’t likely to change, but the desktop apps aren’t going anywhere. As Dave mentioned, we do want to bring some of the features of 1Password X to the desktop apps in the future so definitely keep an eye out for them. 👍🏻

      I also can’t help but notice you mentioned you’re not ready yet. I’m not the type for the hard sell, but I really do think the great features of a 1Password membership speak for themselves. I’d seriously encourage you to give a 1Password membership a try and, if you do have any questions, we’re happy to have a chat. ❤️

  9. Aaron Ellington
    Aaron Ellington says:

    What about offline usage? Does it still work if you don’t have an internet connection? (after first setting up the plugin)

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Aaron! 👋

      This is a great question. When we started designing 1Password X a year ago we were excited to create a 100% online version of 1Password. Being completely online has several benefits, both in code and in security. For example, we never write any data to disk, so even if your machine was stolen there would be no data for an attacker to even attempt a brute force attack upon.

      Now of course every design decision has tradeoffs, and this one is no exception. Currently, when your internet connection is unavailable, you cannot view your 1Password data. That’s certainly a big downside and so we want to give you more control over this in a future version.

      What I do personally is I use 1Password X throughout my day and continue to have 1Password for Mac installed and ready to go in case I ever need offline access. So far I haven’t (knock on wood!) but I enjoy having a backup plan.

      I hope that helps answer your question. Take care and enjoy the rest of your day! 🙂

  10. Sam
    Sam says:

    For years, it was really simple. I bought a license to 1Password, and that was it.

    Then there was the Mac App Store / non app store schism, where each version had slightly different features and security. Then 1Password 6 happened, which was officially “not an upgrade” to 1Password 4, but a different product. Then hosted plans appeared, which were not quite the same as the standalone ones. Now we’ve got “X”, which (despite being “10” on all other Mac-related products) is just a letter, not a version number, and runs in one particular browser.

    I think AgileBits is not going to be happy until every customer is completely baffled as to their product line. I’ve been a 1Password user for almost 10 years, and I know I am.

    I really wish AgileBits had stuck with normal paid upgrades, and finished some of the half-baked features that have been around since the early days. Building more new half-baked features is just convincing me that I need to get off 1Password.

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey, Sam! I’m sorry you find the array of options confusing. I sometimes think this may be a reality of modern life. Our needs as humans are so varied that we’re constantly presented with a litany of options for even simple things to the point where we throw up our hands. I often find myself paralyzed in the deodorant aisle wondering why such a product merits its own aisle to begin with. Cognitive scientists call this “the Paradox of Choice.” Essentially, there’s a threshold (that may be different for different people) where options become so overwhelming we’re incapable of making a decision.

      I do think this is a line we need to toe with 1Password and perhaps, for some, we’ve already crossed it at some point. We hate limiting choices as something like choosing a password manager really is very personal. Your password manager stores the keys to your digital universe and telling folks that we won’t allow you to store those keys in a certain manner doesn’t really sit well with us. A good security solution makes you, individually, feel safe and secure and what accomplishes that for any given person will likely vary quite a bit, so we want to offer those choices.

      So how can we provide those choices without giving folks analysis paralysis? I think we’re already working towards something that will be of help. You mentioned that 1Password 6 wasn’t an upgrade for 1Password 4. This sounds like Windows to me since 1Password 4 remains canon for standalone vaults while 1Password 6 supports 1Password memberships on Windows. This will be coming to an end with 1Password 7 for Windows, which will support both options. We’ve also already done quite a bit to minimize the differences between 1Password for Mac from the App Store and the same app purchased directly from us. Today, these are effectively the same app. They do handle a few little things differently due to some restrictions Apple puts on apps from the App Store, but most of these are relatively invisible to our customers and we hope to continue to improve on that.

      Ultimately, I think there are two key choices with 1Password:
      1. How would you like to pay for 1Password?
      2. How would you like to sync your vaults?
      If you answer these two questions, your choices are narrowed and you can look at either the options that support standalone vaults or the options that support a 1Password membership, depending on your answers. If you’re looking to stick with standalone licenses, well, you’re all set. You can focus on the desktop apps which continue to support this model and, if you’re ever interested in giving the other options a try, well, you can always make the switch. Plus, if you do find yourself paralyzed with indecision, we’re always happy to lend a hand and talk through the options with you to cut through any confusion and make sure 1Password works the best it can for you.❤️🙂

  11. GrayWarden
    GrayWarden says:

    Looks great. Good work.
    When is a Firefox addon to be expected?
    Shouldn’t be that complicated as chrome addons and the new webextensions are very similiar, am i right?

    Reply
    • Dave Teare
      Dave Teare says:

      You are absolutely right, Gray. Firefox has done a great job adopting the Chrome web extensions architecture and so I don’t expect it to be a monumental undertaking to added support.

      Still, it’s enough effort that I couldn’t allow myself to add it to the 1.0 release cycle. Once the dust settles from our release party we’ll sit down and make this happen. The folks at Mozilla are amazing and I know firsthand that they stand behind their app and will help us if we need it.

      But first, some sleep! 😃

  12. K.C.
    K.C. says:

    ‘X’ must also stand for “excluded”, since standalone vaults aren’t supported. Any plans to add that support in the future?

    Reply
    • Dave Teare
      Dave Teare says:

      Hi K.C.,

      I’m sorry you feel excluded! That certainly wasn’t my intent.

      1Password X depends on so many features of our hosted 1Password service that I don’t see that ever changing. With that said, many of the features from 1Password X will be making their way to all our apps so in the long run everyone will benefit.

      For me personally I love 1Password X so much that I believe it’s worth switching for all on its own. Not to mention all the other benefits a 1Password membership has. Of course, that’s your choice to make.

      I hope that helps! Take care,

      ++dave;

    • Dave Teare
      Dave Teare says:

      You’re very welcome, Larry! Ghost was certainly on our minds as we designed and developed 1Password X. While I’m super excited that 1Password X can support Ghost in theory there is a rub: 1Password X requires Chrome 60 and iirc, the shipping version of Ghost is built upon Chrome 56. So we’re not quite there yet but we are indeed very close!

      I have not had a chance to try Ghost 2 yet so perhaps this is not an issue there? Do you know which version of Chromium that’s built upon? Also, while I was testing in Ghost during development I had some troubles accessing the chrome.tabs api from our inline menu, so at the moment Ghost users will need to access 1Password from the toolbar icon. Again, perhaps Ghost 2 addressed that already. Once I find some time to sleep I’ll dig a bit deeper. 🙂

      Take care,

      ++dave;

Newer Comments »

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *