1Password tips

Quick Tip: Move a locally synced vault

Pop quiz, hotshot. You’ve chosen to sync your vault to local storage using 1Password 4 for Android. Now you’ve got a new device and you need to migrate that data onto it. What do you do? What do you do?

Not to worry. Migrating your vault to another device isn’t as daunting as it may appear at first glance. You’ll just need access to a desktop computer and a USB cable.

Move the vault from the old device

1P4 Android bot

The first thing you’ll need to do is connect your Android phone or tablet to your desktop with a USB cable. Then, open the device to view its files and folders on your computer.

Note: If you’re using a Mac, make sure you have installed the Android File Transfer tool.

Using Finder or Windows Explorer, navigate through your device’s local storage until you find the .agilekeychain folder that is your 1Password vault. Copy the entire folder to the desired location on your computer.

Migrate to a new device

To get that vault onto a new Android device, connect the new Android to the computer with the USB cable. Then, copy the entire folder to your new device’s local storage.

Once the folder is on the new device, configure 1Password for Android to sync with local storage, as usual.

Migrating to Dropbox

If you’ve decided to switch to Dropbox for easier syncing between devices, you can do that easily. Make sure that Dropbox is installed on your Mac or Windows PC.

Once you’ve got Dropbox installed, open the Dropbox folder on your device and copy the .agilekeychain folder to it. You can use 1PasswordAnywhere to confirm that your vault transferred to Dropbox properly.

That’s it! If you’re syncing to local storage with 1Password 4 on Android, it’s a good idea to back up your vault to another device this way every now and then, just in case something bad should happen. That’s just perfectly normal paranoia. Everyone in the universe has that. :shifty_eyes:

The AgileBits team wearing their finest tin foil hats

The AgileBits team wearing their finest tin foil hats

Questions? We’d love to hear from you. Leave a comment here or join us in the forums. If you’d like to join our beta family and be the first to try new features, you’re most welcome to sign up for our beta newsletter.

1Password for Android header

Wi-Fi Sync comes to 1Password for Android

Yesterday evening, after several weeks of collaboration with our beta family, we published the highly anticipated 1Password version 4.5 for Android. The big news, of course, is that it is now possible to sync your primary vault with 1Password for Mac or Windows using the new Wi-Fi Sync feature.

Look, Ma, no hands! (or clouds)

1Password for Android Wi-Fi logo

We’re thrilled to offer you even greater control over how you sync your 1Password data. If you prefer to keep your vault on your local Wi-Fi network and not fuss with manually copying your 1Password vault to and from your Android phone or tablet, you’ll enjoy the convenience of Wi-Fi Sync. You can read about setting up Wi-Fi Sync in our user guide. If you’re interested in reading more about Wi-Fi Sync from a developer’s perspective, we posted a DevBits article about this on our blog last month.

In related news, you know that “pull to refresh” gesture, where you tap your screen and drag it down? Well, we kind of love it. But that’s not a good enough reason to use it. After all, we don’t just throw things into 1Password, all willy nilly-like. While we were working on improvements for 4.5, we thought, What if you could use that easy, convenient gesture to manually trigger a sync? That would be cool! So now you can.

Polyglottery, levelled up.

One of the ways in which we make 1Password more accessible to folks is by localizing it, and we were immensely proud when we began doing that last year. Today, we add Korean to the list of available localizations.

You are awesome and we love you.

You are some seriously passionate people! Every day, our inbox and forums are filled with new conversations. The time you take to submit feature requests and bug reports means the world to us. It helps our developers prioritize resource allocation so we can make 1Password even better for you. The complete rundown of the improvements in version 4.5 can be found on our version history page.

If you use 1Password beta for Android, we have to extend an extra special thank you to you. We love our beta families on every platform, but especially on Android! There are so many different Android devices and without your help, it would be exponentially more difficult for us to make sure every 1Password update is a solid one. Thank you for all that you do.

1Password 4.5 for Android is available now in your local Google Play Store. If you’d like to join our beta team, you’re most welcome! Please sign up on our website. Got feedback? That’s fantastic, we love to hear from you. Please share your thoughts with us in our Android forum.

DevBits header

Wi-Fi Sync in 1Password for Android: Design Overview

Today, I’m happy to tell you that Wi-Fi Sync is coming to 1Password for Android! In fact, it is already available in the latest beta, so you can join our beta family and try it out right now. In this edition of our DevBits series, I am going to talk about how we implemented Wi-Fi Sync in 1Password for Android.

Wi-Fi Sync in 1Password for Android uses only standard Android APIs. We don’t use any third-party libraries. All the required communication logic was written in-house (although inspirational ideas for WebSocket implementation were taken from elsewhere). Using Android APIs keeps the .apk file small and eliminates version incompatibility, licensing issues, or any other trouble that might arise when incorporating third-party code into the app.

Wi-Fi Sync in 1Password for Android consists of three parts: Network Service Discovery (NSD), Network Service Resolution, and the actual sync itself. Both the Network Service Discovery and Network Service Resolution are based on the NSD framework built in to Android. The sync is implemented using synchronous Websocket communication with a service provided by 1Password for Mac or 1Password for Windows.

Network Service Discovery

When you choose to sync using Wi-Fi in 1Password for Android, Network Service Discovery is launched asynchronously and continues to run in the background until you stop it. The service looks for all network services matching the type used by 1Password (in our case “_1password4._tcp.”).

This network service type matches the type used by the latest versions of 1Password on both Mac and Windows when Wi-Fi Sync is enabled. Any discovered Wi-Fi services are displayed in a list for you to select from in order to set up the initial sync. It is important to note that the service info found by NSD contains no information other than the service name and type.

Network Service Resolution

Once you have decided which service you want to use, the Network Service Resolution process is launched asynchronously for the chosen service. 1Password for Android is given the service credentials, including the IP address and port, so that communication with the server can be established. The service name is stored in 1Password preferences and used for subsequent communication sessions. This allows service discovery during incremental sync to automatically stop when a service matching the one stored in preferences is found.

Next, 1Password proceeds with service resolution. If the connection is successful, the actual sync process is launched using the provided service IP address and port. If service discovery is unable to discover the service in two seconds, or if the resolution is invalid, you will be asked to ensure that 1Password is running on the computer you are trying to sync with, and the sync attempt is aborted.

The actual sync

1Password for Android Wi-Fi logo

The actual sync process is handled by a subclass of Android’s AsyncTask that establishes synchronous communication with the server using the WebSocket protocol. In order to establish a connection, this task first requires valid service credentials (address and port) and a reference to the database manager. Once connected with the service, communication proceeds according to a proprietary JSON-based command protocol which is itself based on the WebSocket protocol.

Once 1Password for Android is successfully authenticated by the server it receives an item/folder list. Next, a request is made for items from the list which have been updated on the server, and these are then decrypted and saved in the 1Password for Android internal database.

In order to decrypt these items, your Master Password is requested during initial sync. Although the communication secret is stored in 1Password preferences, it should be noted that your Master Password is never stored in the system preferences or in the database.

Once the initial sync is complete and an incremental sync has begun, you may notice some minor differences between syncing with 1Password for Mac and 1Password for Windows. These differences are the result of architectural differences between the two versions, namely that 1Password for Windows doesn’t rely on an internal database. This results in slightly faster syncing with 1Password for Windows and the need to enter your Master Password on each incremental sync.

When the Wi-Fi Sync server has transmitted all of its updated items to 1Password for Android, and it has transmitted all of its updated items back to the Wi-Fi Sync server, the communication session is terminated and the network socket is closed. Detailed sync results of the latest session are written to the Diagnostics Report, which you can generate from the Settings > Advanced screen and review at any time.

At present, Wi-Fi Sync is designed to work between one computer and one or more mobile devices. We do not recommend switching between multiple desktops when syncing using Wi-Fi. Note that the sync method cannot be changed once it has been selected. For example, if your initial sync uses Wi-Fi, you cannot later switch to Dropbox. Because 1Password for Android supports sync with only the primary vault at this time, it is not possible to switch to a different vault once the Wi-Fi Sync connection to the chosen server has been established.

The addition of Wi-Fi Sync to 1Password for Android furthers our goal of placing you in control of your data. In addition to local storage and sync with Dropbox, you now have a third option for syncing your vault from your Android devices to your other devices. We hope you enjoy using it and welcome your feedback in our beta forums.

DevBits header

Filling with 1Password for Android

1Password is all about bringing convenience to security. Of course, there are always challenges to overcome. On Android, one particular challenge we have been working on is how to make it both secure and convenient for you to use your login credentials. Until recently, your options for filling these credentials were limited to either using the 1Browser built into 1Password or using the clipboard to copy and paste.

While 1Browser helps you fill your login credentials into your favorite sites, it probably isn’t as fully featured as your favorite browser. 1Browser also isn’t much help when you want to use your login credentials to sign into an app. In these situations, you were previously limited to using copy and paste to get your login information out of 1Password and into that browser or app. Unfortunately, using the clipboard for this purpose is not at all convenient, and as we have mentioned before, not particularly secure.

Something better

When evaluating ways to provide a Login filling solution, we wanted to address the following concerns:

  • It needed to be more secure and more convenient than using the clipboard.
  • It needed to provide login filling for both third-party apps and browsers.

In order to make this happen, we needed to implement a service that could detect login fields when displayed in apps and browsers, and insert text directly into those fields. So, we split this functionality across two different services: the 1Password Automatic Filling service detects login fields and gives them focus when appropriate, while the 1Password Keyboard displays the interface for selecting the right Login and sends the credentials for that Login to the appropriate text fields.

Login detection

Twitter Login PageThe first step in filling your credentials is determining when there is a login form on screen that 1Password can fill into. To do this, we take advantage of the Accessibility APIs included in Android to get information about the elements displayed on screen in the form of an AccessibilityEvent.

Our implementation of the 1Password Automatic Filling service starts with this callback:

 public void onAccessibilityEvent(AccessibilityEvent event) {
 // Insert magic here

The onAccessibilityEvent callback is fired whenever a user interface event occurs for which we have registered. In our case, we are interested in events which indicate that the elements on the screen have changed. In particular, we register to receive typeViewFocused, typeWindowStateChanged, and typeWindowContentChanged events. By monitoring these events, we can keep an eye out for potential login screens or other opportunities for 1Password to fill.

When the callback is fired for one of these events, our next step is to see if we can identify login fields on the updated screen. We can determine which user interface elements are displayed on screen by invoking AccessibilityEvent.getRootInActiveWindow(). From the root AccessibilityNodeInfo object returned by this method, we can obtain information about all the user interface elements displayed in the active window. In particular, we look for arrangements of text fields matching the pattern for login entry. Once login fields have been identified, the 1Password Keyboard is notified that automatic filling is available. The keyboard is also passed the package name of the application or the URL of the website in which the login fields were detected.

Login selection

1Password keyboard Login sectionKeyboards on Android are built upon the InputMethodService APIs provided by the OS and, in this sense, the 1Password Keyboard is similar to other third-party keyboards. However, the benefit of creating a custom keyboard is that it can be tweaked to do a whole lot more than simple text entry. In the case of 1Password, our keyboard also allows you to view and select the Login items contained in your vault. When you tap the 1Password button on the keyboard, we expand the keyboard to full screen in order to display a list of relevant Logins.

If the 1Password Keyboard has been notified that automatic filling is available, it will look at the package name or URL provided by the 1Password Automatic Filling service and attempt to match it with the Logins contained in your vault. We display any matching Logins and offer the ability to browse for additional logins when appropriate. From here, you can tap on a Login to select it for filling.

Login filling

1Password keyboard filling completeOnce you have selected the appropriate Login for filling, the 1Password Keyboard exits fullscreen mode and once again shows the keyboard keys. You will now see two buttons displayed above the keyboard for filling the username and password corresponding to the selected Login. These buttons provide the ability to manually fill Login credentials in those instances when the 1Password Automatic Filling service isn’t enabled or when it doesn’t correctly identify the login fields in question.

However, when the 1Password Automatic Filling service is enabled and has detected the login fields, the 1Password Keyboard will do all of that work for you. The keyboard asks the 1Password Automatic Filling service to select the appropriate login fields by invoking:


Once each login field has been focused by the 1Password Automatic Filling service, the 1Password Keyboard is notified. It then inputs the username or password text directly into that field. Once this is done, all that is required of you is to tap the “Sign In” button.

Security and convenience

By combining the 1Password Keyboard with the 1Password Automatic Filling service, we are able to provide a filling solution that avoids use of the clipboard entirely and doesn’t rely on passing your credentials through a third party. Whether you use the 1Password Keyboard as your main keyboard or in addition to your favorite keyboard, securely filling Logins into apps and browsers is only a couple of taps away.

If you would like to read more about enabling the 1Password Keyboard and Automatic Filling service on your Android device, please see our helpful documentation.

1Password for Android header

Fingerprint unlock coming to 1Password for Android [Update: Sneak peek!]

A strong Master Password is critical to keeping your 1Password vault secure. It’s also not the easiest thing to type out on a mobile device. What if you had another way to unlock your vault, in addition to your master password? One that is both convenient and secure?

For some time now, we’ve been wanting to give you the ability to unlock 1Password for Android using your fingerprint. The challenge has been that there was no standard way for us to implement it that would work across a variety of devices made by different manufacturers. And so we waited, and you waited.

Now, our wait is over.

The Android M Developer Preview was just announced at Google I/O, Google’s annual developer conference going on right now in San Francisco. For us, one of the most exciting new features is the standardized fingerprint support that is coming to the Android platform. This means that we have some awesome news for you:

We will be adding support for fingerprint unlock to 1Password for Android when Android M launches later this year!

Fingerprint unlock (1Password for Android)

We don’t usually talk about upcoming features, but we were just too excited about this one to keep it a secret.

As we get closer to the launch of Android M, we will need your help to beta test fingerprint unlock. If you’d like to be among the first to try it out, we invite you to join our beta team. We will share more information in time; for now, we hope you are as excited about this new development as we are!

Update: We had the privilege of being demoed at Google I/O today! If you happened to be in the audience, we’d love to hear what you thought of the demo. And if you weren’t, we’re happy to be able to show you a very, very quick sneak peek. Here’s what it might be like to access your 1Password vault using fingerprint unlock.

because we love you sale, feature image

The Because We Love You Sale

UPDATE: The Because We Love You Sale will be ending the evening of May 27, 2015.

Everything we do here at AgileBits is with you in our hearts & minds: whether it’s sharing tips & tricks to enhance your security, squashing bugs & implementing exciting new features, or answering your questions in our Support Forums, our focus is always on you.  And every once in a while we like to go all out and show how much we appreciate you by having a good old-fashioned sale.

We usually like to focus a sale around a holiday or a release from a certain California-based fruit company, but today we were searching for another reason to celebrate. So we gathered our crack marketing team around the MacBook and started brainstorming ideas:

  • Dinosaurs are awesome! Okay, maybe we’re just really excited for that new prehistoric blockbuster that’s coming soon to a theater near you.
  • Someone on the team had a birthday! It’s true, there’ve been a number of May birthdays here at AgileBits, but we’ve already overdosed on sugary frosting.
  • Baseball’s back! But really, we just wanted to sing “Take me out to the ballgame.”
  • Spring is here?  It’s been done a billion times before.  Boring.
  • We love you! Oh, there it is. What better reason do we need than just to simply say…

we love you. And to show how much we care, we’re knocking 30% off 1Password across the board on Mac, Windows, iOS, and Android.

While our love for you will last forever, this sale won’t. So if you or someone you love has been holding off on buying 1Password, now is the time to say, “I love you, too.”

You can pick up a Mac/Windows bundle (or grab them separately) on our AgileBits Store. 1Password for Mac is also available on the Mac App Store. And 1Password for iOS is on the iOS App Store, and 1Password for Android on Google Play.

1Password for Android header

1Password 4.2 for Android: It’s Out of this World

It’s not often in the life of an application that one gets the opportunity to draw inspiration from one of the greatest and most hilarious sci-fi stories of all time. Today, we are incredibly honoured and excited to present 1Password 4.2 for Android. With a custom keyboard; automatic filling in web browsers and third-party apps; and built-in support for viewing time-based, one-time passwords (TOTPs); our newest version of 1Password for Android promises to be approximately 420% more useful than a towel. Read more

1P4 Android bot

Avoiding the clipboard with 1Password and Lollipop

Copy & Paste clipboards (or “pasteboards” as they are called on Mac and iOS) can be dangerous places for secrets if you have malicious software running on your device. On most operating systems – mobile and desktop alike – most running applications can read from the system clipboard. When you copy a secret to the system clipboard, a malicious process may be able to read and steal that secret.

This, by the way, is not news, but it is good that it has made the news. It helps people be aware of clipboard usage, and it gives me the opportunity to talk a bit about what we have been doing over the years about this.

We have always worked to reduce how much people need to depend on system clipboards when using 1Password. The details differ from system to system, and each operating environment gives us different ways to help reduce clipboard use. On the Mac and Windows PCs we have the 1Password Browser Extensions communicate with 1Password so that web form filling can avoid the clipboard. 1Password for Windows also uses auto-type to reduce clipboard activity. 1Password 5 on iOS offers 1Browser and integration with other apps through App Extensions

1Password Android browserBut today I will reveal a few things that our 1Password for Android beta testers know.

Aside: Before I get to that discussion, I should point out (as I often do), that the single best defense against a malicious program running on your machine or device is to keep your systems up to date with all software and system updates. It is also important to be careful in what you install on your system. 1Password can offer some significant defenses against malware on your system, but you have to help keep your systems free of malware.

1Password 4 for Android already has a simple built-in browser. This allows you to go directly from your Login item in 1Password to the web page, filling the data without the clipboard. Our iOS users are already familiar with 1Browser, and this is shaping up on Android.

Lollipop provides clipboardless sweetness

Of course, web pages aren’t the only thing that people need to fill passwords into, and sometimes people may wish to use something other than the browser built in to 1Password. In the current Beta release of 1Password for Android, we used the latest security and accessibility features in Android 5 (Lollipop) to allow 1Password to fill into other apps without making use of the clipboard.

Starting with Lollipop, we have a way to fill password data into other apps without using the clipboard. Perhaps it would be best to just quote what Nik, our Happiness Engineer, had to say in the beta newsletter just a couple of weeks ago:

Wondering why app and browser filling requires OS 5.0? Me too! So I asked our developers. It turns out that the only way for us to do this in earlier versions of Android OS was to use copy/paste accessibility APIs, meaning that any clipboard manager or malicious app could listen to clipboard events and collect login credentials as they were filled.

In Lollipop, 1Password can fill your information directly, without using the clipboard. Therefore, it isn’t possible for a third party to obtain your passwords by snooping on what 1Password’s doing.

Prior to Lollipop, it would be possible to get this kind of app-filling, but it would have relied on the clipboard under the hood. Because using the clipboard involves known risks, we feel that we should make it clear when copy/paste is being used and minimize it’s use wherever possible. As a result, we decided to focus on a Lollipop-only implementation of our filling feature

If you have an Android device with Lollipop installed and would like a sneak peek, I invite you to sign up for our Android beta.

Clipboards may always be with us

As you can see, we are working to reduce dependency on system clipboards when using 1Password. This is an on-going process. Browser integration on the desktops was something we started with back when the very first versions of 1Password was released for the Mac nearly eight years ago. Later, we introduced our own browser into 1Password for iOS, and much more recently encouraged 1Password integration for other iOS 8 apps using App Extensions. Along the way, we introduced auto-type in 1Password for Windows and a web browser into 1Password for Android. As you’ve learned here, we have in-app filling in our Android Beta, making use of the latest features of Android 5.0, Lollipop.

But while we are progressively reducing the need for copy and paste to a system clipboard, we are a long way from eliminating the need to use these. This is why I must repeat my advice to keep your system free of malicious software.

What I would like to see is a clipboard that could only be read when the user explicitly chooses to paste. This is something that has been suggested a number of times before, but has not be implemented on the most popular operating systems. I suspect that there is a reason for that, but if you know, I eagerly await your insights in the comments.


1P4 Android bot

1Password 4.1 for Android brings new features and new freemium pricing!

1P4 Android bot 230Since the release of the all-new 1Password 4 for Android, we’ve been thrilled with your feedback and our developers immediately got to work on our first free update. Now we’re back with version 4.1 (rolling out through Google’s servers as you read this!), which packs some powerful new features and our brand new freemium pricing so everyone can get secure, convenient security!

Features and Fun

1Password 4.1 for Android includes some big improvements:

  • Create your 1Password datafile right within the app – You no longer need an existing agilekeychain file to enable sync
  • Stay secure, whether you pronounce it asegurar, sichern, garantir or обеспечить. Version 4.1 has localizations for 17 languages – including Spanish, German, Portugese and Russian
  • Freemium pricing – 1Password 4 for Android is now free for anyone to try with premium features unlockable via a one-time, in-app purchase. Read on for details!
  • Full release notes with all the features, improvements and fixes are available via the Settings pane within the app

Experience the freedom of choice with Freemium

Do you just need quick access to a password on the go? Or are you a mobile security ninja adding passwords and organizing your data in exotic locations on your Android phone or tablet?

Either way, our new freemium pricing in 1Password 4.1 for Android has you covered. You can now get 1Password 4 for free in the Google Play Store, and everyone can try all premium features for 30 days.

1Password 4 for Android, the Reader version

As a free app, 1Password 4 for Android can:

  • View all items in the vault
  • Delete items from the vault
  • Browse your favourite sites with 1Password’s built-in web view
  • Access all options in Settings (including PIN code and Rich Icons)
  • Configure sync with Dropbox or Folder Sync – both to an existing vault created with one of our other editions or by creating a brand-new vault
  • A whole lot more!

1Password 4 for Android, the premium version

The paid edition unlocks the full power of 1Password for Android, right in your pocket:

  • Create and add an unlimited number of new items
  • Modify existing items
  • Organize items into Folders
  • Mark (and unmark) items as Favourites for quick access… or ‘Favorites’ for our friends south of the border

All 1Password 4 premium features are available for a single in-app purchase of $9.99 and will apply to all devices using the same Google Play Store account.

Did someone say “Sale!”? [Update: The sale is now over, thanks!]

You may have noticed that 1Password 4 for Mac, 1Password 4 for Windows and 1Password 4 for iOS are currently on sale, so we certainly couldn’t leave 1Password 4 for Android out of the fun!

For a limited time, you can unlock the premium features of 1Password for only $7.99 – a 20% discount! We do mean limited time, though, so snag those premium features, keep your 1Password data organized, and get simple, convenient security at an incredible price!

1P4 Android bot

1Password 4.1 for Android is coming, we extended the freemium date and have a price!

1Pa premium featuresOver the past six weeks, we’ve seen a tremendous response to the all-new 1Password 4 for Android and our free trial experiment. Our team has been hard at work on a number of updates and great new features, and today we’re happy to say that v4.1 is coming soon, we extended the trial date, and we can now announce a price!

v4.1 for Android

Coming soon, 1Password 4.1 for Android will allow new users to create their first vault right on the device, no existing sync or vault required.

We added localizations for German, Spanish, Portuguese (European and Brazilian), Romanian, Russian, and Swedish. We are also finishing up translations into Chinese, Japanese, French, and Italian. Finally, we added some fixes and improvements that lay the groundwork for goodies that are on their way.

Free trial deadline extended, and a price!

Since our experiment is going so well, we extended the final day through Monday, August 18. Now everyone can have a few more weeks to check out 1Password 4 for Android and all its security awesomesauce.

On Tuesday, August 19, our Android version will switch to a freemium model. You can download it for free and use it as a 1Password reader, a great sync companion with 1Password for Mac or Windows, so you can take all your items on the go. To unlock all editing, organizing, and creating features, make a one-time, in-app purchase of just $9.99 USD to get the full power of 1Password right in your hands.

But wait there’s more

Since we’re just that excited about 1Password 4 for Android, we’ll start this off on August 19 with a $7.99 USD Awesome Android Launch Sale! This 20-percent-off sale will run for just two weeks, so when the sale starts mid-August, move fast.

To make sure you don’t miss it and stay in touch with us, be sure to follow 1Password on Twitter and Facebook!