1Password update for iOS featured image

1Password 6.4 for iOS: The 1-Up Edition

Our hero, 1Password, is on a quest to bring convenience to the land of Secura. After conquering Worlds 6.1, 6.2, and 6.3, it is time for the hero to check their inventory and equip themselves for World 6.4.

Reboot-Resistant Touch ID

Use the fingerprint button to trigger Touch ID

Previously, the inhabitants of the land of Secura would need to re-type the magical Master Password incantation every time they restarted their device. No more! The newly enchanted Touch ID has +10 Reboot-Resistance. After restarting the device a Touch ID restore button will appear near the Master Password field.

If you prefer the previous Master Password requirement, you can restore it by tapping Settings > Advanced > Security > Require Master Password.

Teleport Data With the New Importer

1Password 6.4 for iOS importer
It is easier than ever to bring your data with you from another realm. Much like stepping through a warp portal, the new Importer makes your move from 1Password 3 to 1Password 6 super simple.

In addition to moving easily from one version to another, check out Settings > Advanced > Import Vaults to import both 1Password 3 backup files and 1Password Interchange Files (1pif).

Family-Friendly First-Run Setup

The first-run experience is now rated FT for Families and Teams. During setup, you can sign in with your 1Password account (Families or Teams) straight away. If you exclusively use a 1Password account, setting up the app for the first time will no longer create an empty Primary vault.

Bonus Round

Even more awaits you on your quest for convenient security, such as improved credit card and identity filling, setting a vault name when adding a secondary vault from Dropbox, and much more. Read the full release notes for all the details.

We’d love to hear the tales of your adventures in Secura in the comments below, or over in our discussion forums!

Now that you’ve reviewed your inventory, it’s time to continue on your quest by updating to 1Password 6.4 from the App Store!

🔑INSERT KEY TO CONTINUE🔑

OPI World 6-4

1Password for iOS update featured image

1Password 6.3 for iOS: The Time-Saving Edition

I can’t believe it’s already March and Daylight Saving Time is almost upon us again! For many of us, this means a slightly darker morning commute, but also more daylight to play in at night. Whether you’re eagerly anticipating the clocks springing forward or already rueing the change, today’s update to 1Password for iOS will make things just a bit brighter for you. Besides, the new improvements will save you so much time, you won’t even miss that hour. :)

Choose a favorite (vault, that is)

Between work, my family, and my podcasting passion, there’s a lot of information I want to securely share with other people. 1Password for Teams and 1Password Families have made this so simple for me, but now I have a lot of vaults! When I use 1Password on my phone, I’m generally filling in a credit card number or logging in to an app, so I almost always want to find items in my personal vault.

Now I can instruct 1Password to always open my personal vault at launch. To specify which vault you’d like 1Password to show when you launch the app, go to the Settings screen, then tap Vaults > Always Open To.

Shine a Spotlight on it

I often use Spotlight to find apps and launch them, and I love that I can also use it to find items in 1Password. If you’re like me, you’ll enjoy the tweaks we made to speed up Spotlight search. We also taught it how to read accented characters better, so typing “creme brulee” will now find your amazing Secure Note all about crème brûlée.

1Password 6.3 for iOS: Spotlight

Follow your ears

In this digital age, it’s important for everyone to use a good password manager. That’s why we put a lot of time into making sure VoiceOver support works well with some of our newfangled features. We paid special attention to the vault picker and QR codes used in 1Password for Teams and Families.

And more

I’ve hit some of the highlights here, but this update features even more improvements. If you’d like to read all of the juicy details, check out our full release notes!

I’d love to hear what you think of today’s 1Password update. Please share your thoughts in the comments or start a conversation with us in our discussion forums.

App Spotlight: Evernote featured image

App Spotlight: 1Password + Evernote = ❤

Evernote is a big part of my daily workflow. I use it every day and for almost everything: from taking notes while on a call to recording the steps I took to reproduce a bug I am tracking. Just like 1Password, Evernote has its spot on my iPhone home screen. I use it all the time and it lets me be 100% paper-free.

As a developer, I restore my iPhone more than the average user, so 1Password integration has become a deciding factor when adding new apps to my workflow. Now that I can log in to Evernote for iOS using the 1Password Extension, restoring my devices will be so much easier!

App Spotlight: Evernote - Sign In

If you don’t have an Evernote account yet, creating one is easier than ever now that the registration page supports 1Password. 1Password can generate a strong, unique password for you and save it automatically. Best of all, by using Password Recipes, 1Password can ensure the generated password meets Evernote’s password requirements.

Password Recipes

Sometimes, I go to a website and try to create an account, but they don’t accept my password. They have particular rules to follow, things like maximum length, disallowing specific symbols, etc. When they don’t tell me those rules up front, I have to keep trying passwords until I find one that works.

To make sure this doesn’t happen to you when creating your Evernote account, the Evernote team is making use of an awesome 1Password feature called Password Recipes. When asked to generate a new password, Evernote passes 1Password the details of what they need and 1Password makes sure the generated password matches the requirements. Perfect passwords, every time! No muss, no fuss, no frustration. I’m so happy that Evernote has implemented this feature, making sign-up even more simple for all of their customers.

Two-step verification

Right before I published this post, I found out that Evernote has implemented our extension’s TOTP feature, and I’m so excited to tell you about it!

In this day and age, it’s important to keep my accounts as secure as possible, so I was really happy when Evernote announced that two-step verification is available to all Evernote users. I enabled it immediately. Until now, I’ve had to switch back to 1Password to copy my one-time password and quickly switch back to Evernote to paste it before it expires! It’s very stressful. Now that Evernote supports the time-based one-time password (TOTP) feature of the 1Password extension, I don’t have to worry about it anymore. This is probably my favourite thing. Thanks, Evernote!

Just check out how great this is. After filling my email address and password, 1Password automatically enters the one-time password. So easy!

App Spotlight: Evernote - TOTP

Easy as pie

When Mike Greiner told me that he added the 1Password integration to Evernote I was jumping all over the place. Since developing the app extension is what I do here at AgileBits, I wanted to hear how the implementation went.

Here’s what Chuck Pletcher (Evernote iOS Product Manager) said about the experience:

AgileBits gave us a simple, well-documented API to add this powerful feature. The developer who worked on this project, Mike Greiner, budgeted about half a week for this project, but he had it completed before lunch the first day. It took longer to make a demo video than it took to build the integration.

I’m excited to be able to add Evernote to the list of Apps that love 1Password. We’re so happy to tell you that you can upgrade Evernote today to experience the 1Password integration. If you haven’t checked it out yet, today is the best day to start! 😉

Visit the Evernote website to download Evernote today.

We couldn’t make 1Password the awesome app that it is today without feedback from users like you. The same is true for every app out there: developers can make better apps if they know what users want. After experiencing 1Password support in Evernote, you’ll want it in all your favourite apps. Reach out to the developers and send them to our Developer Outreach page, so they can discover for themselves just how quickly and easily they can add 1Password support to their apps.

Security header

More Watchtower, still no watching

1Password WatchtowerThere are some great new features in the 1Password for iOS 6.2 update that hit the App Store last week. One of them is that we’ve added Watchtower (a feature that has been available on Mac and Windows for some time now) to 1Password for iOS.

Watchtower warns you if a site or service has been compromised in a way that would make it a good idea for you to change your password for that site. Watchtower in 1Password looks at the most recent time a password change was recommended for a site and it looks at the time that your password for an item was last modified. If, like Molly (one of my dogs), you haven’t updated your Adobe password since the 2014 breach, you might see something like this:

Watchtower warning in 1Password on iPhone

Molly hasn’t changed her Adobe password since the breach a couple of years back

Preserving your privacy

I want to talk about a far less visible feature of Watchtower: We’ve added Watchtower support in a way that still preserves your privacy. We don’t want to know what sites and services you have in your 1Password vaults, so when 1Password checks to see if one of your Logins is listed in Watchtower, it does not make a query to our servers asking about it.

Enable Watchtower in iOS

Turning on Watchtower in iOS. “Your website information is never transmitted to the 1Password Watchtower service.”

Querying Watchtower without querying you

Our Watchtower people are continually watching reports of site breaches and updating our database of such sites regularly. This is how 1Password knows that a password change is recommended for some site.

The “obvious” way for 1Password on your computer (and now iOS device) to alert you, would be to go through your 1Password items and ask our database on some server about the status of those items. The problem with this “obvious” way of doing things is that it means that any server your copy of 1Password queries would then be able to know your IP address and what sites you have in your 1Password data.

If 1Password on some device were to ask our server, “Do you have Watchtower information about ISecretlyHateStarWars.org?” then our server will know that someone at your Internet address may have a very nasty secret. You certainly wouldn’t like us to know such things about you, and we don’t want to know such things either.

The road less travelled

So we don’t do things the obvious way. Instead, we send the same stripped down version of our Watchtower database to everyone who turns on the feature. You have a local copy of the Watchtower data on your device, and 1Password just checks against that copy of the local data. All we can know (if we chose to log such information) is which IP addresses have enabled Watchtower. We are never in a position to know what sites you have in your 1Password data.

Baked-in privacy

It may take a bit of extra work from us to design Watchtower in a way that preserves your privacy, but we think it is worth it.

Your privacy must be protected by more than mere policy (a set of rules we make on how we behave with respect to data about you); instead, we aim to bake privacy protection into the very structure of what we build. We design 1Password in a way that would make it hard for us to violate your privacy.

You can read more about this approach to privacy in our support article, Private by Design.

1Password for iOS update featured image

1Password 6.2 for iOS: The Resolution Edition

It’s hard to believe that another year is upon us! Whether you bid adieu to 2015 with enthusiasm or reluctance, we hope 2016 will be a wonderful year for you. We’ve spent some time reflecting on the old year and planning for the new, always with one goal in mind: improving your life by making security as easy and enjoyable as we can. With that at heart, we present our latest release: 1Password 6.2 for iOS.

Resolve to Search Smarter

You’re going to be delighted with the improvements we’ve made to Search! One of the first things you’ll notice is that you can now search from the Favorites and Organize tabs, in addition to the Categories tab.

If you want to speed things up and know the title of the item you’re looking for, make sure Search Titles is highlighted. If you need to look through all of your fields, start your search and tap on Search Everything. You can also clear what you’ve typed into the field or cancel your search altogether with a single tap.

1Password 6.2 for iOS: Search

Resolve to Stay Informed

I’m excited to tell you that Watchtower is now available in 1Password 6.2 for iOS! 1Password for Mac users will recognize this service, which monitors the latest security vulnerabilities from around the web and alerts you when your own accounts might need attention. To start using Watchtower, go to Settings > Security and tap the switch. If an item has a potential vulnerability, you’ll see it in the item’s details view.

1Password 6.2 for iOS: Watchtower

Resolve to Stay Organized

If you’re a 1Password for Teams customer or like to keep your items organized in more than one vault, you’ll love this one. Today’s release enables you to move or copy items across vaults! All you need to do is view the item’s details and tap Move and Copy button at the bottom. Then, select the vault to which you’d like to move or copy the item. Easy peasy!

Resolve to Work at Peak Peek Efficiency

This one’s for you lucky ducks with an iPhone 6s or iPhone 6s Plus. We proudly present: Peek and Pop, in glorious 3D (Touch)! Give the 1Password icon on your home screen a hard press to bring up the Quick Action Menu to add a new item, view your favorites, or bring up search in 1Password.

If you want quickly look at an item, find it as you normally would. Instead of tapping on it, give it a light 3D Touch to take a Peek, then press a little harder to Pop into its details view. Or, Peek at an item, then swipe up to to copy a field or open a login in 1Browser.

1Password 6.2 for iOS: Preview and Copy

We paid attention to a lot of little details to help you start your new year right, from updating our translations to tweaking our in-app icons; we’ve even added the Strong Password Generator to the PIN field of Credit Card items to make it easier to generate PIN codes! To find out what other goodies are waiting for you, check out our release notes.

1Password 6.2 for iOS is available now, and it’s a free update for all existing owners. Head to the Updates tab of the App Store to update to the latest version now! Have feedback? We’d love to hear from you. Add a comment here, check out our discussion forums, or start a conversation with us on Twitter or Facebook.

1Password for iOS header

iOS 9.2 adds 1Password to many new apps

During WWDC this year, Apple announced SFSafariViewController. This was really exciting news for us. Just imagine: if a third-party app used Safari as its in-app browser, that would mean that 1Password could fill Logins automatically without developers doing any extra work!

SFSafariViewController was introduced to everyone in iOS 9. Immediately, we began receiving reports from customers about 1Password disappearing from their favourite apps! It turns out that the JavaScript we were using couldn’t be executed in SFSafariViewController. We did some work on our end to address this issue and also reported it to Apple. Then, we waited.

Patience is a virtue

A Very Rad Holiday

One day in late October, while I was on vacation in a place where Internet access was scarce, Slack exploded with mentions from my colleagues about 1Password automatically working in many new apps when using the new iOS 9.2 beta. There I was, with an Internet connection barely good enough to check my email, and with no way to download the new iOS and Xcode beta goodies. All I could do was wait. And wait. And wait. It was the first time I ever wished that my vacation would end sooner!

Yay! Thank you, Apple!

Finally I returned home and was able to verify the amazing news: the 1Password App Extension API will simply appear in all Safari View Controllers in any app! After spending weeks working on this, I was ready to buy everyone at Apple a beer.

Let’s have a look at how this actually works. In the following example, you can see how easy it is to use 1Password to add your account to Tweetbot, one of the most popular Twitter clients.

What’s even more awesome is that Paul (the developer of Tweetbot) didn’t need to do anything to enable this feature. It just works! If you are an app developer, users of your app simply have to make sure that the 1Password App Extension is enabled.

To enable 1Password in apps, simply set up 1Password. It will then appear as an option on the share sheet, where it can be toggled on and rearranged. For illustrated, step-by-step instructions, please see our user guide.

1Password ❤ App Developers

The 1Password App Extension offers iOS app developers the opportunity to provide a simple and secure login experience. If your favourite iOS app prompts you to log in and doesn’t display the 1Password icon, reach out to the developer and direct them to our Dev Outreach page. They’ll be amazed by how easy it is to integrate 1Password into their app.

If you’re a developer and have already added the 1Password app extension to your iOS app, thank you; you’re awesome! Please don’t forget to submit your app to our Apps ❤ 1Password directory.

1Password developer newsletter

iOS app developers are invited to subscribe to our 1Password App Extension Developers newsletter. We’ll send you an occasional newsletter containing 1Password App Extension news, updates, and tricks, to help you realize the full potential of the 1Password Extension API in your iOS apps.

If you have any questions, you can comment on our GitHub project or email support+appex@agilebits.com. I look forward to talking to you!

1Password for iOS header

1Password 6.1 for iOS: The Unity Edition

It’s been an incredibly exciting week for us. We finally shared a secret project that we’ve been working on for ages! But that’s not all we’ve been doing. Our developers have been burning the candle at both ends to ensure that the 1Password apps you know and love continue to be awesome and powerful.

Today we’ve got a great update to 1Password for iOS for you. Version 6.1 not only integrates Teams features into the app, but adds a handy All Vaults view and all sorts of polish.

You get a Team, and you get a Team…
Everyone gets a Team!

1Password for Teams in iOS: Add a new account

1Password 6.1 for iOS is our first official release with support for 1Password for Teams. Once you’ve signed up and created your team on the 1Password for Teams website, you’ll be able to pop over to the Settings tab in 1Password for iOS and add your team right to the app by using the handy QR code found on your team’s Get the Apps page.

Any vaults you add to your team will show up automatically on your iOS device (and will get added to the awesome new All Vaults view – more on that later!) Best of all, you can still use the same one password you’ve been using all along to unlock 1Password for iOS – no muss, no fuss.

As an added bonus, activating your 1Password for Teams account unlocks the Pro Features in 1Password, just for you!

Unify your life with All Vaults

1Password 6.1 for iOS: All Vaults

You already know how easy it is to share you items by using multiple vaults. 1Password for Teams makes it even easier, which for us has resulted in a number of additional vaults. While this feature is fantastic for organizing our items, it does present a challenge: Where did I save that one item? Hopping around between vaults isn’t the most fun we could be having, so we decided to do something about it: we built an All Vaults view.

The shiny new All Vaults view enables you to see all of your items, no matter which vault they’re stored in. But wait!, you say. I don’t want to see all my vaults at once!, you say. No worries, we’ve got you covered. The Settings screen now has a vault selector to let you easily choose which vaults should be included in the All Vaults view. Careful now, toggling those switches is pretty addictive! =)

Bessere Leistung! (Better performance)

Not only have we improved our translations, but we’ve also sent 1Password to the gym to handle those bigger vaults with grace and ease. There are a lot of other great refinements, as well; see our release notes for the full details.

1Password 6.1 for iOS is available now as a free update for all existing owners. Head to the Updates tab of the App Store to update to the latest version now! Got feedback? We’d love to hear from you. Add a comment here, check out our discussion forums, or visit us on Twitter or Facebook.

Shield Security header

When a Leak Isn’t a Leak

Over the weekend Dale Myers wrote a blog post that examined our .agilekeychain format. The post featured a good discussion and analysis of our older data format, but it raised some questions among 1Password users and the wider technology community.

Dale states that he plans to continue using 1Password and has no concerns over the safety of his passwords themselves, but his main concern was how the AgileKeychain handles item URLs. While we widely documented this design decision and shared it publicly, Dale was surprised to find out that we didn’t encrypt URLs within the keychain. We want to reassure users that rely on AgileKeychain that their password data is safe and secure, and take the time to walk through our data formats to explain the issue completely.

AgileKeychain & OPVault Data Formats

Back in 2008, we introduced the AgileKeychain as a way to help our users better synchronize data across platforms and devices. At this time, 1Password had significantly less processing power to draw from for tasks like decryption, and doing something as simple as a login search would cause massive performance issues and battery drain for our users. Given the constraints that we faced at the time, we decided not to encrypt item URLs and Titles (which resembled the same sorts of information that could be found in browser bookmarks).

In December 2012, we introduced a new format that encrypted much more of the metadata. OPVault, our newer and stronger data format, provided authenticated encryption as well as many other improvements for 1Password users.

This format worked well in situations where we didn’t need to worry about backwards compatibility, including iCloud and local storage on iOS and Mac. For Windows, Android, and Dropbox syncing, however, we needed to decide if we should migrate to the new format or provide compatibility with older versions of 1Password.

We decided to take a conservative approach and not automatically migrate everyone over to OPVault because many users depend upon older versions of 1Password and they wouldn’t be able to log into their accounts. We knew we could trust the security of the AgileKeychain to protect confidential user data so we didn’t want to rush into something that would disrupt people’s workflows.

Switching to OPVault

Despite the security of AgileKeychain remaining intact, Dale reminded us that its time to move on. The OPVault format is really great in so many ways and we should start sharing it with as many users as possible.

We’ve already started making changes to use OPVault as the default format. In fact, the latest beta of 1Password for Windows does this already. Similar changes are coming to Mac and iOS soon, and we’re planning on using the new format in Android in the future. Once all of these things are complete, we will add an automatic migration for all 1Password users. For users who would like to switch to OPVault sooner than this, here’s how you can get started immediately:

To avoid losing access to your data, be sure to back up your 1Password data beforehand, and only follow these instructions if you are NOT using any legacy versions of 1Password. If you have any questions or concerns, or would like to migrate but aren’t sure if your version of 1Password is affected, our knowledgebase, forums and support team are here to help.

DevBits header

1Password App Extension API and time-based, one-time passwords

The App Extension API was released as a companion to 1Password 5 for iOS last year. Now that 1Password 6 is out, I’m sure some of you are curious to learn about what’s new in the API. To celebrate the App Extension API’s first anniversary, I’d like to tell you about one of its best-kept secrets: Time-based, One-time Passwords (TOTPs).

TOTP + 1Password extension = 🔐

Did you know that our App Extension API supports one-time passwords? In fact, it’s been there since version 1.5 of the API. If you haven’t already, I recommend that you upgrade to the latest version, 1.6.1. Not only can your users fill their usernames and passwords in your app with a few simple taps, their one-time passwords can be filled just as easily.

Best of all, it’s an absolute cinch to implement: simply check whether the one-time password exists in the login dictionary from findLoginsForURLString:

@IBAction func findLoginFrom1Password(sender:AnyObject) -> Void {
        OnePasswordExtension.sharedExtension().findLoginForURLString("https://www.acme.com", forViewController: self, sender: sender, completion: { (loginDictionary, error) -> Void in
            
            // Fill the username and password into the fields
            self.usernameTextField.text = loginDictionary?[AppExtensionUsernameKey] as? String
            self.passwordTextField.text = loginDictionary?[AppExtensionPasswordKey] as? String

            // Check if the user has a One-Time Password for the selected 1Password Login
            if let generatedOneTimePassword = loginDictionary?[AppExtensionTOTPKey] as? String {
                self.oneTimePasswordTextField.text = generatedOneTimePassword

                // Important: It is recommended that you submit the TOTP to your validation server as soon as you receive it, otherwise it may expire.
                self.submitRightNow()
            }
        })
    }

That’s all it takes to make your users’ lives much simpler.

1Password ❤ App Developers

If you have already added the 1Password app extension to your iOS app, thank you; you’re awesome! This new functionality gives you the ability to make security even more convenient for your users, and I can’t wait to see how you use it. Please don’t forget to submit your app to our Apps ❤ 1Password directory.

A newsletter just for you

You can also subscribe to our 1Password App Extension Developers newsletter. We’ll send you an occasional newsletter containing 1Password App Extension news, updates, and tricks, to help you realize the full potential of the 1Password Extension API in your iOS apps.

If you have any questions, you can comment on our GitHub project or email support+appex@agilebits.com. I look forward to talking to you!

1Password tips

Quick Tip: iOS 9 Spotlight search and 1Password

Some of the geekiest arguments I’ve ever heard have been over the way people organize apps on their iPhones and iPads. I keep my most heavily used apps on my main screen, then shove almost everything else into folders on my other screens.

The reason I can do this is because of the wonders of Spotlight search. It’s easy for me to search for and launch the app I want to use, so I don’t have to spend my mental energy trying to remember where I’ve put things.

Apple opened up Spotlight to third-party developers like us in iOS 9. My searches are now supercharged! I’ve gotta say, I love being able to find my 1Password items right from my iPhone’s home screen. I enabled Spotlight search in 1Password by going to Settings > General > Enable Spotlight Search. Now I can just pull down, type in part of the item’s title, then tap on its name in the search results. 1Password opens right to that item.

iOS 9 Spotlight search

You might have questions about the new Spotlight search and how it works with 1Password, so I put together some answers for you. If your question isn’t addressed, please let me know; I’ll be sure to update it in response to your feedback.

I’m also curious: what are your favorite iOS 9 features? Let me know in the comments!