Everything you need to know about 1Password and XcodeGhost

Over the past few days, security researchers from Palo Alto Networks discovered that 39 apps infected with malware found their way into the Apple App Store in China. Since the news broke, the malicious apps have been pulled from the App Store— and we’ve had a few questions about what this might mean for 1Password and password managers in general. To put your mind (and your passwords!) at ease, we’re answering some of the most common questions and concerns that iOS users have had about malware, compromised apps, and the security of 1Password.

So wait… what happened? How did this get in the App Store?

It’s kind of a long story, but we’ll make it short. In software development, there are many, many tools that can be used to build an app, and iOS developers rely on a compiler called Xcode as part of that process. A compromised version of that compiler made its way to the web in China, and was downloaded from an untrusted source. In this case, all apps built using the malicious compiler, XcodeGhost, were modified to sneak malicious code into the App Store. Though Apple works to review and screen apps for malware before they reach the App Store, in this case Apple confirmed that the attackers were able to make it through the review process without raising any red flags.

What does this malware do?

In general, most malware is designed to capture personal information and/or user credentials, and send them back home to the attacker who compromised your device. While XcodeGhost does not directly affect the 1Password application, it indirectly affects those who use the application through your device’s clipboard. In a post outlining the malware’s capabilities, senior malware researcher Claud Xaio noted that this particular strain could:

  • Prompt a fake alert dialog to phish user credentials
  • Hijack opening specific URLs based on their scheme, which could allow for exploitation of vulnerabilities in the iOS system or other iOS apps
  • Read and write data in the user’s clipboard, which could be used to read the user’s password if that password is copied from a password management tool.

Additionally, according to one developer’s report, XcodeGhost has already launched phishing attacks to prompt a dialog asking victims to input their iCloud passwords.

Should I be worried? Does this affect me?

There are a few very specific factors that determine whether your device is at risk, but overall, this vulnerability is a rare occurrence for the App Store.

  • At present, this issue mostly affects devices using the Chinese App Store, though researchers have found compromised apps in the Canadian App Store as well.
  • The malware is only in applications built using a compromised code compiler. A list of affected apps can be found on the Palo Alto Networks blog, but security researchers believe that as many as 344 apps may be vulnerable to the attack.

Will 1Password protect my data if an app on my iPhone or iPad has been infected by XcodeGhost?

We have designed 1Password with your privacy in mind at all times. We use strong, reliable encryption and take many, many measures to make our application breach-resistant. Combined, the many layers of security we’ve implemented work together to secure your passwords and protect your most sensitive data— but if your device has been compromised, there’s almost nothing that 1Password can do to defend it. As previously stated in a post on malware by Jeffrey Goldberg, our Chief Defender Against the Dark Arts:

I have said it before, and I’ll say it again: 1Password […] cannot provide complete protection against a compromised operating system. There is a saying […] “Once an attacker has broken into your computer […], it is no longer your computer.” So in principle, there is nothing that 1Password can do to protect you if your computer is compromised.

Eek! My phone is infected with this— what should I do?!

First (and most importantly): don’t panic! There are a few simple things you can do to to return things to normal. If you’re positive that you’re using an app that was affected, here’s what you can do immediately to protect your data:

  1. Delete the compromised app(s) from your phone. If you are uncertain about whether an app has been compromised, it’s okay to delete it out of an abundance of caution.
  2. Change any passwords that you think may have been compromised through your device’s clipboard. Any passwords that you may have accessed through the 1Password extension are safe from this strain of malware, and do not need to be changed.
  3. Avoid redownloading or reinstalling any of the compromised apps until they have been updated. When an update has been released, be sure to download it from a trusted source once the developer has officially confirmed that a new, secure version is ready for you to use. If you’re uncertain of this, you can visit the developer’s site or check with their support team for help.

The XcodeGhost vulnerability doesn’t directly affect 1Password— we have not used the malicious version of Xcode, and the malware it injects into applications was not designed to directly compromise or target our application. Though the malware in compromised apps on any platform has the potential to put any user’s credentials at risk, especially when it can access a device’s clipboard, all technology users benefit from the work security researchers do to find vulnerabilities like this.

If you’ve made it this far down the post and still have questions or concerns, please leave a comment here or start a conversation with us in our discussion forums. You can also reach out to us on Facebook and Twitter.

1Password for iOS header

1Password 6 for iOS: The Extreme Makeover Edition is here!

We all have a ton of passwords and important information to keep track of, and 1Password is the best place to keep it all safe and sound. Whether it’s your passwords, passport number, or credit card information, 1Password makes it convenient for you to stay secure, because we love you. 💙

Over the years, as our data has moved from our desks to our pockets to our wrists, we’ve built (and rebuilt) 1Password to have the strongest defenses and the easiest usability. With iOS 9 we’ve created some amazing new additions and we’re finally ready for the big reveal.

Meet 1Password 6 for iOS.

1Password 6 Hero

A lovely shade of #1A8CFF

One of the first things we noticed when starting this project was that 1Password was looking a little, well, monochrome. Our designers spent hours holding up paint chips under different lights and finally settled on #1A8CFF to make everything pop. We affectionately call it Bits Blue. We’ve also pushed around the pixels of the category icons to make them more delightful, and beautified 1Browser. Don’t worry, everything you know and love is still in a familiar spot; it just looks shiny, new, and wonderful.

Rolling around new passwords

A password’s greatest strengths are its length and its randomness. But let’s be honest, sometimes you need to type in a password by hand and typing ErymQd3svcqM3BPYKWh is hard.

With our new Wordlist Password Generator, you can create long passwords out of randomly chosen real words: cellist-dander-signify-esteem-elver is easy to read, easy to type, and super secure. The new generator is inspired by Arnold Reinhold’s Diceware. We think it’s an amazing concept and aligns perfectly with our goal of making it simple and convenient for you to secure your digital life.

Pro tip: Diceware passwords make terrific answers to security questions! To have 1Password remember them for you, add a custom section with a custom password field to the Login item (Pro Features required for custom fields).

Installing a Spotlight

Spotlight search has always been a handy tool in iOS, helping you find things very quickly on your iOS device: a friend’s phone number, directions to a restaurant, or that important email that is somewhere in your inbox.

Spotlight is supercharged in iOS 9, and we’re taking advantage of it. New in 1Password 6 for iOS, Spotlight can search your 1Password data from the iOS home screen and take you straight to the desired item! It’s never been faster to find an item, and 1Password doesn’t even need to be open to do it.

To start using Spotlight with 1Password, enable the feature in 1Password > Settings > General.

Landscaping improvements

1Password has always been a portrait of amazingly convenient security, but its landscape mode has been limited to the larger screen of the iPad. We’ve made some significant improvements to landscape view support on iPad, iPhone 6 Plus, and iPhone 6s Plus.

On supported iPad models, 1Password will take advantage of the new Slide Over and Split View features in iOS 9, automatically scaling to the view size you set. On iPhone 6 Plus and 6s Plus, 1Password will now use that extra space to stretch out in landscape mode, displaying your categories and items in a column alongside the detail view.

1Password 6 Landscape Hero

A more watchful security companion

You’ve been telling us how convenient it is to look up Logins, Credit Cards, Secure Notes, and Passwords on your Apple Watch, but you’ve also told us you wanted more. By popular demand, 1Password for Apple Watch now supports more category types.

Say hello to Passports, Wireless Routers, Driver’s Licenses, Social Security Numbers, and Bank Accounts right on your wrist! To add items from these categories, open the item in the iPhone app and tap Add to Apple Watch.

We’ve also added a convenient way to manually lock 1Password for Apple Watch: simply Force Touch the screen and tap the Lock button.

How much does this extreme makeover cost?

Given the fantastic new features and improvements, you might be thinking 1Password 6 is a paid upgrade, which makes what I’m about to tell you even more incredible. Basic features are still free for everyone, and if you’ve already purchased the Pro features in 1Password 5, you still have them in 1Password 6 for no additional cost. 1Password 6 is available on the App Store.

If you find 1Password useful, please take a couple of moments to leave a rating and review on the App Store. It makes a huge difference to us. Thank you very much! Remember that we can’t reply to App Store reviews, so please post requests for technical support on our forums, or email

We always love hearing from you. Start a conversation with us on our Support Forums, Twitter, or Facebook.


Jessysaurus Rex joins the AgileBits team!

An adventure 65 million years in the making

A couple of weeks ago, we introduced you to the wonder women of AgileBits, who make this company and 1Password what they are today. We’re happy to announce that a new member has joined that illustrious team. If you follow the world of online security, you may already be familiar with her (or at the very least with one of her security sign bunnies hopping around Twitter!).

JessysaurusRex - Jessy Irwin

Her name is Jessy Irwin, and she is an influential voice in the world of information security. She also happens to love dinosaurs. A published writer and presenter, Jessy champions online privacy and security and spends much of her time educating people about the need for strong, unique passwords; secure software development; and operational security (opsec). She works to raise security awareness among students and educators, and helps the average Internet citizen learn what they can do to keep themselves, their data, and their online identities secure. She’s an obvious choice and a natural fit for our team, and we’re so glad that she’s here. @1Password and Jessy have been each other’s Twitter boo for a long time, a courtship that culminated in a grand proposal. (Spoiler alert: She said yes!)

Thanks for the Storify and kind words, Matthew!

This week, Jessy was a guest on Threatpost’s Digital Underground podcast. She and host Dennis Fisher had a great discussion about passwords, student privacy, how Jessy got her start in the world of information security, and her new role at AgileBits. You can subscribe to the Threatpost podcast on iTunes or listen to Jessy’s episode on the Threatpost website.

If you’re interested in learning more about online security, I highly recommend following @1Password and Jessy on Twitter. Jessy frequently shares her thoughts on the latest tech developments (such as Wednesday’s Apple event) and how they might impact your security, as well as great articles and blog post written by some of the smartest hackers and security researchers in the world. I enjoy following her on Twitter and having her do the work of curating all those interesting articles for me.

1Password tips

Quick Tip: Move a locally synced vault

Pop quiz, hotshot. You’ve chosen to sync your vault to local storage using 1Password 4 for Android. Now you’ve got a new device and you need to migrate that data onto it. What do you do? What do you do?

Not to worry. Migrating your vault to another device isn’t as daunting as it may appear at first glance. You’ll just need access to a desktop computer and a USB cable.

Move the vault from the old device

1P4 Android bot

The first thing you’ll need to do is connect your Android phone or tablet to your desktop with a USB cable. Then, open the device to view its files and folders on your computer.

Note: If you’re using a Mac, make sure you have installed the Android File Transfer tool.

Using Finder or Windows Explorer, navigate through your device’s local storage until you find the .agilekeychain folder that is your 1Password vault. Copy the entire folder to the desired location on your computer.

Migrate to a new device

To get that vault onto a new Android device, connect the new Android to the computer with the USB cable. Then, copy the entire folder to your new device’s local storage.

Once the folder is on the new device, configure 1Password for Android to sync with local storage, as usual.

Migrating to Dropbox

If you’ve decided to switch to Dropbox for easier syncing between devices, you can do that easily. Make sure that Dropbox is installed on your Mac or Windows PC.

Once you’ve got Dropbox installed, open the Dropbox folder on your device and copy the .agilekeychain folder to it. You can use 1PasswordAnywhere to confirm that your vault transferred to Dropbox properly.

That’s it! If you’re syncing to local storage with 1Password 4 on Android, it’s a good idea to back up your vault to another device this way every now and then, just in case something bad should happen. That’s just perfectly normal paranoia. Everyone in the universe has that. :shifty_eyes:

The AgileBits team wearing their finest tin foil hats

The AgileBits team wearing their finest tin foil hats

Questions? We’d love to hear from you. Leave a comment here or join us in the forums. If you’d like to join our beta family and be the first to try new features, you’re most welcome to sign up for our beta newsletter.

Here’s to you, Mr. Sheridan!

One of the challenges we face as a tech company is making our software accessible to everyone. It’s sometimes hard to gauge, because we’re so close to it. Doing research to answer customers’ questions makes it even more difficult to take a step back and make sure we’re not getting tooooo nerdy.


That’s why I was so excited when I heard from my friend Allison Sheridan this morning. Allison hosts the fantastic NosillaCast, a technology podcast with an ever so slight (ahem) Macintosh bias. She’s previously documented her own experience of switching to 1Password, but yesterday she spoke to Ken Sheridan, her octogenarian father-in-law.

1Password for Mac logo

In this lovely interview, we learn how Mr. Sheridan was managing his passwords before Steve (his son and Allison’s husband) helped him set up 1Password. My favourite part is that we also learn how 1Password has made his digital life so much easier and more secure. This enables him to more frequently do things like check his financial accounts, which he used to do only occasionally because it was such a hassle.

We want everyone to have a great experience with our software, and Mr. Sheridan makes me feel like we’re on the right track. Have you shared 1Password with friends, kids, or parents, possibly less geeky than you? We’d love to hear your experience. Leave a comment below or stop by our discussion forums.

Thanks for introducing your family to ours, Allison. Mr. Sheridan, we’re so happy to welcome you.

The Work Smarter Sale header

The Work Smarter Sale

Over the past month, we’ve been publishing Passwords 101 lessons to Facebook and Twitter. It’s now time to apply what you’ve learned to your everyday lives, at work and at school. Of course, you could give your brain a workout and keep all these strong and unique passwords stored inside your head, but 1Password is the best way to make security simple. We’re making it easier for you to get started: 1Password is now on sale across all platforms! Save 30% on 1Password for Mac and Windows, and 50% on 1Password for iOS and Android.

Do we have any stragglers or class cutters among us? No worries! Let’s review what we covered over the past few weeks.

Password length

Length is not the only thing that will keep an attacker from figuring out your passwords, but it’s significant. 1Password makes it super easy to generate unique, long passwords; but equally important, it remembers them for you so that you don’t even have to think about trying to recall a lengthy phrase.

Personal information is NOT for passwords

It’s scary how easy it is for a determined person to find personal information about anyone on the Internet. For this reason, it’s best to keep such information out of your passwords. If your password is 30 characters long and 25 of them have some personally identifiable information, that leaves only 5 random characters! To protect your accounts, make sure that there’s zero personal information in your passwords.

Substitutions are not secure

When 1Password first started teaching me about password security, I thought I was really clever when I changed letters to numbers and symbols. They resembled the letters enough that I wouldn’t make mistakes when entering the passwords from memory. Totally secure, right? Unfortunately, no. It turns out that the bad guys are also very clever, and they account for this in their attacks! The best thing is to have 1Password generate truly random passwords for you.

Never reuse passwords

Sometimes the simplest lessons are the most important. It’s a no-brainer: if you use the same password across accounts, access to one equals access to all. That is as convenient for an attacker as it is for you! Instead, let 1Password generate and remember a unique password for each account.

This sale makes it simpler than ever for you to keep all of your important data secure inside 1Password! Head over to the Mac App Store or the AgileBits Store to purchase 1Password for Mac or Windows for 30% off its regular price. You can also snag the Pro Features in 1Password 5 for iOS and the Premium features in 1Password 4 for Android for 50% off.

As always, this is a limited time sale. Get back to school in style and ensure that you’re working smarter, not harder. If you have any questions, Professor Bits’s office door is always open. Leave a comment here or join us in the forums; we love to hear from you.

DevBits header

Web View Filling ups the awesome factor of the 1Password App Extension

App Developers, this one’s for you!

Since the introduction of the 1Password App Extension API, support for the extension has been added to over 200 apps. We are so excited by this show of support from the development community that we decided to add functionality to the App Extension API to make it even more useful for you and more powerful for your users.

Version 1.5 = (Web View Filling)^2

As most of you already know, the 1Password Extension was originally designed to fill login details (usernames and passwords) in Safari and third-party applications. Thus far, the primary use of 1Password in third-party apps has been to sign in, which means that users likely invoke 1Password only once, right after installing your app.

In the latest update, we’ve made the app extension more powerful and more versatile. I am happy to introduce you to the redesigned Web View Filling capability of the 1Password App Extension API, which will enable your users to use 1Password to fill not only Logins, but also Credit Cards and Identities in any of your app’s web views.

From a technical point of view, this updated capability works in a similar fashion to the original Web View Filling: it can fill 1Password items in web views. However, to get the best user experience from the 1Password Extension, we should treat it as two distinct capabilities. Let’s take a quick look at what makes these two options unique, so that you can determine the best choice for your use case.

Scenario 1: Authentication

Let’s say users have to sign in to a service before they can use your app. When the user opens your app, they are presented with a web view in which they can enter their username and password to log in. In this case, you do not want the user to be distracted or confused by Credit Card and Identity items. You only want the Login for the service to show up in the 1Password Extension so the user can log in quickly.

Login selection screen using app extension API 1.5

Scenario 2: Web Browsing

  • Can your users purchase items from your web store?
  • Can your users sign up for a service by entering their information in to a web view?
  • Does your app have a built-in browser?
  • Does your app have billing and/or shipping forms for users to fill?
  • Would you like the 1Password Extension to show in the share sheet?

If you answered “yes” to at least one of the above questions, consider adding support for 1Password using the wonderful new Web View Filling capability, which will enable you to permit the filling of Credit Cards and Identities. You will also benefit from the fantastic new Brain filling logic we use in 1Browser and Safari.

This capability will help make your users’ browsing experience simple and secure by filling Login details, Credit Card items and Identities.

Fill Login, Credit Card, and Identity info when using app extension API 1.5

The Code

Choosing between the two scenarios is very easy: simply decide whether you want to show the Credit Cards and Identities that the user has stored in 1Password. To show only 1Password Login items in the 1Password app extension, pass YES as the parameter for showOnlyLogins. To unlock the full awesomeness of the 1Password app extension and take advantage of the new Web View Filling of Logins, Credit Cards and Identities, pass NO. That’s really all there is to it!

- (IBAction)fillUsing1Password:(id)sender {
    [[OnePasswordExtension sharedExtension] fillItemIntoWebView:self.webView forViewController:self sender:sender showOnlyLogins:NO completion:^(BOOL success, NSError *error) {
        if (!success) {
            NSLog(@"Failed to fill into webview: <%@>", error);

1Password ❤ App Developers

I want to take this opportunity to thank all of you app developers who have already added the 1Password app extension to your apps; you’re awesome! This new functionality gives you the chance to make security even more convenient for your users, and I can’t wait to see how you use it. Please don’t forget to submit your app to our Apps ❤ 1Password directory.

A newsletter just for you

You can also subscribe to our 1Password App Extension Developers newsletter. We’ll send you an occasional newsletter containing 1Password App Extension news, updates, and tricks, to help you realize the full potential of the 1Password Extension API in your iOS apps.

If you have any questions, you can comment on our GitHub project or email I look forward to talking to you!

DevBits header

Improved locking in 1Password 5.5 for iOS

Security and convenience

One of the coolest features in 1Password for iOS is the extension. For nearly a year, it’s been really easy to log in to participating apps without having to copy and paste usernames and passwords. Shopping in Safari is also a breeze, now that you can add items to your cart, then fill in your credit card and address with just a couple of taps. The icing on this cake is that you can log in to 1Password using Touch ID instead of tapping out a PIN or your entire Master Password over and over again.

Integral to the extension is the 1Password Lock Service, which determines how often you’re prompted to unlock the app and whether you’re prompted to use quick unlock (Touch ID or PIN Code) or your full Master Password. Thanks to the feedback you’ve provided, the Lock Service has gone through a couple of transformations since iOS 8 was released last fall. The latest update to 1Password is no exception and includes some major improvements that we’re sure you’ll love!

Touch ID: The star of the show

When Apple announced Touch ID on the iPhone 5s in 2013, we knew it would be the perfect way to unlock 1Password for iOS quickly and securely. It took a year before we were able to integrate it, but it was definitely worth the wait!

1Password for iOS Touch ID lock screen

In previous versions of 1Password, cancelling the Touch ID prompt cleared your Master Password from the iOS Keychain, which meant that you would have to enter your Master Password before you could use Touch ID again. This was inconvenient, especially when your goal was just to dismiss the Touch ID prompt without unlocking 1Password.

In version 5.1, we decided to force quit the main app and dismiss the extension when the Touch ID prompt was canceled. It seemed like a good idea, but it was confusing because it looked like the app was crashing. So we went back to the drawing board.

In 1Password 5.5, canceling Touch ID will cause 1Password to display the Master Password prompt, but your password won’t be cleared from the iOS Keychain. This means that you will be able to use Touch ID the next time you open 1Password without typing your Master Password; all you need to do is to tap the fingerprint icon to bring up the prompt.

1Password 5.5 for iOS Master Password lock screen with Touch ID icon

Lock Service: Centralized and better than ever

In 1Password 5.5 for iOS, we have created a “central” Lock Service that is shared between 1Password and its extension. The extension will now use the settings you have specified in the main app. Additionally, when you unlock the 1Password extension, you will also unlock the main app (and vice versa). Those of you who use 1Password on Mac will probably notice that this is similar to the way 1Password and 1Password mini lock and unlock in unison.

As long as you have Lock on Exit disabled, you will no longer be prompted to unlock 1Password moments after you unlock the extension in Safari. Depending upon your Auto-Lock settings, it may be as long as an hour before you’re prompted to unlock 1Password again.

1Password 5 for iOS security settings

iOS Keychain + 1Password Extension = ❤️

In previous versions of 1Password, the extension never saved the Master Password to the iOS keychain. This meant that if your Master Password were cleared from the iOS keychain (like when you restart your iPhone or iPad), you would have to launch the main 1Password app and enter your Master Password before you’d be able to use quick unlock. Entering your Master Password in the extension would allow you to access your vault, but you’d have to keep reentering your Master Password until you finally unlocked the main 1Password app.

Now it doesn’t matter if your Master Password is cleared from the iOS keychain! If you have quick unlock enabled, you’ll just need to enter your Master Password in either the extension or main app—once. After that, you’ll be able to use quick unlock until the next time your Master Password is wiped from the keychain.

It’s taken some time and experimentation to get the main 1Password app and the extension working together just so, but we think our latest changes offer a balance of security and convenience. We hope you’re as happy with this update as we are! We’d love to hear your thoughts in the comments and in our discussion forums.

1Pi icon 1024

1Password 5.5 for iOS: The Fun in the Sun Edition

While all the AgileBits kids have been having a fun- & sun-filled summer vacation, our development, docs, and support teams have been toiling away in our air-conditioned nerd caves to bring you the best 1Password for iOS release since the last one!

Our focus for this release was keeping your security as convenient & refreshing as an ice-cold drink on a hot summer day. Let’s take a sip from the improvements to Vaults, Touch ID, the Extension, and the Apple Watch app.

Switching it up

Multiple vaults are the best way to keep different parts of your life secure, without a ton of clutter. We all have our personal data, family vaults, and even work accounts to keep safe & organized.

We’ve made switching between these roles of your life super simple with an all-new vault switcher. Simply tap the new Vault icon in the upper left to get the quick switcher. Select a vault and you are instantly switched to it.


Touchable on demand

In the olden days (meaning yesterday), if you opened 1Password and then tapped Cancel on the Touch ID prompt, 1Password would switch to the Master Password prompt. For your security and convenience, the new Master Password prompt is more flexible: now when you tap Cancel, there is a fingerprint icon on the Master Password screen. Simply tap this icon to immediately restore Touch ID.

Note: If you restart your device, or the Master Password timeout is reached, this new icon will not appear, as the Master Password will still be needed in those situations.


Improved short-term memory

The extension and the main app now share unlock settings, so when you unlock the main app, the extension will remember this and use Touch ID.

Again, restarting the device or reaching a Master Password timeout will still require you to enter your Master Password.

Never drop a PIN again

Unique passwords are great for your logins, and unique PINs for your credit cards are also fantastic. Remembering them? Not so much.

Credit Card items on Apple Watch will now show the PIN field. The next time you buy chips & salsa with your credit card you can take a quick look at your wrist for your purchasing needs.

Closing the Vault

There are many more improvements and fixes in 1Password 5.5 for iOS, and you can check them all out in the release notes or in the in-app Message Center, located in Settings.

While I need to close up the vault for this release, the team can’t wait to show you all the great things we’re working on for the next one! In the meantime, we’d love to hear your thoughts. Leave your comment here, in our discussion forums, on Twitter/ADN, or on Facebook.

Aleen and Chalene, sittin’ in a tree…

…talkin’ s-e-c-u-r-i-ty!

Chalene Johnson

Chalene Johnson is a motivational speaker and best-selling author. In June of this year, her Twitter account was hacked, as was her main Instagram account. She shared this sad tale on her podcasts, The Chalene Show and Chalene Johnson’s Build Your Tribe.

Upon completing the tedious and time-consuming task of recovering from the hack, Chalene researched password managers to ensure she’d never have to endure such an experience again. At the end of her quest to find the best password manager, Chalene discovered 1Password!

Aleen Simms

To talk to her listeners about 1Password, Chalene invited our very own Aleen Simms. They discuss everything from pricing to basic 1Password use and password hygiene. Have a listen, and pick up a handy tip or three along the way.

The episode is fittingly titled, The Most Important App You Will Ever Download, and you can listen to it in iTunes. Thank you for the invitation, Chalene!