DevBits, featured image

On The Design And Building of 1Password for Apple Watch

When Tim Cook took the stage back in September to announce the next generation of Apple hardware, and that there was already an SDK for it, we were incredibly excited (and that’s putting it mildly!)

I believe our reaction was something akin to:

“We can make a 1Password app for Apple Watch!”

“That’s awesome!”

…brief silence…

“What would a 1Password app for Apple Watch do?” 

Day 0: the idea phase

We tossed a number of ideas around that first day, but the one we kept coming back to was our new (at the time) support for one-time passwords in 1Password for iOS.

One-time passwords seemed like a perfect fit for Apple Watch. They are a fixed length of 6 characters, so fitting them on the Apple Watch’s screen would be simple. They are refreshed every 30 seconds, so they could be stored and displayed without the need for authentication each time.

Also, they fit perfectly into the use case of logging into a site on your computer, and then looking to your wrist for the second factor verification.

So, we were decided, one-time passwords it was!

Day 23: build/design phase, part 1

1Password for Apple Watch was a simple three screen app in its infancy. There was one screen for the scenario of “no data”, one screen to list the items that included one-time passwords, and one screen to show the selected item’s one-time password.

A crucial part of the design was that we didn’t want you to have to enter your Master Password anywhere to access the information on Apple Watch. The usefulness of having your 1Password data on your wrist went way down if you needed to pull your phone out of your pocket to access it.

 

Interlude

Apple Watch apps are an interesting animal in that very little code actually runs on Apple Watch itself. Instead, each Apple Watch app is comprised of two parts: the visual “shell” that runs on Apple Watch, and an app extension that runs on the phone. The app on Apple Watch talks to the app extension over Bluetooth to get its data and respond to user interactions.

Apple Watch App Architecture

1password-for-apple-watch-03A good example to illustrate this idea is the PIN code screen in 1Password for Apple Watch. Each time you tap a digit on Apple Watch’s screen the following actions take place:

  1. Information about the tap is sent via Bluetooth to the 1Password Watch Extension (running silently in the background on your iPhone).
  2. The 1Password Watch Extension determines which digit was tapped and adds it to any digits tapped before.
  3. The extension then tells the Apple Watch app to update the PIN length indicator at the bottom of the screen, which requires another transfer of information over Bluetooth.
  4. If the tapped digit is the fourth in a series the 1Password Watch Extension checks to see if it is the correct PIN code, and if so tells the watch app to display the list of items, which requires yet another trip over Bluetooth.

As you can see, even a simple interaction with an app on Apple Watch can create a lot of Bluetooth traffic back and forth between Apple Watch and iPhone.

Day 45: fine-tuning

Once we had a baseline set of requirements and user interface designs we started to work out how to get the one-time password data to 1Password for Apple Watch.

Because we weren’t going to require your Master Password to access your data we precluded ourselves from being able to decrypt your 1Password vault, meaning we needed a place to store the one-time password secrets for use by 1Password for Apple Watch. We decided to utilize the iOS keychain as a secure storage location that wouldn’t require decryption each time we wanted to use it.

Of course this decision came with its own set of challenges, namely that we were going outside of the 1Password ecosystem to store secure data. Because of this fact we knew we had to ramp up our customer education efforts about this new feature and make sure that it was opt-in only.

We added what we called a “keychain maintainer” to the main 1Password app that would listen for changes in the 1Password database, determine if those changes were one-time password-related, and update the iOS keychain accordingly. The keychain maintainer worked out really well as it handled changes that were made by our sync system as well as any changes made to an item by a person manually.

With the keychain successfully populated with data all we needed to do was load this data in the 1Password Watch Extension and use it to populate the list of items. We finished up the implementation of the three screens and 1Password for Apple Watch was done…or so we thought.

Day 97: 1Password for Apple Watch v1 debut …

At this point we were quite happy with ourselves. 1Password for Apple Watch was complete months before Apple’s launch date of late April. We began to show it off to friends and industry acquaintances to get their reactions. Some of them thought it was very cool that they’d have access to their one-time passwords on their wrist, but many more of them weren’t exactly over the moon about it, and some had to be educated about one-time passwords before they understood exactly what it was we were offering.

It all came to a head when we were on a business trip and in a meeting with a handful of individuals whose opinions we really respect. With our usual gusto we showed off 1Password for Apple Watch and…it fell flat. Out of the five people in the room with us, only one person was genuinely excited about. They say two outta three ain’t bad. No one ever says anything about one outta five.

We knew we needed to do more.

So we went back to the drawing board: beyond one-time passwords, what kind of information would be useful to have on your wrist? We started to brainstorm ideas and realized there was a whole class of secure information that could be stored in 1Password that we weren’t leveraging: all kinds of small pieces of secure information that you need throughout the day.

Store your locker combination on your Apple Watch.

Store your locker combination on your Apple Watch.

1Password for Apple Watch can ensure that your door's unlock code is always handy.

1Password for Apple Watch can ensure that your door’s unlock code is always handy.

 

We started to work up some use cases. Gym locker combination? Check. Garage door code? Check. Would it be useful to see your credit card info while placing an order over the phone? Yep. We discovered all sorts of situations where it might not be convenient to pull your phone out of your pocket, unlock it, open 1Password, unlock 1Password, and search your vault for the data you needed. Apple Watch, however, was the perfect place for this kind of information. App interactions are incredibly short and perfect for the things you need on the go: you get in, get your data, and get out.

Day 98: the re-build phase

With this new vision for 1Password for Apple Watch we began to rework both the user interface and the code.

Because we were expanding beyond one-time passwords we no longer wanted 1Password for Apple Watch populated with a whole set of information automatically. Everything that appeared on your wrist needed to be there because you put it there. A button was added to the bottom of the item detail screen that allows you to add/remove an item to/from your Apple Watch. This button ended up being a shortcut for adding a new “Apple Watch” tag to the current item. The cool thing about this approach is that you can manage your Apple Watch items not only on your phone, but also on any of your other devices or computers simply by adding the “Apple Watch” tag and syncing the changes over.

Our keychain maintainer evolved beyond looking for one-time passwords to looking for items tagged with “Apple Watch” instead. We added an extra set of attributes (encrypted with the 1Password Apple Watch PIN code) to our keychain entries to handle the extra data for logins, passwords, secure notes, and credit cards. 

In 1Password for Apple Watch itself we ended up adding four new screens to support the new item types in addition to the original one-time password screen. When Apple Watch shipped at the end of April our app’s design looked like so:

Apple Watch App Storyboard

Today

1Password for Apple Watch 01I hope you’ve enjoyed this little glimpse into the process behind 1Password for Apple Watch. If you have any questions please leave them in the comments below, I’d love to talk some more about our process here. For some further reading I’d recommend our excellent Apple Watch User Guide and our Apple Watch Security Guide.

DevBits, featured image

How 1Password syncs changes to your Master Password

Alliance of MagiciansAt the risk of being blackballed by the Alliance of Magicians (from even the smallest venues), we want to reveal the secret to Master Password syncing. It’s all just an illusion — a clever one — but since we don’t actually store your Master Password, we don’t sync it for you either. You do, but we’ve made it look like we do.

There are a lot of seemingly mysterious things that go on when a Master Password changes, so it is quite reasonable to have questions about security in this area. A cornerstone of Master Password security, though, is that 1Password never stores your Master Password in any form. (A not very relevant exception is for use with Touch ID.)

Suppose you change your Master Password on one of your computers. The next time you unlock 1Password on some other device, you can unlock it with your new Master Password. How can 1Password on the second machine accept the new Master Password if we are careful to never store it? This has led a lot of astute users to mistakenly imagine that their data isn’t really protected by their Master Password. But, let me assure you that it is, and all the tricks up our sleeves make things both more secure and more convenient for you.

The Basics

At its most basic, a 1Password vault (be it a local vault in 1Password for Mac/iOS, or a sync vault in the form of an Agile Keychain or an iCloud vault) contains a couple things:

  • A universally unique identifier (UUID)
  • An AES key used to encrypt and decrypt items

Every vault has a different UUID, and a different AES key. These are both randomly generated when the vault is created. This means that your local Mac vault does not share a UUID with the Agile Keychain it’s syncing with, and any other Mac or iOS device that’s also syncing with that Agile Keychain will have its own UUID/AES key combination. In the simplest scenario of a Mac syncing with an iOS device via Agile Keychain, that’s 3 vaults, 3 AES keys.

Obviously, it’s a bad idea to store the keys unencrypted. It would be like leaving your house key on a hook next to the door, outside. We need a key to encrypt your AES key with. For this, we use the Master Password you provided when you created the vault to derive another key. The key that is derived from your Master Password is then used to encrypt your vault’s AES key. We never store the derived key anywhere.

Let’s look at a very basic example. You have an unsynced vault on your desktop. To unlock 1Password, you provide us with a Master Password (which may or may not be correct). We use this Master Password and go through the same key derivation process that we used originally. If it’s the same Master Password, the result will be the same key.

A key will be derived even if an incorrect Master Password has been entered. Determining whether it’s the right key is a matter of attempting to decrypt the AES key. A successful decryption indicates that the correct Master Password for this vault has been entered, thus the vault will unlock. If the decryption fails, it’s the incorrect Master Password.

Master Password Changes

Now that we know how your vault is unlocked with your Master Password, let’s discuss what happens when you change your Master Password (leaving sync out of the equation for now). When you change your Master Password locally, the vault’s UUID and AES key do not change at all. What changes is the key that is used to encrypt your AES key (the one that’s derived from your Master Password). Effectively all that changes is the encrypted form of your vault’s AES key. It’s encrypted with the new key, derived from the new Master Password.

This means that trying to use your old Master Password will generate the old derived key, which will not be able to decrypt your AES key that’s now encrypted with the new derived key. Simple enough.

Master Passwords and Syncing

It is important to reiterate that your Master Password is never stored anywhere. This is the case for your local vault as well as the Agile Keychain you’re syncing to, so we’re essentially responsible for syncing something we don’t have. This is important as it allows 1Password to continue syncing even after you’ve changed a Master Password on one device.

During initial sync setup, we ask you for the Master Password of the sync vault (typically an Agile Keychain). We use this password to unlock the sync vault, but once it’s unlocked we throw away the password you gave us. Instead of the password, we store the sync vault’s UUID and its AES key, and we encrypt those with our local AES key. We know that a vault’s UUID and AES key will never change for the lifetime of the vault. This means that as long as we know that we have the same vault (the UUIDs match), we’ll be able to use the AES key we have to decrypt its data (even if the encrypted form of that AES key was changed to be encrypted with a new key derived from a new Master Password).

This allows us to sync multiple devices, each having their own Master Password. They don’t actually need to have the same password, and as one device changes its Master Password, even though the sync vault’s Master Password will also get updated, the other devices don’t necessarily need to care.

Please note, while this suggests that you could potentially use a different Master Password on each of your devices, we do not recommend that you attempt it. The mechanism described above is merely necessary to ensure that the Master Password changes are able to be synced.

Syncing Master Password Changes

When you change the Master Password of a vault on one device, the same process that happens locally for a Master Password change happens to the sync vault. We re-encrypt its AES key with the new derived key. This makes the sync vault’s Master Password the same as the new local Master Password. To read data within this vault you need either the new Master Password or a copy of its AES key.

Now that you’ve changed the Master Password on one device, and it has changed the Master Password of the sync vault, what you want is for all other devices associated with this sync vault to also have the new Master Password. Unfortunately, we’ve done all of the pushing we can. Despite the fact that we can detect that the Master Password in the sync vault has changed, we don’t know what it has been changed to because we don’t store your Master Password anywhere. We have no way of knowing what key to use when re-encrypting the AES keys on your other devices. So, from here on, we need your help!

The other devices still have the old Master Password. That old Master Password will still work to unlock your vault on these other devices because the AES key is still stored, encrypted with the derived key from your old Master Password. These vaults can continue to sync with other devices because they happen to have a copy of the sync vault’s AES key. They don’t need to care about the sync vault’s Master Password.

Updating the Master Password

At the start of this post, I said that the process of unlocking a vault is a matter of deriving a key based on the provided password, and attempting to decrypt the vault’s AES key with it. If the decryption of the vault’s AES key is successful, we’ve unlocked the vault. If the decryption is unsuccessful, then we’ve failed to unlock the vault. It turns out that this isn’t quite true, at least not in the case of synced vaults.

If the decryption of the vault’s AES key is successful, we’ve unlocked the vault. That part is true. But if the decryption is unsuccessful, all it means is that we’ve failed to unlock the local vault with the provided key. When a failure is detected, we look to see if we’re syncing with any vaults. Then we try the Master Password against the sync vault as well. If the Master Password that you have entered is the new Master Password of the sync vault, unlocking the sync vault will be successful. This tells us that the password you entered is the correct Master Password for the sync vault, and from that we can infer that this is the new Master Password that you would like to use on this local device.

This is all well and good, but we’ve really only managed to unlock the sync vault, not your own local vault. Remember how we stored the sync vault’s AES key, encrypted with your local AES key so that we could keep syncing even after the sync vault’s Master Password changed? It turns out doing the reverse here is possible. When we set up sync, not only did we store the sync vault’s AES key encrypted with the local AES key, but we also stored the local AES key encrypted with the sync vault’s AES key. This means that as long as we can unlock one of the two vaults, we can unlock both. We can use the unlocked sync vault to decrypt our own local AES key to unlock your own vault.

So we’ve used the new Master Password to unlock the sync vault, then used the sync vault to unlock your local vault. All that’s needed to do now is re-encrypt your local AES key with the new Master Password. And voilà, the next time you unlock 1Password with that new Master Password the decryption will succeed.

Recap

That might sound like a lot of information. Let’s go over that again, in simple, flow-chart form:

  • Device1 and Device2 sync via Agile Keychain, all share MasterPassword1
  • Device1 updates to MasterPassword2 by re-encrypting Device1’s AES key with key derived from MasterPassword2
  • Device1 updates Agile Keychain by re-encrypting Agile Keychain’s AES key with key derived from MasterPassword2
  • Agile Keychain files sync to all devices
  • Device2 attempts unlock with MasterPassword2
  • Device2 rejects unlock with MasterPassword2
  • Device2 attempts to unlock Agile Keychain with MasterPassword2
  • Device2 successfully unlocks Agile Keychain with MasterPassword2
  • Device2 uses Agile Keychain’s AES key to decrypt a copy of Device2’s AES key that was encrypted using Agile Keychain’s AES key, earlier when sync was originally setup.
  • Device2 uses decrypted Device2 AES key to unlock its local vault
  • Device2 re-encrypts its AES key with key derived from MasterPassword2
  • Device2 unlocks
  • Device2 locks
  • Device2 attempts unlock with MasterPassword2
  • Device2 unlocks

Master Password sync infographic

So, there you have it. The secret of our illusion: the Master Password update has propagated to another device without the password itself being stored anywhere.

IMG_0212.PNG

‘Twas the weekend before Christmas

Sara Teare, our Minister of Magic (or Customer Support Manager), repurposed a holiday classic this weekend to show some internal appreciation for the Agile team and all their hard work over the holidays.

We love taking care of our customers, and the holidays inspire us in all sorts of ways. I just had to share this bit of internal joy and appreciation with you. :)

– – – – –
T’was the weekend before Christmas and all through the house,
every creature was stirring, including the mouse!

The stockings were out, needing filling with care,
the pressure is on, we are all so aware.

The children were running, everywhere but their bed,
With high doses of sugar going straight to their head.

Mom’s shopping on Amazon, iPad in her lap,
Dad is wishing that he could go for a nap.

When out in the Forums, there arose such a clatter,
We sprang into action to see what was the matter.

Over to Cerb, I flew with a flash,
Stopping to grab Jeff’s jelly bean stash.

Expirations of trials and license confusion,
A question here about sync substitution.

When what to our wondering eyes does appear?
St. Nick in the forums with a spinning gear :(

1Password appears to be giving him trouble,
No fear Dear Santa, we’ll help on the double!

Go Adam! Go Marshall! Go Steve! and Go Mike!
Go Eva! Go Sean! With all of your might!

Go Jasper! Go Peri! Go Marc! and Go Scott!
Go Yuanou! Go Team – think all the good thoughts!

With a click and a clack, and a DR to boot,
a quick reset and good changes take root!

His 1Password now good, its Pro features reset,
With TouchID shopping, the quickest presents to get!

All our users are happy, and are singing along,
knowing they won’t get their passwords wrong.

A simple tap or a click, and they are all off to play,
having finished their shopping the auto-fill way.

The team taking care to reassure all,
Even spending some time on telephone calls.

Everyone is so happy with all of your care,
Customer service like this can be quite rare.

With rainbows appearing, the team knew they were right,
Happy Saturday to all, and to all a good night!

/- Sara Teare

the Agile Mug 01

Behind the Mug: Aleen Simms

For our second Behind the Mug feature post, we get to learn more about one of the recent recruits to our crack team of document gurus: Aleen Simms.

Wordsmith

2014-10-21 10.28.36

Aleen descended from the foothills of the Rockies to the Valley of the Sun many years ago. When she’s not writing, you can find her podcasting, reading, taking pictures of her kittehs, or building LEGO sets with her husband at the dining room table (where else?). An unapologetic Hufflepuff, Aleen is committed to helping the world around her become a more accepting place.

Some Q&A with Aleen

If you had a warning label, what would it say?

Warning: extremely sarcastic.

What are your pet peeves?

The sound of chewing, when LEGO bricks refuse to come apart, stepping on LEGO.

Where is your favourite place to work?

My husband hacked together a standing desk for me soon after I started at AgileBits! Sometimes I get lazy and sit down, but I really love my desk.

2014-06-11 13.54.12 HDR

Family tradition:

Every October, I meet my mom, uncles, Granny, and subset of cousins in Las Vegas. Every couple of years, my mom gets show tickets for Uncle Jeff and me as early birthday presents. We’ve seen Phantom, Blue Man Group, a few Cirque de Soleil shows, and, most recently Le Rêve: The Dream. I look forward to it every year.

What’s your favorite book?

Jane Eyre was the first “grown up” book I ever read, so it will always hold a special place in my heart. Most people I know find it insufferable. :)

Who’s your favorite author?

Neil Gaiman. I’m not one to fawn over people, but I admire both his writing and personality. I had the opportunity to meet him briefly last year and maybe made a complete fool of myself—I don’t strictly remember anything other than being completely giddy.

Aleen did a lot of training for her ‘mug shot’ … you can tell she’s a true pro when it comes to beverages in addition to word-smithery!

Aleen's Mugs

the Agile Mug 01

Behind the Mug: Jeffrey Goldberg

We’re starting a new feature here on the Agile Blog to tell you a little more about some of the awesome people who make up the 1Password team. We’ve got a diverse cast from across North America and Europe, and we think they’re all pretty neat.

Starting off this series with a bang is our security guru, Jeffrey Goldberg.

Chief Defender Against the Dark Arts

IMG_2004

Jeffrey Goldberg lives in Plano, Texas. He moved there with his family from Southern California in 2005. When asked why, he would answer that he moved there for the weather. In this way, Jeffrey alerted his new neighbors that he was a serious contender for the role of village idiot. A title he has since earned and defended.

The real reason for the move, of course, is that he is a global stalker: He has been following his wife (an academic) around the planet since 1988. That includes living in Hungary, England, Southern California, and now North Texas.

Jeffrey suffers from a pathological compulsion to explain things to people. The people around him also suffer from his compulsion. His actual training is in theoretical linguistics (a PhD dropout), but he barely manages to speak one language.

Jeffrey was invited to join AgileBits (then Agile Web Solutions) presumably because Dave and Roustem liked his posts on the forums explaining security. At the time, he was working toward becoming a high school math teacher, but had learned through student teaching that he just didn’t have the right temperament for it. In a previous life (the 20th century) he had been a system administrator and postmaster at a UK university, a dilettante academic, publishing a few papers with his wife.

A quick Q&A with Jeffrey:

What’s your spirit animal?

Banana slug.

What’s in your mug: coffee or tea?

Caffeinated.

What’s your favourite family recipe?

Uncle Sweeney’s meat pies.

What’s your pet peeve?

That many useful theorems depend on the Axiom of Choice.

What do you want to be when you grow up?

A fog horn.

IMG_1950

AgileBits is now accepting applications to its School of Magic

This image was made by Loadmaster (David R. Tribble) via Wikimedia Commons

Sometimes I feel a bit like I spend my days at Hogwarts. There’s magic happening all over the place, the occasional dragon, and never a dull moment. This has been extra true lately, and as a result, our very own Minister of Magic has declared it is time once again to open applications to Hogwarts! In this case we’re presuming you’ve had a turn under the Sorting Hat, and we’re looking for those who have been sorted into the following Houses:

  • Customer Support
  • Android Developer
  • Windows Developer

As you may have noticed, the iOS version of 1Password got a significant update late last year, and the new Mac version had a dramatic unveiling a couple of weeks ago. For those playing along at home, you’ll recall we have two more versions, and it’s those two we are aiming to transfigure into sleek modern versions. Doing this means we need your help!

And by “you” I mean “a person who is all-around awesome and familiar with 1Password and has excellent communication skills”. We are accepting applications from wherever you are. Yes really! Most of our team works remotely, which is no problem. Our owls can always find you.

You may find it hard to believe, but there’s more awesome involved than just being accepted at Hogwarts. On top of MAGIC, you can also look forward to:

  • An encouraging and cooperative virtual office
  • A healthy pay scale (no house-elf style treatment here!)
  • A flexible schedule
  • Casual Friday…every day! In fact, even more casual, if that’s your thing.
  • Other neato spells and charms that make working for AgileBits loads cooler than whatever you’re doing now.

As for what we ask in return, it’s pretty straightforward:

  • Great work ethic
  • Cool head in a hectic environment
  • Strong communication skills
  • High rum tolerance (ok I’m kidding. It doesn’t have to be rum)
  • Passion for driving 1Password forward to make it the Best App Ever
  • Support members need to be able to help with about 65 email replies a day, ensuring customers get the help they need. No worries though, our Spell books are available for study!

Does this sound like you? If so, please email us with your preferred job in the subject line (Support, Windows Developer, Android Developer). In the email itself, tell us who you would most like to sit next to during breakfast in the Great Hall, and your current favorite app (besides 1Password) on your platform of choice. Also include the answer to this question: What is the motto of the Hogwarts School of Witchcraft and Wizardry?

 

Behind AgileBits: Meet the people who support 1Password and Knox

We’re big on people here at AgileBits. It’s why we have human beings answering support emails nearly around the clock, why our blog header has a photo of us in our spiffy shirts, and why we recently opened our first-ever office in Toronto. In fact, I’d love to introduce you to the people who support, develop, design, and help get the word out about 1Password and Knox, starting with some of our amazerbeams Customer Support team.

In alphabetical order, we have:

Greig Allen

Our Senior Foreign Correspondent:

Do-not-give-Greig-food-or-drink.jpegHey Guys! I’m Greig and I’m from Aberdeen, Scotland.

I’m the only AgileBits CS team member based in the UK!

When I’m not answering questions from our customers, I can be found on a football field. And when I say football I mean American NFL style football, not “soccer”.

I started using 1Password back in 2009 and started working here in 2012.  AgileBits is honestly the best company to work for and all I needed to do is answer a blog post!

He used to be our only Foreign Correspondent. We’ve promoted him to Senior.

Chris De Jabet

aka Chris Prime, we hired him before our other Chris’s. It’s really not as confusing as I’m making it sound:

I am two-thirds of the way to achieving infamy on the Internet. I enjoy great coffee, and naturally am fussy in making it in my Aeropress. I also over-carbonate with my Sodastream. All I need is a clicky keyboard and I’ll have it made.

I live in beautiful Lincoln, Nebraska with my amazing wife and son.

I’ve been an avid fan of 1Password since 2008, and started working here in September 2012 after seeing the right tweet at the right time.

Kelly Guimont

Since I’m doing the introductions, I suppose I should tell you about me as well:

Kelly Captains Chair 2013Hi! I’ve been at AgileBits almost a year and a half, and I couldn’t be happier about it!

Unlike Chris Prime, I have apparently achieved Internet Infamy, since I have a gloriously clacky keyboard I type on when I’m not drinking Aeropressed coffee or supercarbonated water from my Sodastream.

I’ve also achieved Internet Infamy in other ways, since I’m a writer for TUAW and a host of the TUAW Talkcast. I can also be found shooting my mouth off  on a few other podcasts as well, such as the British Tech Network’s Mac and Comic Shows, and as a host on Angry Mac Bastards.

Alex Hoffmann

Our newest addition both in hire date and birth date, meet our Junior Foreign Correspondent!

Alex+HoffmannI’ve only recently started working for AgileBits.

I’m the geeky bearded German guy who speaks British English, German (of course), and Chinese, and who now works for a Canadian company. It’s seriously great.

1Password was the first app I installed when I bought my first Mac and it’s probably the most important app on my computer. 
I heard a few people (Kelly, Dave,…) raving about how awesome it is to work for AgileBits and since I’ve always been the tech guy, I was happy to get the chance to help people with a product I love, working in a great team, and get paid for it 😉

Steve Joyner

Next up, some San Francisco cred:

I’m a San Francisco coffee fiend and IT geek who swears that 1Password is the best thing since oxygen.

One day, minding my own business, Dave Teare, co-founder of AgileBits, reached out and asked if I’d found my dream job. (Do they exist?!). Apparently, they do — so don’t wake me up!

I prefer cold to hot, Coke to Pepsi, and hate feral pigeons. I’m a voracious reader, vegetarian, and sleep twice a day.

Scott Kramer

Here’s Scott; every time he tries to get out… we pull him back in!

SJKMy home is in the western US, where I’ve lived most of my life.

I’ve always been a film buff, but my first encounters with computer technology and ARPANET in high school hooked me. I knew then computers and networking would be a life-long passion. Much of my career has been in system administration, later emphasizing on different aspects of customer support. And you can’t keep me away from online forums.

Working with AgileBits and supporting its wonderful customers is a fulfilling experience, always challenging and inspiring.

Ann Liao

Now another of our ladies:

I’ve only recently begun my journey with AgileBits, and I’m loving every moment of it.

That jump for joy, rewarding feeling you get when you solve a complicated problem is how I feel every day when I’m helping customers with 1Password.

I’m so proud to be a part of the AgileBits family, a family filled with super awesome people and a work culture that genuinely says “we care”.

Ann is also notable for being the second lady in Support, which means when Megan signed on I was so pleased to be one of three I didn’t know what to do with myself.

Chris Meek

And now, another of our Chrises:

Meek EditI have been a passionate fan of 1Password for a number of years, and after graduating from Computer Engineering at the University of Toronto recently, I knew I wanted to work for AgileBits.

I couldn’t find any job postings on the website at the time, so I sent an email off to support and a few short weeks later I was welcomed into the family.

Every single day I look forward to going to work and enjoy working with each and every person at AgileBits. It really is just that – my second family!

OK, this Chris wins at blurbs for the blog.

Megan O’Brien

And here’s another of our newer folks:

Megan EditI’ve only been with Agile Bits for a short time, but I love it a whole bunch. I’ve been able to speak with and help people from exotic places like Paris and familiar places like Manitoba. It’s a pretty awesome feeling to be able to connect with so many different people and make their lives a bit easier.

When I’m not typing up emails for AgileBits, you’re likely to find me either exploring new places with my camera or hunched over my craft desk making something from my massive horde of craft supplies. I love Lego, animated kids shows, and a whole host of other things I was supposed to outgrow when I became an “adult”.

I have to say, it’s pretty brilliant to be a part of a team that shares so many of my geeky passions, and I can’t wait to see what the future holds for us all!

Kyle Swank

The support team’s resident runner:

Kyle Swank 200I started at AgileBits nearly two years ago. Time flies when you’re having fun, so it feels like I started yesterday. I work with a great team of friends and get to meet fantastic 1Password users on a regular basis, what more could I ask for in customer support?

When not helping 1Password users I’m often outside running, reading a good book or restoring my early 70s muscle car. I enjoy a challenge, whether it’s a 1Password troubleshooting question or pushing myself toward a personal record time on a 10 mile run.

Anthony Wadlow

It’s always a plus to have a teacher on board:

Anthony Wadlow

I’m originally a biologist and teacher from Southern England.

Despite the near tropical weather and the cheap gas prices in the British Isle, I made like a goose and migrated to Toronto, Canada.

Since then I’ve been won over by truly refreshing and open AgileBits philosophy, both inside and outside of the company. I couldn’t be happier!

Marshall Wendler

Heeeeeeeeeeeeeere’s Marshall!

I live in the Carolinas and have been with AgileBits for over a year.

AgileBits has been the best company I have ever worked for – Not only do we put out the best password management system on the planet, we offer the best customer support in the world.

Oh, and the people who work here are pretty damn cool too!

Marshall might win at blog blurbs too.

Ben Woodruff

Next up we have a grass-roots fan-turned-employee:

I’m from the Greater Rochester Area in NY. I love working at AgileBits because I love helping people.

I started out as a 1Password user with 1Password 2 for Mac many moons ago and when I started helping answer questions in the forums Dave made me an offer I couldn’t refuse.

When I’m not working for AgileBits, I’m a volunteer firefighter & EMT.

 

Khad Young

So far, so good! Now meet our Forum Choreographer:

khad avatarI grew up in Detroit, loved L.A., but found true love in Indianapolis. It is hard to escape the Midwest forever!

Working at AgileBits is my dream job because I get to work from home (or from anywhere). I love to travel, so that just means I can use my MacBook Pro from beaches and bars. :)

Note: We’ve met Khad’s true love, and she’s wonderful!

Stay tuned for more Behind AgileBits

That’s just a portion of our growing customer support team for now. We’ll be back soon to introduce you to the teams tasked with engineering 1Password and Knox, making them beautiful, and more!

Thank you, Steve

It is in no way an overstatement to say that AgileBits would not exist at all, let alone be the company it is today, without Apple and the vision of Steve Jobs. We owe a tremendous debt of gratitude to you Steve. We’ll miss you, and we’ll honor you by continuing to try to make the world a better place.

Designers: you still have time to join our team!

Remember our call for another full-time designer to join our resident pixel ninja Dan Peterson? Well a couple of funny things happened. First, we received so many great applications that it’s taking us some time to get through them all. Then our team got caught up with some new work with the releases of Lion, Safari 5.1, and Firefox 6. What does it all mean?

It means you still have time to apply! Check out Dan’s original post, look over the details and what Dan would like to see from you, and show us what you got! AgileBits is a fantastic place to work and we need another fantastic designer to help us keep moving forward.

Join our design team today!

Since my start here at AgileBits four years ago I’ve been designing everything from software interfaces to our booths at Macworld Expo. It’s been an ever-increasingly wonderful and daunting task. As time has gone by and we’ve created new products we have thought again and again about finding another designer to work with me. It is now that time. There are a few ways in which the right person could fit in here, so I’m going to start by talking a little bit about everything I do.

Web Design

We are very much a Ruby on Rails company. Our developers fell in love with Rails long before I joined up and continue to use and love it. Generally I mock things up in static HTML and CSS and leave wiring it all up to them (with quite a bit of back and forth, of course). It works out fairly well, but someone proficient in design and Rails to help take some of the load off me and the developers would be a huge help. HTML 5 and CSS 3 knowledge is a must in this area and JavaScript knowledge a big plus. This is the most likely area for you to fit in.

Ads and Graphic Design

This is by far the area with the least workload but still a very important one. We don’t do a ton of advertising but the occasional static banner ad, etc. comes across my virtual desk on average every few months. We’d also like to get some smaller badges/ads done for enthusiastic users and promoters (which I unfortunately haven’t gotten around to in quite a while). The only other thing in this area I’ve done is a couple Macworld Expo booth designs and pamphlets to pass out there which I don’t think we’ll be doing again anytime soon.

Software Interface Design

UI and UX take up the majority of my time. It’s also my favorite part of the job. I primarily mock things up in Photoshop and, when time permits, write it up in HTML and CSS to show interactivity. My almost entirely computer-illiterate family gets the privilege of being my sounding board. Having them around is an unbelievable help to me. The hope for me is that the right person joining us is going to give me more time to dedicate to this area.

Icon Design

Icon design is one of the areas that challenges me the most. It is incredibly difficult to make something beautiful at so many different sizes! Someone skilled in this area would be a huge boon to me. I have done my best here but end up relying heavily on stock art as a starting point in many cases. As much fun as it can be when I get it right, it would be nice to have someone with more of a specialty in this area.

Finishing Up (and how to contact me)

I’m not entirely sure if I’m looking for someone to almost completely take over one aspect of the design here at AgileBits or for someone that can help me do everything I do. A big part of the decision is going to be based on how well I think you will fit in here. We are an incredibly tight-knit group and there are a lot of challenges to working remotely that not everyone can handle. If you’re interested, I’d love to take a look at some examples of your work. The only real requirement here is a high level of skill and a real passion for design. Please send a brief introduction and link(s) to your portfolio to dan [at] agilebits [dot] com and I promise to get back to you as quickly as I can.

Edit: We are primarily looking for someone full time but depending on your abilities and situation part time is a possibility. I also briefly mentioned working remotely above. Just to be clear this is not a job that will require you to move anywhere. We all work from our homes (or coffeeshops, co-op spots, etc.) which can be both liberating and difficult at times.