#LayerUp with 1Password and Intel

May the 4th is World Password Day. That’s always an occassion to celebrate for us at AgileBits, and a great opportunity to remind everyone to get their passwords into shape. But this year is special: our friends at Intel have asked everyone to #LayerUp, and to help them out, we’re serving layer cake.

Like any cake that’s worth the calories, your security starts with a good strong base: your Master Password. But it shouldn’t stop there. Passwords can be guessed or stolen, and, this year, Intel is reminding everyone to protect themselves by using multiple layers of security, whether that’s with multi-factor authentication, or our own system of two-secret key derivation.

This might sound like a lot of work, but if you have a 1Password.com account, you are already protected by multiple layers of security. You don’t even need to do anything. Huh. Turns out you can have your cake and eat it.

Later today we’ll publish a follow-up post which will go into (much) more detail about how we bake our security layer cake and why. But first, it’s time for presents!

Get four months free when you sign up for 1Password

If you or someone you know hasn’t #LayerUp-ed yet, there’s never been a better time to do so. Not just because it’s World Password Day, but because it’s free! Get your first four months of a 1Password membership (for yourself or for your family) on us if you sign up today.

Sign up now to get your first four months free

Happy World Password Day!

1Password revisits the Today Show

My mom is always the first to whip out a business card and tell people all about how 1Password can make their lives easier. So when the Today Show reached out to us, we got to share a proud mom moment – 1Password on TV!

It’s been a few months since then, but I was still star-struck when Carley and her team contacted us again asking for a demo. Happily, your buddy Khad is as cool as a cucumber, and he answered all their questions and helped them get set up.

1Password is recommended by the Today ShowWhile it appeared that Kathie Lee and Craig were having one of those days, Carley got their full attention as soon as she mentioned passwords. (Even Kathie Lee knows you should have a different password for every account!) Carley talked about our password generator, and how you can use it to make each password unique.

Craig brought up a concern about someone getting access to the data, but once again, Carley knew that 1Password uses encryption to keep your data safe. Hopefully Craig takes advantage of Watchtower to look for repeat passwords and get them changed ASAP!

A big shout out to Mobicip, Bouy Health, and Safetrek. It was great sharing the screen with you! And a huge thank you to Carley and her team. You’re helping us keep people safe, 1Password at a time. ☺️

Friends (Still) Don’t Let Friends Reuse Passwords

A good friend once said that friends don’t let friends reuse passwords. This sage advice is as true now as it was then. Perhaps even more so.

This week we were once again reminded why reusing passwords is a very bad idea. Yahoo! just announced that its entire database of users was breached way back in 2014, resulting in over 500 million logins being sold on the black market.

These login details contain enough information for an attacker to discover your Yahoo! password, and if you’re using this same password on other web sites, they will be able to log in as you on those sites as well.

Depending on how many Yahoo! services you depend on (such as Flickr), you may or may not be alarmed, but if you reused your password on other websites, you really should be.

Password reuse is scary

I’ve had a Yahoo! account for longer than I care to admit. I believe I created mine in 1999. Times were simpler back then and I didn’t have anything that needed to be protected – or so I thought.

I didn’t take my security that seriously at the time so I did what I always did for all my accounts and signed up using the one single password that I used everywhere: 909at89.

After a while, I stopped using Yahoo but I continued reusing my password wherever I went. Years later my Yahoo! account was broken into and I got lucky – the thief only cared about sending spam and never bothered to change my password to lock me out. 1Password was a daily part of my life by that time so I updated my Yahoo! password to NigEAKnb6cfaEpqKxWDGJPVi7Ld and moved on.

My Yahoo! account was now safe but my silly old password still survived on many other websites. I even used my ridiculously weak password for the company web server that was setup before 1Password even existed.

Even though I had already changed my Yahoo! password, the thief could have easily taken over my other accounts. If I was “famous”, things could have turned out much differently.

Protecting Yourself

If you have a Yahoo! account it’s time to fire up the Strong Password Generator and change your password to one that’s unique to Yahoo! and Yahoo! alone.

Generate strong password for Yahoo!

This a good first step and it’s only the beginning. The next step is to find all the other sites where that password was used and update them as well. You can use 1Password to search for your original password and update every site that matches.

You can also use Security Audit to find other reused passwords. And while you’re there you might as well check the Weak Passwords section to see which sites have lame passwords. You might be surprised at what you find ?

Protecting Your Team and Business

The scariest part of password reuse is it becomes second nature and before long reused passwords start appearing in unexpected places. The website you thought was protected ends up being an open door.

This is exactly what happened to me before 1Password existed and I shudder at what could have happened if I didn’t change my ways. I would feel terrible if anything ever happened to my colleagues as the result of me reusing passwords. Part of my responsibility of being on any team is using strong passwords like these:

 A strong, unique password 

As 1Password user, you already know that having unique passwords like this for every site is super simple – it’s literally easier to be secure with 1Password than being insecure without it.

When you’re on a team it’s not enough just for you to follow safe password practices. Your teammates might be reusing passwords because they believe it’s easier, putting the entire team in danger.

If your team is reusing passwords, emailing them to each other, or collecting them in an Excel spreadsheet, you’re likely to be in the news in the future – and not for the right reasons! ?

This is why we created 1Password Teams – to help you and your entire team make doing the right thing the easy thing. With 1Password Teams, everyone in your team can be the strongest link.

As luck would have it, our Teams special launch special is still available: until October 15th you and your entire team will get all the features of our Pro plan for the very low price of the Standard plan. If your team isn’t using 1Password already, be a hero and sign your team up.

The internet has come a long way in the last 20 years and we all need to evolve our security practices to stay safe, both in our personal and professional lives. Bad habits that we learned years ago simply have no place today.

All this talk of password reuse and reminiscing has me feeling nostalgic. It’s time I reach out to my dear old friend and thank him for inspiring today’s post. ❤️

Cyber Security Sale!

US President Obama declared that October is Cybersecurity Awareness Month. As you can imagine, we’re pretty excited about this! Here at AgileBits, we believe that every month is Cyber Security Awareness month. Even better, others have joined President Obama’s initiative, from Canada’s oldest university to the entire country of Belgium. All around the world, universities, corporations, and governments are recognizing the critical importance of online security. This is really fantastic news for everyone.

Are you doing everything you can to protect your most important information? If you’re not already using 1Password and taking advantage of its strong, AES 256-bit encryption, today’s a great day to start.

We want to make it easy for you to keep your digital information secure. That’s why, for a limited time, we are taking 40% off all of 1Password apps. That includes Mac, Windows, the Pro Features in 1Password for iOS and the Premium Features in 1Password for Android. Please join our celebration of increasing cyber security awareness around the globe by protecting yourself and your friends and family.

Import your MacHeist nanoBundle 2 licenses to 1Password

imgboard-temp.jpgSo you just scored some great software for an insanely low price at MacHeist, and now you’re wondering if it’s possible to import the licenses for those apps into 1Password for safe keeping down the road.

Fortunately, it’s possible.

The MacHeist ninjas just added a downloadable 1Password Interchange File (or 1Pif for short) to your account. Sign into the site, and you can download this file that contains your licenses, and import it into 1Password with our handy dandy Import Assistant. Go to File > Import, and choose the first option (1Password Interchange File) from the Import Format menu. Browse to the 1Pif file you downloaded from MacHeist, which should look like a folder. Select the data.1pif file, and click Start Import. You should see a list of the app licenses you’re about to import, and they should all be checked. If so, click Import and you’re all set!

For bonus points: download and install all of the apps you scored through MacHeist first. After you import your 1Pif into 1Password, go to Help > Tools > Update Existing Software Licenses. This will make 1Password find apps on your drive and grab their icons for your license entries.

1Password touch/Pro 2.4 hack and slash bugs

1Password touch and 1Password touch Pro 2.4 are live in the iTunes App Store! These aren’t groundbreaking releases that will forever change the way you do anything, but they do fix a few bugs that appeared in 2.3.

Most notably, the “generated passwords won’t save” bug is now quite dead. Problems with auto-rotation, displaying wallet and account items, wrapping text in notes, and backup files were also squashed.

You can get the 2.4 update from the App Store on either your device or in iTunes on your Mac or PC.

Chrome tip: our 1Password alpha extension updates itself!

Chrome_icon.jpg

***

Update! Check here for updated news on the Chrome extension, it’s come a long way!

***

We’ve had a bunch of great feedback in our Chrome extension forum from 1Password users willing to help us test our alpha Chrome extension – thanks folks!

For those just tuning in: yes, we have an alpha version of a 1Password extension for Google Chrome that you can help us test. This blog post has instructions for getting setup and where to post feedback. Just keep in mind: it’s an alpha, so it is nowhere near feature-complete, and it can be rough around the edges (sometimes rougher than a beta!).

Since releasing out alpha Chrome extension for testing, we’ve had some questions about how to get the latest and greatest version. To help clear things up, here is an answer that I think will please everyone: Chrome automatically gives you the latest and greatest version! Chrome auto-updates its extensions, and we made sure that our alpha extension works with that system.

According to a Google Chrome support document, “extensions automatically update whenever an update is available.” So you should be all set!

Thanks for helping us test our alpha extension for Google Chrome, and be sure to leave feedback in our Chrome extension forum and check out Chrome extension changelog for a list of fixes and new features!

1Password touch 2.3 is live in App Store!

1Pt 2-3.jpgYou waited patiently, and we worked diligently to bring you 1Password touch and 1Password touch Pro 2.3. It’s live in App Store now, so fire up iTunes or your i-device and get downloading!

This is a pretty major update that brings both 1Password touch versions in better feature parity with 1Password 3 for Mac. New in version 2.3 are dedicated Accounts and Software tabs to match the Mac version, and don’t forget, you can always customize the bottom tab bar to add the features you use most!

Also new is the option to reset the Master Password if you forgot it. Be warned, however, that if you forget your Master Password, we cannot help you retrieve it. Plus, resetting your Master Password will permanently delete all items that it protects. 1Password wouldn’t be a very secure app if your mischievous coworker, recent ex-boyfriend/girlfriend, or arch villain could just reset your Master Password and view all the items it encrypts, right?

Also new in 1Password touch and Pro 2.3 are copy-and-paste improvements while using the built-in browser, better WiFi sync instructions, a fix for restoring backups with Firefox, and logging into Gmail.com.

Interestingly, Apple must have loved our 1Password touch and Pro 2.3 update so much that it approved the new version the same day we submitted! No joke: we uploaded the new versions to iTunes Connect at about 2am Friday morning (yea, that’s right, we work practically around the clock out of love for y’all!), and they were approved and in the store by around 4pm, if not a little earlier. This is great news, and I’ve heard some of the same stories while saying hi to customers and other developers on the floor at Macworld Expo, too. This apparent change in policy has our team pretty excited, so stay tuned for more frequent updates to 1Password touch!

Now run, don’t walk, and grab 1Password touch and 1Password touch Pro 2.3 in App Store!

Google Chrome beta for Mac gained extensions, and we're on it!

***

Update! Check here for updated news on the Chrome extension, it’s come a long way!

***

Chrome_icon.jpg

Good news, everyone! Google has just released a major update to Chrome for Mac with the feature we’ve all been waiting for: a new icon!

No, a redesigned back button! Er, more scrolly scrollbars?

Wait, that can’t be right… oh yes! Extension support! You can now grab a copy or read more about this release on Google’s Chrome Blog.

Rest assured, we’re just as excited about extensions in Google Chrome for Mac as you are! To celebrate this release, we’ve locked our developers in our dungeon “basement” to “motivate” them to bring a much-updated version of our alpha 1Password extension for Chrome. In the meantime, for those who upgrade right away, some early testing shows that our extension works in the new Chrome beta. So if you just can’t wait, and if you’re ok with using unfinished software, you can help us test our 1Password alpha extension in the new Google Chrome for Mac beta right now.

I don’t have an ETA to share just yet on when we’ll have a major Chrome extension update for you. These things can take time, so we appreciate your patience! But I can tell you that we’re crackin’ our whips on our developers. As soon as we have something for you, you’ll hear about it on our @1Password Twitter account and here on the blog!

Off to Macworld Expo 2010, and a mention in Macworld!

Macworld mention Protect your Mac.jpg

Are you going to Macworld Expo 2010? We are! While we don’t have a booth this year, Agile team members Gita Lal, Marty Skinner, Cindy Compton, and I will be combing the show floor and hitting the parties. Gita, Cindy, and I are on Twitter (@justg, @macpug and @chartier, respectively), so we’ll tweet what and where we’re up to either from our personal accounts or @1Password. Feel free to come say hi and chat about 1Password and AllBookmarks!

And now, I have a question for you: is there a better Macworld Expo send-off for an indie Mac software company than a mention in Macworld magazine? Perhaps. But there’s no way we could afford a bunch of laser pyrotechnic gear and a Neil Diamond appearance on such short notice, so I’m going to have to go with “no.”

Thanks to a tip from 1Password user and avid Twitterer Michael Pratchard, I picked up the March issue of Macworld to find that 1Password was indeed mentioned on page 34! In an article titled “Protect your Mac,” Rich Mogull lists 1Password among other tools and techniques for safeguarding your Mac and the precious data it contains. Rich likes our password management and browser filling features, but he also recommends 1Password’s Strong Password Generator tool for creating extremely strong passwords to take your Internet and personal identity security to the next level.

The article is definitely worth a read, and we’re not just saying that because we’re in it. Honest! It never hurts to brush up on new ways to protect yourself both on and offline these days. Plus, the rest of the issue discusses digitizing your photo collection, Apple’s rocky relationship with AT&T, Google Chrome, some App Store standouts, and more, so run out and snag a copy.

Thanks for the mention Rich, and we hope to see you, dear 1Password users and readers, at Macworld Expo!