Featured image: Founders' Desk, Dave

Friends (Still) Don’t Let Friends Reuse Passwords

A good friend once said that friends don’t let friends reuse passwords. This sage advice is as true now as it was then. Perhaps even more so.

This week we were once again reminded why reusing passwords is a very bad idea. Yahoo! just announced that its entire database of users was breached way back in 2014, resulting in over 500 million logins being sold on the black market.

These login details contain enough information for an attacker to discover your Yahoo! password, and if you’re using this same password on other web sites, they will be able to log in as you on those sites as well.

Depending on how many Yahoo! services you depend on (such as Flickr), you may or may not be alarmed, but if you reused your password on other websites, you really should be.

Password reuse is scary

I’ve had a Yahoo! account for longer than I care to admit. I believe I created mine in 1999. Times were simpler back then and I didn’t have anything that needed to be protected – or so I thought.

I didn’t take my security that seriously at the time so I did what I always did for all my accounts and signed up using the one single password that I used everywhere: 909at89.

After a while, I stopped using Yahoo but I continued reusing my password wherever I went. Years later my Yahoo! account was broken into and I got lucky – the thief only cared about sending spam and never bothered to change my password to lock me out. 1Password was a daily part of my life by that time so I updated my Yahoo! password to NigEAKnb6cfaEpqKxWDGJPVi7Ld and moved on.

My Yahoo! account was now safe but my silly old password still survived on many other websites. I even used my ridiculously weak password for the company web server that was setup before 1Password even existed.

Even though I had already changed my Yahoo! password, the thief could have easily taken over my other accounts. If I was “famous”, things could have turned out much differently.

Protecting Yourself

If you have a Yahoo! account it’s time to fire up the Strong Password Generator and change your password to one that’s unique to Yahoo! and Yahoo! alone.

Generate strong password for Yahoo!

This a good first step and it’s only the beginning. The next step is to find all the other sites where that password was used and update them as well. You can use 1Password to search for your original password and update every site that matches.

You can also use Security Audit to find other reused passwords. And while you’re there you might as well check the Weak Passwords section to see which sites have lame passwords. You might be surprised at what you find 🙂

Protecting Your Team and Business

The scariest part of password reuse is it becomes second nature and before long reused passwords start appearing in unexpected places. The website you thought was protected ends up being an open door.

This is exactly what happened to me before 1Password existed and I shudder at what could have happened if I didn’t change my ways. I would feel terrible if anything ever happened to my colleagues as the result of me reusing passwords. Part of my responsibility of being on any team is using strong passwords like these:

 A strong, unique password 

As 1Password user, you already know that having unique passwords like this for every site is super simple – it’s literally easier to be secure with 1Password than being insecure without it.

When you’re on a team it’s not enough just for you to follow safe password practices. Your teammates might be reusing passwords because they believe it’s easier, putting the entire team in danger.

If your team is reusing passwords, emailing them to each other, or collecting them in an Excel spreadsheet, you’re likely to be in the news in the future – and not for the right reasons! 🙂

This is why we created 1Password Teams – to help you and your entire team make doing the right thing the easy thing. With 1Password Teams, everyone in your team can be the strongest link.

As luck would have it, our Teams special launch special is still available: until October 15th you and your entire team will get all the features of our Pro plan for the very low price of the Standard plan. If your team isn’t using 1Password already, be a hero and sign your team up.

The internet has come a long way in the last 20 years and we all need to evolve our security practices to stay safe, both in our personal and professional lives. Bad habits that we learned years ago simply have no place today.

All this talk of password reuse and reminiscing has me feeling nostalgic. It’s time I reach out to my dear old friend and thank him for inspiring today’s post. ❤️

Shield Security header

Cyber Security Sale!

US President Obama declared that October is Cybersecurity Awareness Month. As you can imagine, we’re pretty excited about this! Here at AgileBits, we believe that every month is Cyber Security Awareness month. Even better, others have joined President Obama’s initiative, from Canada’s oldest university to the entire country of Belgium. All around the world, universities, corporations, and governments are recognizing the critical importance of online security. This is really fantastic news for everyone.

Are you doing everything you can to protect your most important information? If you’re not already using 1Password and taking advantage of its strong, AES 256-bit encryption, today’s a great day to start.

We want to make it easy for you to keep your digital information secure. That’s why, for a limited time, we are taking 40% off all of 1Password apps. That includes Mac, Windows, the Pro Features in 1Password for iOS and the Premium Features in 1Password for Android. Please join our celebration of increasing cyber security awareness around the globe by protecting yourself and your friends and family.

Import your MacHeist nanoBundle 2 licenses to 1Password

imgboard-temp.jpgSo you just scored some great software for an insanely low price at MacHeist, and now you’re wondering if it’s possible to import the licenses for those apps into 1Password for safe keeping down the road.

Fortunately, it’s possible.

The MacHeist ninjas just added a downloadable 1Password Interchange File (or 1Pif for short) to your account. Sign into the site, and you can download this file that contains your licenses, and import it into 1Password with our handy dandy Import Assistant. Go to File > Import, and choose the first option (1Password Interchange File) from the Import Format menu. Browse to the 1Pif file you downloaded from MacHeist, which should look like a folder. Select the data.1pif file, and click Start Import. You should see a list of the app licenses you’re about to import, and they should all be checked. If so, click Import and you’re all set!

For bonus points: download and install all of the apps you scored through MacHeist first. After you import your 1Pif into 1Password, go to Help > Tools > Update Existing Software Licenses. This will make 1Password find apps on your drive and grab their icons for your license entries.

1Password touch/Pro 2.4 hack and slash bugs

1Password touch and 1Password touch Pro 2.4 are live in the iTunes App Store! These aren’t groundbreaking releases that will forever change the way you do anything, but they do fix a few bugs that appeared in 2.3.

Most notably, the “generated passwords won’t save” bug is now quite dead. Problems with auto-rotation, displaying wallet and account items, wrapping text in notes, and backup files were also squashed.

You can get the 2.4 update from the App Store on either your device or in iTunes on your Mac or PC.

Chrome tip: our 1Password alpha extension updates itself!



Update! Check here for updated news on the Chrome extension, it’s come a long way!


We’ve had a bunch of great feedback in our Chrome extension forum from 1Password users willing to help us test our alpha Chrome extension – thanks folks!

For those just tuning in: yes, we have an alpha version of a 1Password extension for Google Chrome that you can help us test. This blog post has instructions for getting setup and where to post feedback. Just keep in mind: it’s an alpha, so it is nowhere near feature-complete, and it can be rough around the edges (sometimes rougher than a beta!).

Since releasing out alpha Chrome extension for testing, we’ve had some questions about how to get the latest and greatest version. To help clear things up, here is an answer that I think will please everyone: Chrome automatically gives you the latest and greatest version! Chrome auto-updates its extensions, and we made sure that our alpha extension works with that system.

According to a Google Chrome support document, “extensions automatically update whenever an update is available.” So you should be all set!

Thanks for helping us test our alpha extension for Google Chrome, and be sure to leave feedback in our Chrome extension forum and check out Chrome extension changelog for a list of fixes and new features!

1Password touch 2.3 is live in App Store!

1Pt 2-3.jpgYou waited patiently, and we worked diligently to bring you 1Password touch and 1Password touch Pro 2.3. It’s live in App Store now, so fire up iTunes or your i-device and get downloading!

This is a pretty major update that brings both 1Password touch versions in better feature parity with 1Password 3 for Mac. New in version 2.3 are dedicated Accounts and Software tabs to match the Mac version, and don’t forget, you can always customize the bottom tab bar to add the features you use most!

Also new is the option to reset the Master Password if you forgot it. Be warned, however, that if you forget your Master Password, we cannot help you retrieve it. Plus, resetting your Master Password will permanently delete all items that it protects. 1Password wouldn’t be a very secure app if your mischievous coworker, recent ex-boyfriend/girlfriend, or arch villain could just reset your Master Password and view all the items it encrypts, right?

Also new in 1Password touch and Pro 2.3 are copy-and-paste improvements while using the built-in browser, better WiFi sync instructions, a fix for restoring backups with Firefox, and logging into Gmail.com.

Interestingly, Apple must have loved our 1Password touch and Pro 2.3 update so much that it approved the new version the same day we submitted! No joke: we uploaded the new versions to iTunes Connect at about 2am Friday morning (yea, that’s right, we work practically around the clock out of love for y’all!), and they were approved and in the store by around 4pm, if not a little earlier. This is great news, and I’ve heard some of the same stories while saying hi to customers and other developers on the floor at Macworld Expo, too. This apparent change in policy has our team pretty excited, so stay tuned for more frequent updates to 1Password touch!

Now run, don’t walk, and grab 1Password touch and 1Password touch Pro 2.3 in App Store!

Google Chrome beta for Mac gained extensions, and we're on it!


Update! Check here for updated news on the Chrome extension, it’s come a long way!



Good news, everyone! Google has just released a major update to Chrome for Mac with the feature we’ve all been waiting for: a new icon!

No, a redesigned back button! Er, more scrolly scrollbars?

Wait, that can’t be right… oh yes! Extension support! You can now grab a copy or read more about this release on Google’s Chrome Blog.

Rest assured, we’re just as excited about extensions in Google Chrome for Mac as you are! To celebrate this release, we’ve locked our developers in our dungeon “basement” to “motivate” them to bring a much-updated version of our alpha 1Password extension for Chrome. In the meantime, for those who upgrade right away, some early testing shows that our extension works in the new Chrome beta. So if you just can’t wait, and if you’re ok with using unfinished software, you can help us test our 1Password alpha extension in the new Google Chrome for Mac beta right now.

I don’t have an ETA to share just yet on when we’ll have a major Chrome extension update for you. These things can take time, so we appreciate your patience! But I can tell you that we’re crackin’ our whips on our developers. As soon as we have something for you, you’ll hear about it on our @1Password Twitter account and here on the blog!

Off to Macworld Expo 2010, and a mention in Macworld!

Macworld mention Protect your Mac.jpg

Are you going to Macworld Expo 2010? We are! While we don’t have a booth this year, Agile team members Gita Lal, Marty Skinner, Cindy Compton, and I will be combing the show floor and hitting the parties. Gita, Cindy, and I are on Twitter (@justg, @macpug and @chartier, respectively), so we’ll tweet what and where we’re up to either from our personal accounts or @1Password. Feel free to come say hi and chat about 1Password and AllBookmarks!

And now, I have a question for you: is there a better Macworld Expo send-off for an indie Mac software company than a mention in Macworld magazine? Perhaps. But there’s no way we could afford a bunch of laser pyrotechnic gear and a Neil Diamond appearance on such short notice, so I’m going to have to go with “no.”

Thanks to a tip from 1Password user and avid Twitterer Michael Pratchard, I picked up the March issue of Macworld to find that 1Password was indeed mentioned on page 34! In an article titled “Protect your Mac,” Rich Mogull lists 1Password among other tools and techniques for safeguarding your Mac and the precious data it contains. Rich likes our password management and browser filling features, but he also recommends 1Password’s Strong Password Generator tool for creating extremely strong passwords to take your Internet and personal identity security to the next level.

The article is definitely worth a read, and we’re not just saying that because we’re in it. Honest! It never hurts to brush up on new ways to protect yourself both on and offline these days. Plus, the rest of the issue discusses digitizing your photo collection, Apple’s rocky relationship with AT&T, Google Chrome, some App Store standouts, and more, so run out and snag a copy.

Thanks for the mention Rich, and we hope to see you, dear 1Password users and readers, at Macworld Expo!

The Agile Cruise 2010

Team Agile Cruise.jpg

After releasing major upgrades to 1Password, 1Password touch, and AllBookmarks 4.0 in 2009, the Agile Web Solutions team decided it was time for some R&R! Many of us have never set sail on the seas, so a five-day Royal Caribbean cruise to Cozumel, Mexico and Belize City, Belize sounded like the perfect opportunity to relax, brainstorm, and get away from it all! As proof that we did actually take a vacation for once (while never straying too far from our customer support duties), we present some photos of a most excellent time had by all.

The Agile team members above who came along, from left to right, are: Chad Seldomridge, Jamie Phelps, Roustem Karimov (co-founder), Dan Peterson, Dave Teare (co-founder), Gita Lal, David Chartier, and Marty Skinner.

Navigator of the Seas.jpg

We sailed out of Miami, FL on January 25, 2010 on Royal Caribbean’s Navigator of the Seas, a beautiful 138,000 ton boat ship with 14 decks of relaxing, swimming, sunbathing, fine dining, exercising, dancing, and even ice skating goodness. Before you ask: no, Apple did not check with us before scheduling its iPad event during our vacation. Yes, we still feel a little sore about it.

Royal Promenade.jpg

The Navigator was described by some as “Las Vegas on a boat.” I haven’t been to Vegas yet, but I’m inclined to agree. This is the Royal Promenade on Deck 5, a collection of shops, bars, restaurants, and even some passenger cabins up above.

Jamie dolphin.jpg

Three from Agile’s team – Chad Seldomridge, Jamie Phelps, and I – took a dolphin “excursion” at the Chankanaab National Marine Park in Cozumel, Mexico. We got some training in basic signals that our dolphin, Lissy, would know, and we got to “shake hands” and swim with her for a couple of hours. We agreed that it was one of the coolest experiences of our lives.

Towel art.jpg

Royal Caribbean’s Stateroom Attendants can brighten your day with a couple of towels and a pair of sunglasses.

Working on vacation.jpg

Of course, what Royal Caribbean cruise is complete without a little work? Dave, Roustem (pictured) and the rest of the team occasionally sat down to check in with the support staff that proudly manned the bridge of the Agile Pearl of the Seas back home (that’s a little customer support + cruise humor there). We even managed to do some brainstorming, some company planning, we squashed a few bugs, and answer some support questions to make sure we didn’t get too comfortable with margaritas at 11am and the free ice cream station by the pools.

All in all, it was an incredible trip, and the first cruise for most of the Agile team. We returned refreshed and raring to build all the great things we plan to bring you in 2010. Gita, Marty, and I actually don’t have much time to settle back in at home. We ship off next week with fellow Agile ninja Cindy Compton for Macworld Expo 2010! Hope to see you there!

Help 1Password win About.com's Reader's Choice Award 2010!

About_com_Mac_logo.jpgWe’re honored that 1Password 3 was nominated for About.com’s 2010 Reader’s Choice Awards in the Best System Utility category! We’re up against some great competition like Default Folder X (which I personally use and love), MouseWizard, DaisyDisk, and MainMenu.

But as much as we love our fellow indie Mac apps, I do believe that it is our solemn duty to ruthlessly annihilate them in the spirit of friendly competition! If you love 1Password (even if it’s just the platonic kind of love – y’know, nothin’ weird), head over to About.com’s Best Mac System Utility nomination page and click on 1Password under the poll section to vote! And if you’re feeling particularly democratic, hit the main award voting page to vote on your favorite Mac apps across all categories.

I can’t find details of About.com’s voting rules, but if they’re anything like most other sites these days, you are probably allowed to vote once in each category per day that voting is open. The polls are open now and run through the end of February, so show 1Password some clicky love and help us win About.com’s Reader’s Choice Best Mac Utility of 2010 award!