1Password Updated With iPhone 6 and 6 Plus Support, Improved Touch ID Functionality

[AGKyle]

Not sure if this is a new "feature" but I've been copying everything into 1Password from Dashlane and one thing that was bugging me is anything past the first word in an account name was not automatically capitalized. Today I noticed that it's automatically capitalizing all words.

Now if we could just have some kind of auto-fill or predictive text on login names it'd be perfect, I'm getting tired of typing out my email address over and over again!

This is an interesting idea, but a complicated one to solve because of the encryption. To start to do predictive field filling we'd have to decrypt all of the data for that particular field. It would be a tad resource intense or we'd have to start maintaining a list of possible values for each field and encrypting that list. I'll pass this along to the team though!

Can't believe how many people would actually willingly take all their passwords to their most sensitive information about everything they do in their life, put them all in one CENTRAL PLACE and then just TRUST 'EM not to share their info... CRAZY. Sorry guys you're going to have to do better than just tell me everything is going to be ok, and promise me that everything is encrypted and you don't have access... prove it

Just because you see one thing on the screen don't think they can't do something else. Just because they say everything is encrypted and they don't store it, DOES NOT mean it's true. You can't tell what the code is doing in the background - no one can. That's what makes an app like this inherently dangerous.

Actually you can prove it yourself by using any type of firewall software that forces you to allow or disallow access. You can also use security software that shows you all traffic coming and going from your computer. Wireshark for example.

https://learn2.agilebits.com/1Password4/Security/privacy.html

A trial of Little Snitch would show you every connection that 1Password makes to the outside world. The above link is slightly out of date since a few things like documentation locations has changed but generally the above information is still accurate.

I realize it's hard to believe someone that you don't know. But we use the software ourselves and we're some very security conscious people. We wouldn't use our own software if we were putting ourselves at risk in the process. We'd fix those issues immediately and continue using the software. That's how this whole thing works for us. We use it because we trust it and believe in it.

If we were sending your information elsewhere, and as popular as we are, someone would've called us out on it and it would be big news. All of the things you're looking for are provable without us telling you anything, you just have to run the right software and analyze it, which people have done. If we were lying it would be known. Fact is, we aren't lying about it and that's why no one has called us out on it.

I'm happy to answer your questions and if you wish we can do it privately.

 

[miniyou64]

I'm happy to answer your questions and if you wish we can do it privately.

Kyle,
I genuinely appreciate your reply. I really don't have that much of a problem with the products you guys offer, they look great, it's more the blind trust that I see with which consumers don't realize that these things are issues and are just ready to hand over all their security for convenience without realizing the potential ramifications.

 

[iRock1]

I can certainly pass your requests along. I didn't mean to make it sound like you were thinking it was a wave of the hands and it's available type of thing. I know you likely know that isn't the case, but I seen it as a great opportunity to explain a bit more about why we don't just add more sync services as we get requests.

The majority of the team here at AgileBits uses Dropbox, I don't see that changing anytime soon either. If we didn't think we could trust our data sitting in Dropbox we wouldn't make it available as an option. I believe that a lot of people are gun-shy about syncing to Dropbox (or iCloud) but the fact that we are syncing to them should be a pretty big deal for those who don't trust them. We know how the technology works and knowing all of what we know we still sync to Dropbox, that should be an endorsement for security at least. We don't pick favorites, but the endorsement should be that "1Password data is safe in the cloud" with the caveat that you use a strong master password.

What are your feelings on other solutions that are private cloud based, like OwnCloud and File Transporter? Or standardizing on an API like OmniPresence? These might be more likely than just standard webdav and webdav is far more likely than SFTP. Writing our own SFTP library doesn't sound like fun As much as we love the folks at Panic for the work they've done with Transmit I'm not sure we want to follow in their shoes.

Actually, OwnCloud would be the perfect sweet spot IMHO. You implement that sometime in the near future and I include you guys in my testament. For real.

Regarding Dropbox – I understand that you trust and like the service. And you probably have enough technical knowledge to know it'll live up to your expectations, without compromising your privacy nor your security.

HOWEVER, we thought the same about Apple, and Google, and Microsoft, and Yahoo for years, only to discover one day that things in the cloud weren't as secure as we thought they were (or at least as everybody wanted us to believe).

Call me paranoid, but in a post-Snowden era, the only cloud I really trust, specially if it's going to store my passwords, is my own.

 

[AGKyle]

Kyle,
I genuinely appreciate your reply. I really don't have that much of a problem with the products you guys offer, they look great, it's more the blind trust that I see with which consumers don't realize that these things are issues and are just ready to hand over all their security for convenience without realizing the potential ramifications.

Understood. It's a good thing to be cautious of things like this, but I definitely felt like you were picking pretty deeply at us specifically so I wanted to make sure that if you had any questions about this you could get them answered.

Actually, OwnCloud would be the perfect sweet spot IMHO. You implement that sometime in the near future and I include you guys in my testament. For real.

Regarding Dropbox – I understand that you trust and like the service. And you probably have enough technical knowledge to know it'll live up to your expectations, without compromising your privacy nor your security.

HOWEVER, we thought the same about Apple, and Google, and Microsoft, and Yahoo for years, only to discover one day that things in the cloud weren't as secure as we thought they were (or at least as everybody wanted us to believe).

Call me paranoid, but in a post-Snowden era, the only cloud I really trust, specially if it's going to store my passwords, is my own.

I'm not sure if we'll ever support OwnCloud, it was merely an inquiry to gauge what your thoughts were. I don't even think we've looked at their API at all to even see if it's feasible. I'd say we're far more likely to support OmniPresence and File Transporter than OwnCloud though. Primarily because OmniPresence has been battle tested by OmniGroup and File Transporter is a plug and play private cloud. I don't think the percentage of users that would be capable of setting up and maintaining their own OwnCloud instance is very high

I'll pass your feedback along to the developers though! Thanks for the insightful response

 

[iRock1]

Understood. It's a good thing to be cautious of things like this, but I definitely felt like you were picking pretty deeply at us specifically so I wanted to make sure that if you had any questions about this you could get them answered.







I'm not sure if we'll ever support OwnCloud, it was merely an inquiry to gauge what your thoughts were. I don't even think we've looked at their API at all to even see if it's feasible. I'd say we're far more likely to support OmniPresence and File Transporter than OwnCloud though. Primarily because OmniPresence has been battle tested by OmniGroup and File Transporter is a plug and play private cloud. I don't think the percentage of users that would be capable of setting up and maintaining their own OwnCloud instance is very high



I'll pass your feedback along to the developers though! Thanks for the insightful response

Hopefully the latest news on Dropbox give you a more authentic vision on the reality of the so called "cloud" and its risks.

Regarding File Transfer and OmniPrescence, honestly I'm not familiar with them. Not sure about the level of customization and privacy they offer.

Also, while obviously you have the last word on which services to support, I don't like the "that's too difficult for users to mount and maintain" excuse. The internet – if you haven't realized – is changing and so it is the way people use it. Now we have Anonaboxes, a wider adoption of Tor, users who are more conscious about their privacy, etc. My theory is that, after all the crap the poor internet has been through lately, users are willing to do things differently and take an extra step if that helps protecting their rights.

And beyond that, mounting a private server with OwnCloud it's not that difficult – actually is super easy, just that is not as popular as Dropbox.

Not that I didn't understand the point when you said you would pass this suggestion to developers, or that implementing these things – and even decide wether or not to implement something – takes time. However, I hope the latest reports on Dropbox reinforce my point and illustrate it better.

Finally, I think it's not a matter of passing the suggestion to the developers and ask them if it's technologically possible to support some service. As I see it, it's a big discussion that should be happening inside the 1P's core staff. It's about how the app works and how it will confront the new difficulties and challenges that the internet and the software industry face today. You could forever be the nice and friendly app that requires no effort to setup anything, or make a statement and turn into the password manager that cares about people's rights and, at least, offer one alternative for the privacy and security conscious user.

Cheers!

 

[AGKyle]

Hopefully the latest news on Dropbox give you a more authentic vision on the reality of the so called "cloud" and its risks.

Regarding File Transfer and OmniPrescence, honestly I'm not familiar with them. Not sure about the level of customization and privacy they offer.

Also, while obviously you have the last word on which services to support, I don't like the "that's too difficult for users to mount and maintain" excuse. The internet – if you haven't realized – is changing and so it is the way people use it. Now we have Anonaboxes, a wider adoption of Tor, users who are more conscious about their privacy, etc. My theory is that, after all the crap the poor internet has been through lately, users are willing to do things differently and take an extra step if that helps protecting their rights.

And beyond that, mounting a private server with OwnCloud it's not that difficult – actually is super easy, just that is not as popular as Dropbox.

Not that I didn't understand the point when you said you would pass this suggestion to developers, or that implementing these things – and even decide wether or not to implement something – takes time. However, I hope the latest reports on Dropbox reinforce my point and illustrate it better.

Finally, I think it's not a matter of passing the suggestion to the developers and ask them if it's technologically possible to support some service. As I see it, it's a big discussion that should be happening inside the 1P's core staff. It's about how the app works and how it will confront the new difficulties and challenges that the internet and the software industry face today. You could forever be the nice and friendly app that requires no effort to setup anything, or make a statement and turn into the password manager that cares about people's rights and, at least, offer one alternative for the privacy and security conscious user.

Cheers!

I think it's far too early to tell what happened with Dropbox. For all we know the list of compromised accounts came from another hack (look at shellshock and heartbleed as recent examples of where these could've come from). Just because they are Dropbox accounts does not mean that Dropbox itself was hacked. Dropbox uses an email and a password to login. As mentioned in this thread and many others, the goal of 1Password is to help users use unique passwords for each website. If a list of usernames and passwords were acquired from another site and the users used the same email / password combo then there you have it, a reasonable answer to the question.

This happens a lot actually, so it wouldn't surprise me at all if Dropbox is in the clear on this and that another site or sites were compromised and that's where the list came from.

The lesson I think to learn from the whole Dropbox thing is that it's often best to wait and see what actually happened rather than jumping to conclusions before anyone has had a chance to review and attempt to determine what actually happened.

We do offer Wifi sync between Mac/PC and iOS, that's as private as it can get without directly wiring in via USB. For users who want to sync Mac to Mac or Mac to PC or PC to PC you can use Folder Sync. We offer private solutions already, they may not be cloud based but they are private and secure.

Sorry I can't go into things more at the moment, it's another busy week and we're likely to have a lot of questions come in about the Dropbox thing, much like you inquiring about it.

Edit: Looks like that's exactly what happened:

Dropbox has sent us the following statement: Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We'd previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.

http://arstechnica.com/security/2014/10/7-million-dropbox-usernamepassword-pairs-apparently-leaked/

This is a stellar example of how using unique passwords for each account would be better than using the same password. Exactly what we've been asking users to do for years

 

[ddublu]

Kyle,

It's great that you are active in these forums. Much appreciated. First time 1PW user as of today. Coming from LastPass but only in the sense of autofill. Have decided to go all in with a pw manager across all logins. I have a few questions:

1. How do I manage a personal and work dropbox using 1PW? It allowed me to create a new pw for my personal but wouldnt give the option for the work one.

2. How are apps like Outlook/Skype/etc. handled given they aren't web-based?

3. When I downloaded the app for Mac and iOS it only prompted me for a master pw....what is 1PW using to determine I am me? Meaning, no username?

4. How do I utilize multiple Google logins (accounts.google.com, youtube, and anything else I use Google to login into via 1PW?

Thanks!

 

[AGKyle]

Kyle,

It's great that you are active in these forums. Much appreciated. First time 1PW user as of today. Coming from LastPass but only in the sense of autofill. Have decided to go all in with a pw manager across all logins. I have a few questions:

1. How do I manage a personal and work dropbox using 1PW? It allowed me to create a new pw for my personal but wouldnt give the option for the work one.

2. How are apps like Outlook/Skype/etc. handled given they aren't web-based?

3. When I downloaded the app for Mac and iOS it only prompted me for a master pw....what is 1PW using to determine I am me? Meaning, no username?

4. How do I utilize multiple Google logins (accounts.google.com, youtube, and anything else I use Google to login into via 1PW?

Thanks!

My pleasure! For me it's a great way to interact with a few more users and potential users than what I normally get to experience in our support queues. So I'm happy to contribute

Lets get to your questions!

1. So, this is fairly straight forward but I'm not totally sure if you're using iOS or Mac or both so I'm going to approach it from both angles just to try to cover the bases.

On Mac, you can just save the first one, whichever it is and 1Password should automatically ask to save the data. Then log out and repeat but with the other account, it should then ask to save again.

For sites that do not ask to save, you can manually save using this:

https://guides.agilebits.com/1password-for-mac-knowledgebase/4/en/topic/saving-a-login-manually

For changing passwords that are already in 1Password, you can use the password generator to generate the new password, copy and paste the old one in, sometimes choosing the login will also work fine, really depends on the site. Once you have the old and new password entered you can save on the page. You should get a request to update the login in 1Password. Just make sure you choose the correct login from the list before saving.

If it doesn't ask to update, then when you generated the password it copies to the clipboard automatically. Just paste the new password in overtop of the old one in the app and save.

On iOS it's a bit more manual. I do this:

1) Open the login item in the app
2) Using 1Browser I login and goto the change password page
3) Go back to the login item and generate a new password (edit, then tap the key icon near the password field). Save it.
4) Copy it and paste it into the page in 1Browser
5) Update it on the page by clicking the change password button or save button.

I tend to prefer updating passwords on the Mac as it's a little less clicky but you may have your own preference

2. Again, Mac or iOS isn't specified so I'll cover both.

Mac, copy and paste. We hope that we can provide extension support for this in the future but Yosemite doesn't currently allow it

iOS, if an app supports 1Password's App Extension we can fill in for you, just like in Safari but the developer does need to support it. You should put in a request with any app you want to support us.

If the app doesn't support it, copy and paste. You can copy and paste on iOS really easily by just tapping the password, you'll get a copy button that way. Or viewing a list of logins, just swipe from left to right on the item and you'll get a copy notification.

3. Your data is not stored on any servers, notably not ours, so your master password is used to encrypt the data locally. Since no servers are involved no username is needed.

You can optionally sync to Dropbox or iCloud, but again they will be your accounts so no username is needed for 1Password's data.

4. On Mac, edit the login and you can add additional webpage fields for each URL you wish to use that login information on. You can do the same on iOS.

Let me know if that helps!

 

[ddublu]

My pleasure! For me it's a great way to interact with a few more users and potential users than what I normally get to experience in our support queues. So I'm happy to contribute

Lets get to your questions!

1. So, this is fairly straight forward but I'm not totally sure if you're using iOS or Mac or both so I'm going to approach it from both angles just to try to cover the bases.

On Mac, you can just save the first one, whichever it is and 1Password should automatically ask to save the data. Then log out and repeat but with the other account, it should then ask to save again.

For sites that do not ask to save, you can manually save using this:

https://guides.agilebits.com/1password-for-mac-knowledgebase/4/en/topic/saving-a-login-manually

For changing passwords that are already in 1Password, you can use the password generator to generate the new password, copy and paste the old one in, sometimes choosing the login will also work fine, really depends on the site. Once you have the old and new password entered you can save on the page. You should get a request to update the login in 1Password. Just make sure you choose the correct login from the list before saving.

If it doesn't ask to update, then when you generated the password it copies to the clipboard automatically. Just paste the new password in overtop of the old one in the app and save.

On iOS it's a bit more manual. I do this:

1) Open the login item in the app
2) Using 1Browser I login and goto the change password page
3) Go back to the login item and generate a new password (edit, then tap the key icon near the password field). Save it.
4) Copy it and paste it into the page in 1Browser
5) Update it on the page by clicking the change password button or save button.

I tend to prefer updating passwords on the Mac as it's a little less clicky but you may have your own preference

2. Again, Mac or iOS isn't specified so I'll cover both.

Mac, copy and paste. We hope that we can provide extension support for this in the future but Yosemite doesn't currently allow it

iOS, if an app supports 1Password's App Extension we can fill in for you, just like in Safari but the developer does need to support it. You should put in a request with any app you want to support us.

If the app doesn't support it, copy and paste. You can copy and paste on iOS really easily by just tapping the password, you'll get a copy button that way. Or viewing a list of logins, just swipe from left to right on the item and you'll get a copy notification.

3. Your data is not stored on any servers, notably not ours, so your master password is used to encrypt the data locally. Since no servers are involved no username is needed.

You can optionally sync to Dropbox or iCloud, but again they will be your accounts so no username is needed for 1Password's data.

4. On Mac, edit the login and you can add additional webpage fields for each URL you wish to use that login information on. You can do the same on iOS.

Let me know if that helps!

Helps a ton...thanks. Few more...

1. When going to a website in Safari on my iPhone, the only way to get a password into the form is flipping back and forth between the browser window and 1PW? copy and paste?

2. With LastPass I could have sites automatically login upon landing on their page....not seeing where that is in 1PW.

3. Other than opening 1PW, when else does TouchID come into play to authenticate an app?

 

[AGKyle]

Helps a ton...thanks. Few more...

1. When going to a website in Safari on my iPhone, the only way to get a password into the form is flipping back and forth between the browser window and 1PW? copy and paste?

2. With LastPass I could have sites automatically login upon landing on their page....not seeing where that is in 1PW.

3. Other than opening 1PW, when else does TouchID come into play to authenticate an app?

1. If you're on iOS 8 you can use the Safari extension.

https://guides.agilebits.com/1password-ios/5/en/topic/extension

Otherwise, yes, either using 1Browser or copy and paste.

2. We don't believe that doing things for users like this is a good decision. We always want the control to be up to the user. We've built up our trust with our users by only doing things that they want when it comes to entering information into the page.

That said, there are ways to mimic what you want. If you use Go & Fill (i.e. clicking a link in the app) it'll goto the page and fill into the page, in most cases. Some sites may not cooperate with this though. You can also drag the item from the 1Password window into your browser's bookmark bar and accomplish the same thing. Finally, using tools like Launchbar or Alfred you can search your 1Password login items from these applications and it triggers Go & Fill as well.

3. With 1Password, all we do is authenticate when you open the application. I suppose other applications could do more with it, but you have to keep in mind that TouchID only gives a "Yes" or "No" response. You can't do much with it without complicating things a bit.

Let me know if you have any others or if I can clarify anything

 

[ddublu]

1. If you're on iOS 8 you can use the Safari extension.

https://guides.agilebits.com/1password-ios/5/en/topic/extension

Otherwise, yes, either using 1Browser or copy and paste.

2. We don't believe that doing things for users like this is a good decision. We always want the control to be up to the user. We've built up our trust with our users by only doing things that they want when it comes to entering information into the page.

That said, there are ways to mimic what you want. If you use Go & Fill (i.e. clicking a link in the app) it'll goto the page and fill into the page, in most cases. Some sites may not cooperate with this though. You can also drag the item from the 1Password window into your browser's bookmark bar and accomplish the same thing. Finally, using tools like Launchbar or Alfred you can search your 1Password login items from these applications and it triggers Go & Fill as well.

3. With 1Password, all we do is authenticate when you open the application. I suppose other applications could do more with it, but you have to keep in mind that TouchID only gives a "Yes" or "No" response. You can't do much with it without complicating things a bit.

Let me know if you have any others or if I can clarify anything

Forgot about the extension. I turned it on and moved it to the top. Problem is....it won't stay there. Keeps going to the back of the line. Have you seen that?

 

[AGKyle]

Forgot about the extension. I turned it on and moved it to the top. Problem is....it won't stay there. Keeps going to the back of the line. Have you seen that?

This is an iOS 8 bug. It happens with any extension and is not something the extension itself controls. We're hoping it gets resolved in the next update but it's up to Apple to fix. We wish we could do something about it though.

 

[ddublu]

This is an iOS 8 bug. It happens with any extension and is not something the extension itself controls. We're hoping it gets resolved in the next update but it's up to Apple to fix. We wish we could do something about it though.

Got it...what about autofill from the browser itself? Seems like an added layer of something that isn't needed with the use of 1PW....do you just clear them all and turn off?

 

[AGKyle]

Got it...what about autofill from the browser itself? Seems like an added layer of something that isn't needed with the use of 1PW....do you just clear them all and turn off?

Yea I turn it off in the settings app since I use 1Password for everything now. I used to have it enabled so that the most common sites I visited were saved, since the extension is a new feature in iOS 8. Now those are all turned off

 

[ddublu]

Yea I turn it off in the settings app since I use 1Password for everything now. I used to have it enabled so that the most common sites I visited were saved, since the extension is a new feature in iOS 8. Now those are all turned off

Same with desktop browser?

 

[AGKyle]

Same with desktop browser?

Yup, all disabled there as well since 1Password does it all for me. If they're enabled you get auto-save asking to save twice. Once from 1Password and once from Safari/Firefox/Chrome.

 

[BadaBing!!]

I'm curious of the length and complexity of your master 1P password.

 

[AGKyle]

I'm curious of the length and complexity of your master 1P password.

I won't give specifics but can be fairly general about it.

The strength of the password in 1Password is approximately 95-100% of the strength meter when typed into a Login item. Is 35+ characters in length, contains several numbers, letters of varying case, and several symbols. It takes me approximately 5-10 seconds to type it in on the computer as long as I don't mistype

On iOS it takes me a fair bit longer but I have both TouchID enabled and my iPhone passcode is 35+ characters in length as well (different than my 1Password master password, but the same as my OS X password).

Before I used to use a smaller 1Password master password, but that was because I had to type it in too frequently on iOS, now with TouchID I can more easily access 1Password without having to type it in as frequently. As a result I increased the length of my master password to increase its security.

Now, the passwords are what we call Diceware. Here's an example of one:

,,,689|rather|speed|take|give|354,,,

It was generated using: https://www.xkpasswd.net/c/index.cgi with default settings. As you can see, it's not overly complicated to type, but the security of these types of passwords is pretty great. You can read more here:

http://blog.agilebits.com/2011/06/21/toward-better-master-passwords/

and the geek edition here:

http://blog.agilebits.com/2011/08/10/better-master-passwords-the-geek-edition/

Plenty of fun stuff to read there

My biggest hold up at this point is the iPad.. having to type in the password on the iPad still is a bit of a pain point but hopefully we see TouchID there as well (tomorrow?), then I have to figure out how to afford one since I bought one last year like a crazy person who knew full well this year would have TouchID... *sigh*

I know that isn't super specific, but it should give some guidelines for how secure it is.

 

[ddublu]

I noticed something today....sometimes I will get a prompt for me to enter iTunes password....when that window pops up on my iPhone 6 (iOS 8.1 beta 2). I am not able to double click the home button to toggle and grab my Apple ID password. I am only able to close out but then I am not prompted for it again. Anyone seen this?

 

[AGKyle]

I noticed something today....sometimes I will get a prompt for me to enter iTunes password....when that window pops up on my iPhone 6 (iOS 8.1 beta 2). I am not able to double click the home button to toggle and grab my Apple ID password. I am only able to close out but then I am not prompted for it again. Anyone seen this?

Yea, happens to me when making purchases as well. You have to cancel out if you need to get in to another app to get your password. For this reason I actually remember several of my passwords:

1) My 1Password Master Password
2) My OSX and iOS password
3) My Dropbox password
4) My iTunes/iCloud password
5) My bank pin code

Everything else is more or less locked away in 1Password I use Diceware to make remembering 1-4 a lot easier.

 

[BadaBing!!]

I won't give specifics but can be fairly general about it.

The strength of the password in 1Password is approximately 95-100% of the strength meter when typed into a Login item. Is 35+ characters in length, contains several numbers, letters of varying case, and several symbols. It takes me approximately 5-10 seconds to type it in on the computer as long as I don't mistype

On iOS it takes me a fair bit longer but I have both TouchID enabled and my iPhone passcode is 35+ characters in length as well (different than my 1Password master password, but the same as my OS X password).

Before I used to use a smaller 1Password master password, but that was because I had to type it in too frequently on iOS, now with TouchID I can more easily access 1Password without having to type it in as frequently. As a result I increased the length of my master password to increase its security.

Now, the passwords are what we call Diceware. Here's an example of one:

,,,689|rather|speed|take|give|354,,,

It was generated using: https://www.xkpasswd.net/c/index.cgi with default settings. As you can see, it's not overly complicated to type, but the security of these types of passwords is pretty great. You can read more here:

http://blog.agilebits.com/2011/06/21/toward-better-master-passwords/

and the geek edition here:

http://blog.agilebits.com/2011/08/10/better-master-passwords-the-geek-edition/

Plenty of fun stuff to read there

My biggest hold up at this point is the iPad.. having to type in the password on the iPad still is a bit of a pain point but hopefully we see TouchID there as well (tomorrow?), then I have to figure out how to afford one since I bought one last year like a crazy person who knew full well this year would have TouchID... *sigh*

I know that isn't super specific, but it should give some guidelines for how secure it is.

Awesome answer, thanks!
I use a rather simple and short password so I'll move towards a better one

 

[ddublu]

Wow, Craig Federighi just mentioned you guys during the keynote today. Congrats!

 

[AGKyle]

Wow, Craig Federighi just mentioned you guys during the keynote today. Congrats!

Our entire team is watching the stream and seen it, was super awesome to see

For those of you who are curious, here's a few of my colleagues (and bosses) showing off our little stage sharing with Craig: https://twitter.com/dteare/status/522824527479189504

Thanks!

----------

Awesome answer, thanks!
I use a rather simple and short password so I'll move towards a better one

Anytime A good master password is definitely a good idea.

Let me know if you ever have any other questions. Happy to help

 

[ddublu]

Will you guys be updating the images in the login titles to higher res? I assume those are pulled from the website heading/favicon but wasnt sure if it was something you guys could override...

 

[BadaBing!!]

@AGKyle it would be nice to have the option to add tags when saving a new site in Chrome on Windows like you can do on OSX.

EDIT: I just saw there are no tags at all when on Windows ?!?