1Password Developers Tease Planned Support for iOS 12 Password Manager API

Apple revealed during its WWDC keynote yesterday that among other features, iOS 12 will include a new Password Manager API that will be able to hook into third-party password manager apps installed on devices and offer up their stored passwords as suggestions to the user when they're prompted for login information.

Today, the makers of popular password manager service 1Password confirmed that it is already working on integrating its app with Apple's new API, and even offered its Twitter followers a teaser video of 1Password AutoFill in action.

The short clip shows a screen recording of a login prompt from the Apple ID website in Safari browser. As the user taps on the password field, the keyboard pops up and the password stored in 1Password appears in the QuickType suggestion bar, ready to select.


It's unclear at this time how soon 1Password will support the API integration after iOS 12 is publicly released in the fall, but users can rest assured the developers at AgileBits are "very excited about it" and will be "playing around with it very soon". Those looking to get a look in sooner can join the 1Password for iOS beta test program by following the steps outlined here.

In other security-related news, iOS 12 will also offer password suggestions within third-party apps, and will also keep track of passwords that have been reused, prompting users to create new ones.

In another welcome iOS 12 feature, one-time passcodes delivered via SMS text message will automatically appear as AutoFill suggestions on login screens, so users no longer have to concern themselves with reading the message, memorizing the code, and returning to the login screen to input them.


Related Roundup: iOS 12

Discuss this article in our forums

1Password 7 for Mac Launches Today With Redesigned Sidebar, Easier Access to Vaults, and Much More

Following two months of beta testing, AgileBits has announced that 1Password 7 for Mac is being released for all users today.


The latest version of the popular password manager is a major update with dozens of new features and improvements, including a new dark-themed, collapsible sidebar that makes it easier to use and manage password vaults.

Users can now access their vaults by clicking on "All Vaults" in the sidebar, with full drag-and-drop support to conveniently move or copy items from one vault to another, including between different accounts. Users can also drag items onto the "New Vault" menu item and one will be created automatically.


1Password 7 for Mac integrates with Have I Been Pwned? to securely check a user's passwords against a database of passwords that have been compromised in known data breaches, such as when a popular service or website is hacked.

The app's security-focused Watchtower feature can also identify any login items that support two-factor authentication and help users enable it on those websites. Watchtower can now also keep track of expiring items so users know in advance if they need to renew their credit cards, passports, licenses, and more.

1Password now helps users sign in to their favorite apps by showing them suggested logins for the app they are currently using. If a user is signing into the App Store, for example, they can click the 1Password icon in the menu bar to see their Apple ID and simply drag and drop their username and password to log in.


The app's redesign extends to the lock screen, login icons, tags, pop-out windows for items, and more, while there is a new custom font Courier Prime Bits, by Alan Dague-Greene, that makes it easier to view passwords.

A quick list of other changes from AgileBits:
  • Every pixel has been put under the microscope and polished for maximum upgradedness.
  • The new "pop-out" feature allows you to view an item in a window of its own and keep it handy.
  • Secure notes are now rendered using Markdown.
  • Quick Open allows you to quickly jump to your items or vaults (find it under the File menu).
  • A custom password font, all our own, courtesy of Alan Dague-Greene.
  • A new password strength meter.
  • Touch ID now leverages your computer's Secure Enclave, making it more secure than ever before.
  • Login items now have a gorgeous, custom rendered icon by default.
  • Remove duplicate items on a per-vault basis by clicking Help > Tools > Clean Up Duplicate Items.
  • Integration with Spotlight allows you to find your items using Apple's built-in search engine.
  • Nested tags allow you to up your organization: add tags with / in them and 1Password will break
    them down into groups.
  • Opt in to automatic updates and never be left behind again.
1Password is a popular tool for storing usernames, passwords, credit cards, addresses, notes, bank accounts, driver's licenses, passports, and more behind one master password, with end-to-end encryption. A built-in password generator lets users create strong, unique passwords and memorizable pass-phrases.

1Password 7 for Mac is the first paid upgrade to the desktop version of the app in five years, meaning that users of previous versions will need to purchase a new license or subscription to use the new version.


Users with an active 1Password subscription, which start at $2.99 per month for individuals, can simply install 1Password 7 from the Mac App Store or AgileBits website and be ready to go. Otherwise, after installing the latest version, there is a prompt to sign up for a 1Password membership.

For those who wish to purchase a standalone license for 1Password 7 for Mac, licenses are available when 1Password is downloaded from the AgileBits website. Licenses are $49.99 for a limited time, and $64.99 after that. Licenses are per-person, per-platform, with macOS Sierra or later required.

The Mac App Store version of 1Password 7, rolling out today, is a new, separate app from the existing 1Password 6 listing, which has been removed, and is only available for users with 1Password subscriptions.


Discuss this article in our forums

Drafts 5 Overhauls Note-Taking App With New Themes, Editor Options and Action Features

A new version of Drafts, the simple note-taking app from Agile Tortoise, was released today. Drafts 5 stays faithful to its predecessor's primary goal of allowing users to quickly jot down text, thoughts, ideas, and notes, and builds on these functions by introducing a ground-up rewrite of the app with a raft of new features and customization options.

Agile Tortoise has opted to release Drafts 5 as a standalone app, which means it doesn't replace Drafts 4, but installs alongside it, allowing users to migrate previous drafts, actions and keyboard customizations from the earlier app.


Once they've done that, long-time users can look forward to new interface theming options – like the ability to switch between light and dark modes – and granular control of a host of draft appearance settings in the new editor. These include the ability to adjust margins, line height, line numbering, auto-correct, smart quotes/dashes, and more.

Drafts 5 also introduces new organization options with multiple tags, which can be used to filter the draft list and queries for all inbox, archived, and flagged drafts. Elsewhere, a new Focus mode disables the automatic creation of new drafts after a specific time period, allowing users to continue adding to drafts long after they were first created. Siri integration is another new addition in this version, so users can add a note to Drafts by just using their voice.

Elsewhere, there's enhanced support for inline syntax highlighting for several different types of markup, interactive to-dos, drag and drop support, multiple extended keyboards for grouping actions into categories, a new Action Directory, and automated backup. Small changes have also been made to improve the Apple Watch complication of Drafts 5, which allows dictation and note-taking from the wrist, as well as flagging and tagging of drafts.

The comprehensive list of changes and improvements can be found on the GetDrafts.com website. Drafts for iPhone, iPad and Apple Watch is a free download on the App Store [Direct Link], while Drafts Pro is a universal subscription ($20 per year / $2 per month) that unlocks more features. These include themes, custom icons, editing of actions, saving workspaces and more. According to the developer, Draft 4 will continue to be supported and available, so users can choose to migrate to Drafts 5 if and when they feel they are ready.


Discuss this article in our forums

1Password Integrates With ‘Pwned Passwords’ to Check if Your Passwords Have Been Leaked Online

Password management app 1Password this week got a new feature on the web, and developer AgileBits described it as a way for users to check and make sure that their passwords aren't "pwned passwords," or passwords that have been leaked online. While the launch is web-only right now, AgileBits said it will be coming to 1Password apps in the future.

1Password's new feature integrates with a newly updated service by Troy Hunt -- who previously created a breach notification service called Have I Been Pwned -- and securely and privately checks your passwords against more than 500 million passwords collected from various breaches.

This way, users can further ensure that their passwords saved within 1Password are as secure as possible, and if Hunt's new service surfaces a warning about compromised data, they can change to a new one without leaving 1Password.


Pwned Passwords originally launched as a feature within Have I Been Pwned last August, but Hunt has now updated it to version two and greatly expanded the amount of passwords indexed, originally starting with 320 million. For 1Password's integration, which is still just a proof of concept as of now, AgileBits said the feature is available today to everyone with a 1Password membership, and shared the following steps:
- Sign in to your account on 1Password.com.

- Click Open Vault to view the items in a vault, then click an item to see its details.

- Enter the magic keyboard sequence Shift-Control-Option-C (or Shift+Ctrl+Alt+C on Windows) to unlock the proof of concept.

- Click the Check Password button that appears next to your password.
Once you click "Check Password," 1Password will communicate with Hunt's service of indexed passwords, letting you know if yours exists in his database. As AgileBits pointed out, "If your password is found, it doesn't necessarily mean that your account was breached. Someone else could have been using the same password." Still, the company encouraged immediate action for any user who sees a confirmation of a password matching to Hunt's service.


In the announcement, AgileBits ensured that this communication with Pwned Passwords keeps user passwords "private and secure" because they are "never sent to us or his service." Hunt's service never receives the full password, and only requires the first five characters of each password hash. The developer stated, "we would never add it to 1Password unless it was private and secure."
First, 1Password hashes your password using SHA-1. But sending that full SHA-1 hash to the server would provide too much information and could allow someone to reconstruct your original password. Instead, Troy’s new service only requires the first five characters of the 40-character hash.

To complete the process, the server sends back a list of leaked password hashes that start with those same five characters. 1Password then compares this list locally to see if it contains the full hash of your password. If there is a match then we know this password is known and should be changed.
Hunt goes into more detail about Pwned Passwords in his own announcement post about the update to the service. AgileBits confirmed that it will be adding Pwned Passwords to its own security breach warning feature, called Watchtower, within 1Password apps "in future releases."


Discuss this article in our forums