1Password 7: The interview

1Password on an iPhone X
1Password on an iPhone X (Image credit: iMore)

Subscribe via:

Follow on:


[background music]

Rene Ritchie: I'm Rene Ritchie, and this is "Vector."

Vector is brought to you today by Mint Mobile. Mint Mobile is like a traditional carrier, but there are no contracts, nothing to tie you down. You get the same premium wireless service for less. For example 5G of data for three months, for just $20 per month.

Right now, if you go to mintSIM.com and use promo code IMFREESHIP, you can get free first class shipping on any Mint Mobile purchase. Thank you, Mint Mobile.

Joining me today, I am thrilled to have Michael Fey. Michael, do you prefer being called by your actual name or by a nickname?

Michael Fey (Roo): Everyone internally calls me Roo, like internal to the company, and that's because my Twitter handle is Mr. Rooni, which people just people just shorten to Roo, internally. You'll probably hear Matt refer to me on the call as Roo.

You can do that. You could call me Michael. I will respond to almost anything, Rene.

Rene: Everybody should know who you are, but for people who aren't familiar, what do you do?

Roo: I am the team lead for 1Password for Mac and iOS at AgileBits.

Rene: Is this so Rustom and Dave can spend their time playing hockey instead of working on the app?

Roo: Yes, that's correct. We've removed their write access from the repo.


Roo: They are off doing bigger and better things. They are pursuing their passions.

Rene: Mike, IBM WebSphere jokes coming in a few seconds.

Roo: [laughs]

Rene: Do you have a nickname, too, Matt Davey?

Matt Davey: I don't, no. Just generally Matt. [laughs]

Rene: For people who aren't familiar, AgileBits and 1Password for a very long time had a Dark Lord of the Sith in charge of their design. I'm talking about Dan V. Patterson. He is both delightfully grumpy and I think just a little bit mean.


Rene: It's especially wonderful when he's sitting next to Jamie at Dubdub sessions and Jamie points out everything he's doing wrong with icons throughout the session.


Rene: But I feel like you're the Jedi now, like there's some sort of balance has been returned to the design force at the company. Is that correct?

Matt: Yeah, I think that's correct. I do like to see myself as some sort of light to his darkness. But no, he's very enjoyable to work with, I would say.

Rene: [laughs] I don't believe you. I think he's forcing you to say that.

Rene: [laughs]

Roo: Dan still does a lot of our Mac design work. He's actually been off with Dave working on a secret new project which you may have seen. We just announced yesterday, which is the 1Password X. That's the extension that runs in Chrome. It connects right to the 1Password.com service. It works on Linux. It works on Chrome OS.

It's a big new thing that they've been off skunkworking for a while now. It's finally gotten to see the light of day.

Rene: Everyone was betting big that this would be final-to-year when we saw 2Password. You're still holding off on it.


Roo: That's a bit of an internal joke. We will periodically talk about doing 2Password.


Rene: It's a multi-factor thing. I don't want to get into right now, but for the future.

There's a couple reasons I wanted to have you on today. One was you've just introduced a big new version of 1Password.

Also, I was speaking to you quite a lot recently because you shifted business models. Whenever that happens it feels like there's some segment of your audience which panics.

Sometimes they have legitimate reasons to panic, because we're humans and we don't like change. Other times it's maybe there's not enough communication, or maybe there's misunderstandings.

What was that process? What led to that process, and what was it like?

Passwords as a service

Roo: It's interesting. In some ways a good way to characterize it is that we've not so much changed our business model as we've added to our business model. By that, we've added the 1Password.com subscription model.

Truthfully, it was something that we'd backed into a little bit. If we step back and we look at the genesis of the 1Password.com service, it was something that we created for enterprise customers, for business customers.

We were constantly getting feedback from our customers saying things like, "Oh my gosh, I love 1Password, but I can't use it at work because you guys don't have an enterprise solution." There was only so much of that that we could take before we had to do something about it.

We started working on this 1Password.com service for businesses. We got, probably, about 90 percent of the way through the development of it and realized that we had created something that was really awesome for regular people, for families at that time. We're like, "Well, this is kinda great family product right now."

Rene: Are you talking about 1Password Teams, or is that a separate thing?

Roo: No, this is 1Password Teams.

Rene: We use the Mobile Nations, the company that I work for, we use that internally. It solved a bunch of issues for us, so I can see what you're talking about with this.

Roo: When 1Password Teams was 90 percent of the way there we realized that we had created 1Password Families. We're like, "Well, the feature set that we've finished, this is 1Password Families. This is a brand new product. We should launch this," and we did.

That was shortly followed by 1Password for individuals. There was definitely a little bit of fear...

Rene: I apologize, because I think you said something really important there and I want to dive into it. We started using 1Password Teams. We've been looking for something like this for a long time because we had a bunch of passwords.

For people not familiar with what I actually do for a living, I write for iMore, but I also manage iMore, Android Central. [inaudible 6:03] Nation is not there anymore. Windows Central. We are a bunch of different websites.

We have Twitter accounts, Instagram accounts, and YouTube accounts. All sorts of analytic accounts. There's a ton of passwords.

I'm ashamed to say it, Michael, but before 1Password Teams they were in a Google Doc, which is probably the worst thing you want to do with passwords, especially when you have employees who might need them, but then may no longer be with the company a week later. It was not tenable.

You announced 1Password Teams. We got in on the beta, and it solved all of those problems for us.

When we used it, it immediately was something that I wanted even for my own family. My mom has never used a password manager. My father has never used a password manager. They wanted my help with them.

My grandmother passed away a couple years ago. She was before the Internet, but we started thinking what happens if one of us is incapacitated or traveling and we need to reach these accounts.

Passwords have become so complex and password managers had not kept up. It sounds like that's what the problem you were addressing.

Roo: Absolutely, it was that exact thing. That systemic failure to have a good solution for how to share secure information among a group of people.

You guys could have set up a shared folder on Dropbox, and you could have shared your keychain that way. It's a bit cobbled together compared to what you now have with the 1Password.com service.

We've dove right in, assuming that everyone knows what 1Password is, what it provides, and everything else. It's a password manager. It's a secure place to store your secret information.

In a team's environment, like you said, you can set up this information to be shared with any number of people on your team. You can set up specific vaults that shares certain bits of information.

For us, for instance, we have a social team. That's where our Twitter login lives, and that's where the Facebook information lives.

We have the Apple developer team. They've got information about how to get into iTunes Connect, certificates, and stuff like that. We can keep that information compartmentalized within the company.

Then you also touched on something else, which is what do you do when someone leaves. Holy cow. That's going to happen. Now you can immediately remove their access to any passwords that they might have had and you can also see what passwords they accessed while they had access to this information so you know which ones to go and change.

We solved a lot of problems.

Matt: We're also doing a load more around when you have a much larger team, and how we can scale this. We have new toys to play with, like being able to do reports on what passwords you might need to change when people leave. All kinds of things like that that we hadn't considered before.

Rene: Because that happens. Someone left a year ago and suddenly you're in a system. You're like, "Why is their name still here?"

I should back up by saying that the reason we were using password managers to begin with was because, especially in families, there were things like the Home Depot breach. There were things like credit card information or passwords that were compromised and then used in other services.

People would use the same password for some dumb company that didn't store it securely, but that would be their iCloud of their Google password, and then suddenly everything was compromised.

You started to absolutely have to have long, strong, unique passwords, but then there's no way for a human to remember multiple of those. That led us into password management, which then led us into all the other stuff that we needed. [laughs]

Roo: Ideally, you should know none of the passwords for any of your sites. I know two. I know my 1Password, which is my master password that gets me into my vault, and then I know my iCloud password, because that's another one that you need to know periodically. Beyond that, every password that I have is unique and not replicated to any other service, because...

Rene: I hear that a lot. I hear that people know either their password manager...I should make clear. I'm talking 1Password now.

You guys can cover your ears for a second. There are other companies out there. Sometimes it depends...

Roo: Wait, what? There are, really?

Rene: I feel like people who grew up on the Mac started using 1Password. People who grew up on PCs, because you guys weren't there as early as you were on the Mac, started using LastPass.

Some people who grew up on Palm, for example, I don't even remember what I used on Palm, but there was a company. Maybe it was DataVault or something. There was a company that started making password managers for Palm, and then went another direction.

Sometimes it's where you originate that determined what you started with, and people tend to stick with it.

To your point, you remember your master password, and then you remember your iCloud password, or, if you're an Android, your master password and your Google password, because you will be prompted for it in some circumstances where you don't have access to anything else.

I used to try to remember by Dropbox password because I knew that I have one password hooked up to that. The copy between clipboards on iCloud became good enough that I could open another device, copy it, paste it in to authorize, and then after that now I know one password.

Roo: How did we get here? We were talking about business files.

Rene: Yes.

Roo: We introduced the 1Password Families service. It was immediately greeted with a lot of positive feedback from customers.

They're like, "Oh my gosh, this is amazing. Now I can set this up and share with my family," like you said. "I can tie in members of the family that haven't traditionally been using password managers, and this is really cool."

There were also people who it generated a little bit of fear, uncertainty, and doubt. They're like, "What's happening? I don't want to go to a subscription model."

Rene: They thought you were coming to their house and taking their passwords out of their cold dead hands. [laughs]

Roo: There's a bit of that. There's the "How dare you? How dare you move to a subscription model?" My reaction to that is always a bit of, "Whoa, whoa, whoa. We're not taking away what you have today."

"What you have today will continue to work just fine. 1Password isn't going to get deleted from you device, and the way that you paid for it yesterday is still valid today. We've just introduced something new."

There was definitely a period of time where, to be completely transparent, inside the company we were not sure if we were going to discontinue the standalone model and go all-in on subscription or continue to offer both. That added to the fud that our customers were feeling.

We've now been completely transparent about that and said, "Look, for 1Password 7, the next version that's going to come out, we will sell licenses for that. You can buy a standalone copy of 1Password 7 and it will work across your devices, and you can use it just like you've been using 1Password 6."

1Password.com is what we're going to recommend to people. All new customers that come to 1Password for the first time, we've funneled them directly into a 1Password.com subscription.

Because quite frankly, Rene, the subscription model, the payment side of it, the finances side of it, that's fine for us, but it is the best way to use 1Password today. It really is. There's so many affordances that you get with a 1Password.com account that don't exist in the standalone model.

We know that that's the best way. That's what we want our customers using because, even from a customer support point of view, it's the easiest way for us to provide support. Because when someone has a problem, the problem scope is so narrow that we can easily work through those issues and fix them.

Rene: One of the things that I think is there's this traditional disconnect between atoms and bits. When somebody bought a cassette, and then we went to CDs, there was no assumption that you'd automatically be given a CD.

Then when we went to DVDs and went to Blu-ray there was no assumption that Warner or whatever the company was, Disney, would send you a new disc with the same movie that you already bought on. But there is this assumption that as devices change, as requirements change, you're going to always be able to run those bits.

We saw this most recently with 32-bit apps, apps that had been discontinued, developers that no longer existed. When people would try to load them on devices that were 64-bit only, it's like, "What the hell is happening? Where's my app? I paid for this. I paid 99 cents for this four years ago. Why is it not running now?"

The app market there's so many distortions. I don't want to do a huge tangent, but there's so many distortions about the app market that what you were seeing there was a sum of a lot of preconceptions directed in the wrong way.

Roo: That's true. The other thing that really didn't do us any favors is that we have not sold an upgrade license to 1Password since...Matt, what's it been, four, five years since we've required someone to buy a new license between versions?

Matt: I've seen someone email in and said, "Well, I paid in 2008." I think that's the earliest that I've seen [inaudible 15:59] .

Roo: They're still able to use the newest version today.

Matt: I think how much work I've put in from that point, and that's just me.


Roo: We've not conditioned our customers. That sounds a little skeevy. Our customers have not expected that they would need to pay when the new version comes out.

That's changing for 1Password 7. That's going to be a new version that requires a new license. It's a brave new world for us. [laughs]

Rene: Again, you saw "Star Wars," but you didn't get to see "Empire Strikes Back" for free. The thing I try to think about is free is great, but if it does not allow a developer to continue working on the product, then it's ultimately self-defeating.

I joked about this with Craig Hockenberry, where I said every time I see him at WWDC I want to shove singles down his pants because I want to support...

Yes, I'm super happy that I get 1Password 7, but I want to make sure I get 1Password 8, and I want to make sure I get 1Password 9. It's in my best interest to make sure that AgileBits and 1Password stay viable and stay in this business.

We've seen big companies like Microsoft [laughs] pull the plug on services, and then it doesn't matter how much money you saved because it's gone. When you make that value equation, I consider it not a purchase, but an investment. I want to make sure that investment is paying off for me over time.

Matt: The other advantage that it brings us, which as a designer pushing out new and shiny stuff is what I want to do every day. When someone says, "Hey, we should hold this back a bit. This is really good. We should hold this for 1Password 7." I'm like, "Well, now with the 1Password.com model, we have definite audiences of families, teams, and individuals."

I can work on a feature, push it out, ship it, and everything without worrying about what version it's in and how that might affect that version as a whole. It brings us a whole level of freedom.

Rene: To expand on that, previously you'd have to wait and hold back features so that it would be enticing enough to get somebody to upgrade when they looked at them across a new version. Now it is software as a service.

Google does that. Microsoft does that. You subscribe to Windows now. [laughs] You don't really buy it, because it lets you push out features at the speed of development.

Roo: That's absolutely true. It lets us improve the product at a more natural pace. We don't get these big peaks and valleys. It's a nice steady incline and it works out really well.


Rene: Take a quick break so I can tell you about our sponsor, Thrifter.com. Thrifter is a great team. Every day they scour the Internet looking for the absolute best deals. Places like Amazon, Best Buy, Target, all of those. They have those deals up all the time.

Right now, I'm looking at Thrifter.com. They have all sizes and colors of Apple's 12.9" iPad Pro discounted $100 at Best Buy, so it's $700, instead of $800.

They have B&O PLAY A4 Active portable Bluetooth speakers. Instead of $360, it's on sale for $280. I don't know about any of the stuff. I just find it there. I look at it. There's a lot of great prices, a lot of great deals.

Thrifter.com. All the best stuff, none of the fluff. Thank you, Thrifter.


1Password 7

Rene: Shifting gears a little bit, let's get into 1Password 7. What was the thinking for that, and what was your goal with it?

Roo: 1Password 7 on the iOS side, we try to hit an annual target for this. We just talked about doing iterative development where we get to release features as they're ready. Now I'm going to switch gears and talk about how we do these big releases every year.


Roo: Because on iOS we like to make a big splash, typically alongside whatever the new version of iOS is in the fall. This process typically starts for us at WWDC when Apple gets up on stage and tells us all the awesome stuff that's coming. Then we immediately go off to a room somewhere and start madly proof of concepting ideas for what the next version of 1Password's going to be.

One of the things that we did is Matt and I took a step back and looked at the iOS client as it was. We said, "You know, there's some really cool things in here."

"Apple has added some really cool things, but the product as a whole is very solid at this point, so now let's take a step back and see where we can rework some of our assumption and see how we can make the app work better with the way that people work on their devices."

We got drag and drop this year on iPad, which is awesome. We released 1Password 6.9 for iOS. That came out the same day as iOS 11, and that had drag and drop on iPad.

It's fantastic. When you want to log into a website or another app you can use the 1Password extension, but I find myself bringing up 1Password in Slide Over or Split View and dragging and dropping my user names and passwords over. It's awesome.

Rene: It's so tactile.

Roo: We were really excited about that. That was the germ for the idea of what other ways can we make the app super easy to use.

We really focused on getting information out of 1Password and into other apps easily. The two big things that we added were this feature that in development we called Copy, Copy, Copy, but I was told that that's not marketable, so it became Quick Copy.

The idea is there are many apps that support the 1Password extension. From the login screen, you can tap on the 1Password icon. It brings up 1Password. You select your login. It fills it into the app automatically. That's the best experience. That works in Safari, as well.

There's other apps that, for whatever reason, those developers haven't taken the five minutes to add support for 1Password yet. For them, what do you do?

You launch 1Password. You find the item. You copy your user name. Switch back to the app. Paste the user name. Switch back to 1Password. Copy the password. Switch back to the other app. It's a pain.

What Quick Copy does is as soon as you copy that user name and switch to another app, 1Password starts paying attention to what you do next. If you come back to the app within, it might be 30 seconds, we copy whatever the next field is right onto the clipboard for you.

All you have to do is switch into 1Password and switch back out again, and you have your password now. If you've got two-factor verification set up, the next time you switch in we can copy your one-time password for you, and you can switch back and paste it into the app.

It makes the whole process way smoother, especially on iPhone X with the home indicator swipe. It's ridiculously fast now to log in to third party apps that don't support the extension.

That was one of the things that we did. The cool thing is that Quick Copy extends beyond logins. You can do it with credit cards. You can start by copying the name on the credit card. The next time you go in it grabs the number, and then the verification number.

Every item in 1Password participates in Quick Copy in some way, shape, or form. It makes it easy to get your information out.

The other thing was reworking the favorites screen. Favorites has been a list of items for the longest time. We said, "How can we make this better?" That's where we came up with this idea of the favorites screen is a separate entity inside the app, in terms of being a list of items. They act a little bit differently.

Matt came up with this gorgeous design that you tap on a row, and it animates up and shows these nice bubbles underneath. When you tap on the bubble it gives a beautiful little copied animation.

If you have a one-time password it has this awesome circular progress indicator that wraps around the outside of the cell. It's really, really beautiful looking.

Same thing, it gives you quick access to your information so you don't have to go, hunt, and peck, within the item details for the information you want. It's going to be right there on the same screen that you started.

Those were the big things that we really focused on since Dubdub.

Rene: Matt, I always talk to designers and they're like, "Yeah, you can tell me to make this stuff, or you can mock it up in Motion, but that doesn't mean make it human."

How do you take the idea of speed and Copy, Copy, Copy, or Quick Copy and make it not only discoverable, but understandable so that someone knows what's happening when they're seeing all this interface?

Matt: It's an interesting process, especially working with Roo, [laughs] because when he has an idea he's very excited about it. You have to coax that into some sort of human interaction.


Matt: It's really, really nice to see how it works with the fluid UI of the new iPhone and how easy it is to switch apps.

Initially what we wanted to do was alert a user and say, "Look, this is how it works." It's very easy to go down that route of saying, "OK, let's just pop something up and tell the user what we're doing."

What I've found more and more with using Quick Copy was that I would log in and there would be a small dialogue that said it had copied, and then the next time I went in it said it had copied again. I learned it from that. I don't think there was really much human interaction persuading that we had to do with that.

The favorites view took a little bit more. It's hard to know how people are going to react to these changes because people are very precious about 1Password. Because of the stuff that it holds, you react a little more sensitively to when it changes.

When we do a change like this we do play with it for a long time. This fluid UI felt like it really fit within the new iPhone and the way of using it.

We did put a couple of hints and helpers in there, but they disappear a lot faster in the new version. [laughs] They do disappear pretty fast once you learn them.

I'm really happy with how it came out.

Rene: Specifically for things like iPad Pro, where you have to deal with maybe just being a slide over, even though it doesn't slide anymore. Is it a pop over now? I don't know. [laughs]

If you're in that transitory state, or you're in a one-third view or a half-view, did you have to think about that at all, because you weren't always owning the screen?

Roo: I'll answer this more from a development point of view than a design point of view. This is one of the things that I'm very proud of on our team.

Apple, when they get on the stage at WWDC they are constantly telegraphing their moves. If you pay attention, they tell you what's going to change. They tell you what new devices are going to look like.

Rene: Like size classes, like safe areas?

Roo: Exactly. They get up on stage, like, "So this is the new way of doing things, and you should do them," with a wink and a nudge.

We've been following that advice closely for a few years now. When it comes to things like Slide Over in iPad and things like that, 1Password really works.

It was the same with iPhone X. You saw it yourself, Rene. When you picked up the iPhone X and installed whatever the shipping version of 1Password was at the time, for the most part, other than the tab bar at bottom colliding with the home indicator, everything worked. That's because we pay attention and we do what Apple suggests when they suggest it.

We don't find ourselves playing catch-up very often with stuff like this.

1Password and Face ID

Rene: People can see in my hands-on from the original event. 1Password was on the demo units for iPhone X back in September.

My experience, the one that really was jaw dropping for me was when I got my review unit and it was about a week, maybe five days before they went on sale.

Back during the event, at the demo, Face ID was not set up for us. It was set up for the Apple representative who was in charge of the device. We didn't get a change to try that. We could see them doing it, and we could do Animoji and stuff, but we couldn't do the ID part of it.

Right away, I set up Face ID. I was with John Gruber at the time. I was setting up Face ID. It was fun and it was superfast to set up.

I was setting up this phone and I needed my password, so I tapped on 1Password. I was getting ready to look for the button to put in my master password or tell it that I wanted to do Touch ID, and I got this little indicator that went, boom, unlock, and it opened for me. "Wait a minute. I didn't do anything."


Rene: It took my brain several...I could hear it clicking, trying to figure out, "Wait a minute. It's got Face ID, and it just did it. I'm suddenly in this phone and I had to do no active action to cause it." [laughs] That was a real transformative moment for me.

Roo: That's been my experience with Face ID in general, is that it is transformative in how you use the device. The amazing thing about it, for me, is that it makes security invisible. Your device is locked down, it is solid, and when you go to use it, it's ready for you.

Even simple things like notifications on the lock screen now are anonymized notifications until it recognizes your face. That's amazing.

Rene: It blossoms into the full preview. [laughs]

Roo: Again, when you unlock the device, that swipe up and you're ready to go. 9 times out of 10, you don't even see the little Face ID indicator. It's awesome. It's just so cool.

Rene: I don't know from the developer standpoint, but from a user standpoint, at least when I had it, very few apps had really been updated. I'm sure Apple had some people in for kitchens.

People aren't familiar with that. Sometimes Apple, especially for stage, if Apple's going to have someone demonstrate onstage in an event, nobody has seen the software by then or the hardware. They bring them in a little bit early. They get it optimized. Then it's like, "We gave them 24 hours on iPhone and look what they managed to do!"

But often between the periods of events and releases, whether it's an iOS release or a hardware release, they'll have developers in to sort of work to optimize their apps because they want people on day one to have a really good experience with them. Some of the apps have been updated. But even the apps that weren't, it just worked.

My understanding is that there's no real Touch ID and Face ID API. There's just a bio-authentication API. It'll call whatever's appropriate to the device that you have.

Roo: That's exactly correct. That was an incredibly smart move on Apple's part, that anything that supported Touch ID yesterday is going to support Face ID today right out of the box. That was awesome.

Rene: I don't know if it was you. But I think my bank app kept saying Touch ID even though it was Face ID. But that's been fixed now. I notice on 1Password, I was trying to authenticate it not intentionally. One of the things with Face ID is if you just pick it up, it might try to look at you. It'll shake. But I got this delightful little animation saying, "Nope, no Face ID. Want to try again?"

Roo: For the shipping version of 1Password 7 that shipped alongside iPhone X, we had to go in and make sure that we weren't saying...We had hard coded strings in there for Touch ID all over the place of course. Now it's smart about picking between the two. But other than that, that stuff just worked. It was great.

Rene: I love that old gesture from the Mac when it would shake its head if you typed in your password wrong. It's been brought all the way through the stack now where it will literally shake its face if your face is wrong.

Roo: It's great. It's nice to see the smiley Mac continue forward in its new form as the Face ID icon.

Rene: We touched on, but what do you think about Face ID in general? Because some of it has been a little controversial as well. You've lost the ability to register via separate fingers. You're using one face. There are limitations to it, for example, very young children or twins or people with very similar facial features.

Does the convenience in your mind justify the trade-offs? Or are you looking for something more?

Roo: I think that that's something that every person has to decide for themselves. For me, Face ID is perfect. It works exactly the way I want it to. I am more than happy to use it every single day.

But there are going to be people who, for whatever reason, it does not fit into their model of the world. It could be from a security point of view. Maybe their threat model includes things like constantly crossing the border or constantly going through secure areas where their phone could be searched and seized and stuff like that. For them, no, maybe not.

Rene: Or they have a literal evil twin.

Roo: Yes, full goatee, the whole nine. Those people, Face ID might not be for them. I think that that's going to have to...Like I said, each person is going to have to decide for themselves if that's the case. But for 98.5 percent of the population, Face ID is going to be exactly what you want it to be. It's going to work great.

Rene: Is your reaction similar, Matt?

Matt: Yeah, I think for me, it works more times than Touch ID did. It's because I have sweaty fingers.

Rene: [laughs]

Matt: Touch ID, I always needed to rub my trousers and then try it. But with Face ID, it's perfect. It's so seamless and very considered how it lets you know what it's doing but, at the same time, doesn't get in your way. It is just perfect.

It has trained me as well to hold it at the right distance, not too close, not too far away. I found myself adapting to that over the past few weeks and holding my phone at probably a normal person distance, not right up against my face like I generally did.

I find it has worked wonders. I don't need to think about it anymore. As it becomes winter in Canada, I don't have to think, "OK, I need to get some gloves and cut out the thumb hole or you know."

Rene: You need to throw down those hockey mitts like you would in a fight and just...

Matt: Exactly.

Rene: John Gruber and Ben Thompson had a really good take on this on "The Talk Show" where, in terms of design, you never want the human to have to conform to the machine. You always want to have the machine adapt to the human. But you can make machines so delightful that humans are happy to train themselves to use them in the way they're intended. I think that's brilliant.

One of the other things that I really like is this feels like a step forward to me. I have this beautiful dream about persistent passive authentication where eventually we just have a device that will get a little bit of our voice and do Voice ID and a little bit of our face and do Face ID.

It'll feel our touch on the screen and do Touch ID. Because of the motion processor, it'll know our gait and just recognize us based on our gait.

It'll used all that telemetry to have a trust index. When the trust index is high enough -- like I'm in a known location, it's got enough of my voice, my face, my gait, my touch to have a really good trust that it's me -- it'll just be unlocked. I'll be able to use it without even thinking about it.

As those things change, as I'm further away or it hasn't heard my voice in a while, hasn't seen my face in a while, I haven't touched the screen, eventually it might fall below a threshold and force me to do an active authentication whether it's touch or face or passcode or whatever.

But most of the time, it would just know that it's me and let me go about my business. I wouldn't have to be bothered. I hated saying bothered about security. But I really wouldn't have to be bothered by it anymore. Michael, this feels like we're getting closer with each of these steps.

Roo: 100 percent agree. The Face ID is such a leap forward in that area of invisible, seamless, hassle-free security. It really is.

Unless you have used one of these devices, it's really difficult to convey how seamless it is. But the best way to do it would be to take a non-Face ID device and set it up with no PIN or passcode and use it. The swipe to unlock on a device that doesn't have Face ID and how it just lets you in instantly without doing anything, that's how it is using Face ID. You just swipe and you're in. It doesn't get any better than that.

Clearly it could when it starts recognizing fragments of voice and touch and stuff like that. But this is so, so much better than what we had with Touch ID. I am fanboying out a little bit right out. I understand that. But it's really good.

Rene: But we're fans of cool tech. It's like you watch "Knight Rider" or something and it's a car that...We're living in a time where a lot of the science fiction from our childhood is becoming reality. I don't know if there's ever been an era where that's been so true before.

Roo: Agreed.

Rene: My godson, his father was talking to him about Knight Rider. He just looked at him and he goes, "You mean it has Siri?"

Roo: [laughs]

Security and border crossings

Rene: I guess. Totally wasn't that interesting to him. I think that's pretty remarkable.

One of the things you mentioned that I also want to touch on is we're living in this remarkable age where convenience is really, really important. We're getting all these great new features like Touch ID, like Face ID. But we're also living in an era where it is becoming more of a concern.

I'm a Canadian. We're like one of those passive Star Trek races that is welcome almost everywhere. Still I'm nervous now crossing some borders. There have been concerns about...

It doesn't really matter what the authentication is, whether it's law enforcement or criminals or just an angry one night stand, whatever, they could put your finger on Touch ID. They could hold the phone up to your face for Face ID. They could detain you unless you were willing to give up a passcode. There's all of these factors you're dealing with.

I know you guys have been looking at things like a travel mode. But how does that influence your thinking around a security model and threat assessments these days?

Roo: It's one the things that is the most forefront in our mind every day honestly. As we add new features and improve the product in various ways, it is one of the things that we are constantly thinking about. How is this going to impact the security and the threat models that people face day to day?

Sometimes you look at something like when we added Face ID, of course we were going to add support for that. But at the same time, we did think about, "What can people be compelled to do when crossing a border by law enforcement? What can happen there in the presence of Face ID, and what can we do to try to mitigate some of that potentially?"

One of the things that we did add with this new version based on some customer feedback that we got was there were people saying, "I don't want to use Face ID and 1Password. If I am compelled in some...My threat model includes having someone show, use my face to unlock my phone against my will, and I'm not comfortable with that."

We've had PIN code support inside of 1Password for a long time. But it was only available if you didn't have Touch ID enabled on your device. Now we allow you to set a PIN code on your device regardless of whether you have some biometric unlock available. You can actually opt in to just doing PIN code.

You can use Face ID for your phone normally. But then when you switch over to 1Password, you can put in a PIN code instead of using Face ID to authenticate.

We are constantly thinking about this stuff and making sure that we are giving our customers the tools that they need to make the right decisions based on what their day-to-day threat model is.

Rene: I think that's key. I like how Apple thinks about this. I like how you guys think about it.

I realize that I'm just a user. I just want things. I don't always understand the system engineering that has to go through them.

I remember Craig Federighi at WWDC...For a long time, I've wanted to be able to, for example, do biometrics and a passcode, something I know and something I am, so that I have two factor. He mentioned that Apple's gotten a lot of requests for this.

But then how do you handle recovery? Because right now if biometrics fail, it goes down to PIN code. But then you've reduced the factors by one. Do you have to have a recovery password that allows you to recover if you forget one of them or one of them fails? Then you've introduced the third element into it. How does that increase the complexity of the security model? It really is...

I keep learning this lesson over and over again, Michael, that I have to stop thinking about solutions I think I want and just state problems that I have and let you guys do the heavy lifting. But I think that's great. If you can make it so that I can put more roadblocks for areas I think it's important to have those roadblocks, that benefits me.

Roo: Absolutely.

Rene: Where do you see this going? I mean just this in general. Apple has gotten now, on older iPhones, you can quintuple click in order to shut off biometrics and force passcode. On newer iPhones, you squeeze either the side button and either the volume buttons. You get not only the power down and SOS but you also force passcode.

Are those mitigations that are really effective? Are there going to have to be new ways for us to handle, I don't know what even to call it, but the crazy world in which we live?

Roo: It goes back to what we were just talking about is that I think that we will see improvements and changes in that area as necessary. Clearly the emergency mode, the emergency lock out feature they added, that was in direct response to things like possibly being compelled for your fingerprint at the border and stuff like that.

We keep talking about the border, but of course there's other places where that might happen. As the world changes and as we add new tech, we're certainly going to need to constantly be thinking of ways in which that tech could be abused and how we can mitigate that abuse.

Rene: Matt, just from a usability point of view, I think we hear about this because we're so connected and because we have social networks and instant media. We hear about this a lot. But I'm never quite sure how many of us actually face these threats on a day to day basis. I also don't want software to become harder to use just because we have all these potential risks.

Matt: What we try to do every time we add a convenience feature is to balance it with security. At the same time, every time we add a security feature, we try to add some sort of level of delight to it that makes it not seem almost so serious, to not add that fear factor to the extra level. It's really important when adding these, like you said earlier, roadblocks because they are.

There's no way that you can really add another level of security or another layer of security to make the user experience the same as it was before. It's always going to require something extra from the user. It's just how you make the user expect that.

When you have to log into a new device on 1Password, we ask for your master password instead of Touch ID. That can be almost jarring sometimes to some people. But it's that level of we need this from you now and you expecting that that I think helps with the user experience. It might not make it as seamless as some of these other convenience features, but it's definitely expected.

1Password #ProTips

Rene: Totally. I think that's going to let me switch gears here a little bit and get back to brighter, funner, shinier tech stuff. But I think that's absolutely true. It leads me...

I'm going to totally interrogate you guys about tips and tricks and stuff for 1Password because I want to get better at using it. But one of the things I love now, I have an unusual problem, and I'll put problem in air quotes, that as a reviewer, I get new devices constantly.

Roo: Oh, gosh. That must be terrible for you, Rene.

Matt: [laughs]

Rene: It's like those things where you say, "Oh, I'm a supermodel, and I've got sand in my toes, and it's the..." Sometimes that'll happen.

At WWDC for example, I got to review three iMac in I think eight hours. You can't really review them. But I have to run all the tests on them. I have to see if what Apple's claiming about them is actually what I see with them, especially when it's something like wider color gamut screens, whatever it happens to be, or faster processors or they can handle 10-bit high efficiency video codec.

I need to log in to be able to do those. I've got it do to this science now. Whether it's phones or Macs, I immediately open them up. The first thing I do is I install Dropbox and 1Password. I only install Dropbox because, 1Password, I think you guys had Dropbox support before iCloud or I didn't use iCloud for some reason, maybe because I had an Android phone at the time. I still do.

But I put everything in Dropbox. I download Dropbox. I download 1Password. I log into Dropbox usually by copying the password out of 1Password on a different device. Then I point 1Password at it. I just watch those passwords fill up. It's gotten to the point where I keep all of my computing environments really, really light.

They mostly are just things that are pulled off of Dropbox or iCloud or from the Mac App Store. 1Password lets me just log into all the services that I use really quickly.

I can get up and running on a new machine I think in 15 minutes, 30 minutes depending on how fast the Internet is. That's so different from what it used to take me even a couple years ago. I don't know if that was a design goal. But speed to usability of technology I think has been greatly increased.

Roo: I completely agree. I'll touch on two things. One is how to make your 1Password workflow even faster on a new machine. But then the first is you see that with iPhone X. When you pull that thing out of the box, it was like, "Hey, go set this next to your other iPhone, and we'll just suck all the settings over." OK. It was awesome! That was such a great way to set up.

Rene: It mostly worked. I noticed that things that had token-based, like Twitter and some other things, didn't...I had to go and re-auth them. What was weird is Messenger said, "Do you want to log in with Rene Ritchie's Facebook?" I said, "Yes." But Facebook said, "You have to go log in again." [laughs]

Roo: I did do that for the first out of the box setup. But then I had to restore from an encrypted backup that I keep on my Mac because I have a Move streak that is 587 days long. I needed to make sure that I got that activity data back onto the phone.

But then going back to how you set up 1Password on a machine, as a 1Password.com user, Rene, all you need is your iCloud setup. Because when you sign into your 1Password account on your Mac, we actually take a portion of your credentials, so your username, the secret key that we need for the account, and the domain for the account, so Ritchiefamily.1password.com for instance.

We store that securely in the iOS Keychain. It is synchronized with your iCloud account. All you need is your master password to log in on a new machine. You just install 1Password, open it up, click on set up with 1password.com account, it will find all of your accounts that you need. You just click on them, enter your master password, and you're done.

Rene: I love that. That is going to save me time.

Roo: It works on iOS as well. Let me tell you, from a developer point of view, we're constantly tearing things down and building them back up again. This was one of our most loved features internally. [laughs]

Rene: I want to ask Matt for his tip in a second. But I'll give him a minute to think about it because another thing that I noticed...

Forgive me for saying this, but I've bifurcated my password strategy now because I don't think you guys get access to Face ID autofill for Web or apps. You still have to do that fast copy you mentioned.

Roo: Right.

Rene: But what I noticed for passwords that I don't care about, as long as they are unique and they are strong...I should back up for a second.

I have a big problem with iCloud Keychain. That is that it traditionally did not have a master password. I never wanted to be in the situation where I would hand somebody my phone, whether it was a stranger who just needed to make an emergency call or a friend at a conference who I have to look it up, I just never wanted to give a device that had un-intermediated access to my passwords and credit cards.

ICloud Keychain, I just never used it. But now that it can automatically fill with Face ID, I just give it what are really non-important passwords for me. I didn't even think about it. I ended up going to the "Wall Street Journal" to see Joanna Stern's review, and it came up. As I was looking at it, it filled in the Wall Street Journal password and authenticated me, and then gave me her article, just based off Face ID.

That was, again, one of those magical experiences. I would never put a proper service password in iCloud Keychain, and I would never put a credit card in there, [laughs] but I have no problem giving them my Wall Street Journal login now. The system just took care of it.

Roo: I've had that same experience for some sites, because I do the same. That first time that happened, I was like, "Whoa, no way. That was super cool."

The way that they've integrated Face ID into the system in so many little ways that is frictionless, but way more secure than what you had before is fantastic.

Rene: They don't do it yet with Touch ID, because I think they felt that was a bit onerous to have people have to go and Touch ID authenticate, but because you're opening the web page and already looking at your phone, Face ID just happens, and you just watch it fill and unlock. [laughs]

The first time, you're like, "Whoa, what just happened?"

Roo: Right.

Rene: Matt, any pro tips you can share with us?

Matt: What's interesting about your workflow there is, obviously, as Roo mentioned, we have the store in the keychain thing. We also have a QR code version of those credentials, too.

Roo: That's right.

Matt: You can just open 1Password and click "scan set up code," and show them that print out of that QR code. It's a...


Rene: Or you can bring it up on your phone from your pocket, right?

Matt: ...theme. Oh yeah, you can bring it up on your phone, as well.

Rene: That's right.

Matt: You show that, and then enter your master password, and you've set that device up. When it comes to, obviously, handing this device back, you've probably wiped it, but you want to be absolutely certain, you can actually log into 1password.com, into your account, and remove that device from your account.

There's a load of other permissions that you can set there too, that we have, like specifying that you only actually want that vault ever to download on a Mac or on an iOS device, never an Android. There are lots of control like that, which is really nice.

Rene: I have a couple quick questions for you two. When people want to get started with multifactor, with two-factor authentication, I think that's becoming increasingly common because we have seen of these hacks. Some of these hacks were, again, they get their password from Home Depot. They use it to access your bank or something like that because you use the same password.

You guys support multifactor. Is there usually a path to get started with it? Would you suggest they pick one account and get comfortable with it? Or is there a certain process that they should try first?

Roo: There's a great website called twofactorauth...Wait, is it twofactorauth or just twofactor.org? Hang on. I'm going to do something rude and open up Safari and fact check myself.

Rene: Real time follow-up. [laughs]

Roo: Twofactorauth.org. It's T-W-O. It's not the digit 2. It lists out all the website that this site knows about, and this is a crowdsourced site, that support two-factor authentication. It's broken down into backup and sync or gaming or retail, transport, all of these different categories.

You can go and say, "Well, all right, I've wanted set up two factor for my bank." You click on that. Now it's going to list out this enormous list of banks, then whether or not they actually support two factor, what kind of two factor they support, and a link to help you get set up with it. It's a really good way to get started turning on two-factor authentication for some of the services that you use every day.

It's especially useful if you don't know if...There might be a service that supports it that you're not even aware of. Now it's going to be on this site. You be like, "Oh, wow, so when I'm doing Twitch streams, I can go...I didn't realize Twitch has two factor auth. Great. I'll go turn that on." I would recommend getting started in that way.

The other thing is maybe just pick something simple that you use all the time that you're comfortable with just as a service, like Twitter. Turn on two factor for Twitter and see how it goes. Once you've done it for one site, the process is essentially the same for every other site.

Rene: Also it's mature now. I remember I was an early adopter. I did it for Dropbox. Their tokens kept getting mis-generated. It was so secure I couldn't get into it anymore. I had to turn it off and wait a month. Then they fixed all the problems. I've never had an issue since. If you did have bad experiences early on, it's worth it to try again.

Roo: Absolutely.

Matt: Just to say I see tweets sometimes saying, "Oh, wow, you can store these in 1Password." Yes, you can store these in 1Password. [laughs]


Matt: We do something really cool, as well. When you fill in a login, we automatically put that two-factor code on the clipboard. It's instinctive to me automatically just fill and paste in the next step. It's brilliant.

Rene: One of the things I also do is those websites that insist on having security questions -- I'm not staring too hard at apple.com and some of my banks -- those, famously people would go on Wikipedia, if you were on there, and look up things, or just start going through your social networks, and finding out your pet names, and break into them.

It might have been Rustom who suggested this a while ago. I make extra pseudo random passwords in 1Password, and then store them in the note field for all of the questions. [laughs] If I ever need them, I just go and paste them back in.

I'll never remember made-up data. If I make up a dog's name or a street name, I'll never remember that, but if I have an actual pseudo random blog in 1Password, I can paste that in all day.

Matt: The word list generator is really good for that, and telephone banking passwords as well.

I moved to Canada about a year ago. I had to set up all my banks and everything like that. Someone rang me up and asked me for my telephone banking passcode. I passed all the security, and they passed mine. [laughs]

Then I read out what was 10 words of absolute weird, almost asylum-detecting...


Matt: ..."Blade Runner" detecting words, and the woman was just like, "Yeah, that's correct, OK."


Matt: There was a real surprise in her face that was like, "Oh wow, that's weird."

Rene: I live in Quebec, and the weird thing here is that, by law if you get married, you can't take your spouse's name, either away, so you have to keep the name that you were born with after you get married. They still insist on asking mother's maiden name as a security question, even though everybody who knows you knows that because that's what they called your mom the entire time.

We haven't reconciled the social experiment with the security model in any way, shape, or form.

I love that you moved to Canada. You think you keep the same Queen, but she's actually a separate legal entity in like 25 different countries. The Royal Family here is slightly different because we count Canadian cousins that nobody else does.

Matt: [laughs] It's been interesting. My one takeaway has been that can openers or tin openers don't work here.

Rene: They don't? Well...

Matt: Every one I've tried, it just doesn't work. I now see...

Rene: We open cans on the right in Canada. We don't open cans on the left.

Matt: You may have just blown my mind.


Roo: I didn't realize we were going to get into can opener tips, this is amazing.

Rene: I feel he's new to the country, and 1Password has a deep Canadian legacy, so if we can help...


Roo: That's true.

Rene: It behooves us. If you do see Rustom typing away and coding during the playoffs, you can tell him to stop, he's allowed to watch one hockey game...

Roo: [laughs]

Rene: ...without adding code to your database. It's just fine.

Michael, thank you so much for your time. If people are interested in following you on social or finding out more about 1Password, or improving their security in general, where can they go?

Roo: You can follow me on Twitter @mrrooni, that's M-R-R-O-O-N-I. If you haven't done so at this point in the podcast, you should go to 1Password.com, sign up for an account, and get started, because the days of re-using passwords and using the same password, or even a similar version, or thinking that you've come up with some clever system that gives you a...

Rene: Or replace the letters with symbols. [laughs]

Roo: Whoa. Don't, just look, you need a password manager, and you need 1Password, in particular. Either download it from the App Store. That's a great way to get started, or go to our website and get started. It will change the way that you keep yourself safe online. Just go do it.

Rene: You don't have to have the best security in the world, you just have to have better security than the other person, so [inaudible 61:12] . [laughs]

Roo: Is that like when you're running away from a bear, you don't have to be faster than the bear, you just have to be faster than the people you're with?

Rene: No, totally.

Matt: You always park next to the nicer car.

Rene: [laughs]

Roo: That's right, yes. [laughs]

Rene: What about you, Matt, where can people find you?

Matt: I'm Mattdavey on Twitter, D-A-V-E-Y. Sign up for a 1Password.com account. That's 30 days free.

There's lots of places in the app, specifically the Web app, that asks for design feedback because we have zero analytics inside all of our iOS, Mac, and all our clients and Web apps. I'm designing blind.

Any feedback that comes via Twitter or that comes via the links inside the Web app that says, "What do you think about this?" It's really appreciated when people take the time to email us and tell us, "I really like this, but this doesn't work quite how I use it." That's really how we gain metrics and how we judge how people use the product.

Rene: One thing I'll put a link to in the show notes too is one of the questions I get a lot is you're only as strong as your master password. You've got to be able to remember it. But it's got to be secure enough that someone else just can't type something in and get into it.

You guys, I think it was a few years ago, had this wonderful article on your blog about how to make a really good master password. That's one that I refer people back to just all the damn time.

Matt: That's a great article. With a 1Password.com account, we have the secret key which gets stored on every device that you log in. But if you go to a completely blank device and not sign in to iCloud and not do any of this other authentication stuff, you'll need that key. We refer to that as a second factor for us.

Rene: That's awesome. Thank you both so much for your time. I really appreciate it. Thank you for making 1Password. It's probably saved more from way more security malfunctions than I deserve to be saved from.

Roo: Thank you for having us, Rene. This was a lot of fun. Hopefully at some time, we'll be on again in the future.

Rene: Absolutely. I got to bring you on into a round table so I can grill you about the implementation of obscure APIs.


Roo: I look forward to it. Just give me a heads up of those obscure APIs so that I can sound smart once I get there.

Rene: Absolutely. Thanks so much, guys.

Matt: Thanks very much.

Roo: Thank you.

Rene: Thank you so much for listening. You can find me @ReneRitchie on everything social. You can email me at rene@imore.com. The show is live now. You can subscribe in iTunes, Overcast, Pocket Casts, Castro, all the favorite podcast clients. Just check the links below.

That's the show. We're out.


Rene Ritchie

Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.