1Password 6.2 for iOS - Simple digital security with extra iOS 9 super powers!

@bntzio hey Enrique, I'm very glad you like the update 😄 feel free to find me on Twitter if you have any issues or feature requests!

@zbeat 👌🏼🎉✌🏼️🔥

@mortjac Hey Morten! What are your holdups on ditching keychain?

@cohix @mortjac I've a great trust in Apple. See they slowly secure all the aspect of my devices. From virus to water. But, they also have their flaws. I may one day be kicked out, or they also screw things up. Earlier I also had LastPass. I skipped that last autumn. I don't think I trust your storage of the passwords outside iCloud. I got my appleID hacked two years ago. I was the guilty. Apple gave me access to an engineer for 48 hours free of charge, that repaired what could be repaired. If 1Password could easy and thrustworth export and import to Keychain, get rid of duplicates, and keep your releasecycle, I may consider using only you. You have another ace, that's you can be used on PC!

@mortjac Well even though we don't use the keychain, we do have support for iCloud sync! We use Apple's CloudKit service to accomplish essentially what you're asking for, and our new Mac version (6.0) released today supports iCloud directly from our web store :)

@pradeepdotco That's amazing to hear Pradeep, please don't hesitate to reach out to me (@cohix) or the team (@1Password) on twitter if you have any questions or feature requests! We always want to hear from our users :)

@hadifarnoud I understand exactly what you mean, it seems counterintuitive to store all your sensitive information in one place. I would encourage you to check out https://blog.agilebits.com/2015/... (and the white paper linked in the last paragraph) If you'd like to understand exactly how secure our system is. We even have an option to keep your data totally private using local wifi sync. Come chat with me on twitter (@cohix) or https://discussions.agilebits.co... if you have any more questions :)

@cohix @hadifarnoud that's not the point Connor. This vault that contains all my passwords is protected by a, surprise, password. the issue is not the security of your systems. the issue is what is the key to this vault, is just a password; not a retina scanner, or any other secure methods. the flaw is there regardless of how secure is 1password tech

@hadifarnoud I understand what you're driving at here, let me share my perspective :) The biggest thing to realize here is that one extra-secure password is still better than 1000 medium-strength (yet different) passwords. If you are able to formulate one diceware-generated password with 5 words (such as rook-bobby-misfire-premier-cerebral) from a 17,000 word dictionary, this is just as secure as a 16-character random string password with symbols, characters, and numbers. Since you’re able to remember this one (still very secure) password, you can then add even MORE strength to your saved passwords (32-character random strings?). You then have a vault protected by a very secure password, protecting hundreds (or thousands) of SUPER secure passwords. That sounds pretty good, right? As for biometrics (TouchID, retinal scanning, etc) this method has drawbacks, too. For one, they are not mutable (i.e. they can never be changed), so if you ever need to change your master password, doing so with biometrics is essentially impossible. The other thing to know is that a biometric authentication method still boils down to an encryption key. Retina/fingerprint scanners rely on software to interpret the scans. There’s nothing biological about the relationship between the biometrics and the data; the programmer makes all sorts of tradeoffs about the accuracy of the scan vs convenience of reliably reproducing the scan. It is not magic - in the end, the biometric data (fingerprint scan) is converted into a password or a PIN code, which is then used to decrypt the local data. On top of that, the biometric data is not very precise either. Apple’s Touch ID, for example, can only produce 50,000 different combinations, which is less secure than 6-digit pin code. Hopefully this was able to shed some light on the situation. I don’t expect you to change your ways based solely on the words of someone on the internet, but I hope you’ll reconsider your use of a password manager, regardless of which one it is :)

@zacdavies We wouldn't complain if you said nice things anyways ;) Thanks for letting us know you enjoy 1Password!