New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

App Extensions, Third-Party Touch ID Access Demoed With iOS 8 1Password Beta

AgileBits recently launched an iOS 8 version of 1Password for beta testers, which includes support for Touch ID and app extensions, two new developer features introduced with iOS 8.

With the update, 1Password beta testers are now able to use Touch ID to unlock the app's main password, which then allows the app to supply passwords directly to Safari using extensions. The entire process has been demoed in a two Vine videos from Gabriel Nevado (via MacGeneration), who accesses his 1Password content using Touch ID and is then able to enter a password from the app directly in Safari using the Share sheet.

playvine
Click to Play Video

Accessing 1Password on an iOS device with iOS 7 requires users to enter a master password each time the app is opened, and while the app has a built-in browser, it is not possible for the app to input passwords in Safari automatically. With iOS 8's new APIs, apps like 1Password are able to provide a much simpler user experience.

1passwordbetanoteinfo
1Password beta notes image via Dave Teare

Earlier this month, MacStories shared an in-depth look at app extensions, which allow third-party apps to share services with other apps. The feature also lets developers create widgets for the Notification Center and it allows for custom system-wide keyboards for the first time. Touch ID integration for third-party developers is also one of the 4,000 new APIs Apple introduced with iOS 8.

The iOS 8 1Password update is only available to beta testers at the current point in time, but will likely be released to the public following the official launch of iOS 8, which is expected this fall.

Related roundups: iOS 8, iOS 8 Features

Top Rated Comments

(View all)

13 weeks ago

Combining two of the new APIs—it looks great!


Yes, looks amazing. I can't wait for the 1Password update -- not having to enter a master password every time I use the app will be awesome. Entering passwords directly in Safari is pretty useful too.


The minute I saw the extensions and TouchID stuff from the WWDC keynote, I've been waiting for this.

Cannot wait!


We cannot wait either :) Glad you all are enjoying this. Stay tuned as this is just the first iteration of it all and things will undoubtedly change and improve before release.

1password is the king.


Hail to the king, baby!

This could get me to use 1Password or LastPass.


I assume you're using Cloud Keychain then? Just curious, you should certainly be using some form of password management. We just encourage all users to use some form of password management, even if it isn't our own.

Excellent, definitely a huge step in the right direction.


Unless I'm missing something, nothing got entered into that login form...


The video is cut short. It definitely fills :)

I assume in this case the user who posted this video (it wasn't us) probably didn't want their email to be visible in a video to the public.

My fingers are ready.


Finger exercises commence! Just pace yourself, no need to strain a muscle early in the beta cycle. :)

This will be amazing, but a little disconcerted by the statement that the device's passcode can also be used to unlock 1password. I would rather have that disabled and have my master password as backup. Don't know if that is possible.


I love 1password use it all the time. However, I question how the encryption works on the backend. The current database is encrypted with your password. How does it work now ? Is my plain text password being encrypted and then the TouchKitID token is used to decrypt that in a chain ?

I hope they release some tech specs on it or I won't consider using that feature.


Touch ID or the device passcode can be optionally used as a convenient way to unlock 1Password, very similar to how the PIN code is used in the current version.

Keep in mind that Apple does not allow developers access to the actual finger print. It can only confirm that the finger print matches or not. To set this process up we do store the user's master password in the iOS keychain. It has two restrictions on it that truly matter. The first is that it stays only on the device and will never be synced to other devices. This data is also only accessible by 1Password, no other applications can see or access this data. That's the big one, the second is that it requires the user to validate either via the passcode or Touch ID to gain access.

It's important to remember that we can't derive the master password from the finger print, we're never given access to the finger print data and only receive a "yes/no" type of response from Apple's frameworks.

As I said, it's completely optional and you can choose to use it or not based on your security requirements. I'm sure our security expert will write up more on this prior to release as things are subject to change.

To answer the question of the device passcode, we can do this because when the master password is stored, it can also be accessed when the device passcode is provided. Again, this is limited strictly to the app that stored it.

I love you 1Password. I mean it. Will you be mine?


We
Rating: 12 Votes
13 weeks ago
The minute I saw the extensions and TouchID stuff from the WWDC keynote, I've been waiting for this.

Cannot wait!
Rating: 10 Votes
13 weeks ago
1password is the king.
Rating: 10 Votes
13 weeks ago
iOS 8 is going to be amazing.

PS: For anyone that's jailbroken on iOS 7.1.2, iTouchSecure in Cydia has third party Touch ID access. I'm using that to hold me over until the fall.
Rating: 9 Votes
13 weeks ago

Combining two of the new APIs—it looks great!


Yes, looks amazing. I can't wait for the 1Password update -- not having to enter a master password every time I use the app will be awesome. Entering passwords directly in Safari is pretty useful too.
Rating: 8 Votes
13 weeks ago
Too many steps, still.
Rating: 7 Votes
13 weeks ago
Combining two of the new APIs—it looks great!
Rating: 7 Votes
13 weeks ago
This will be amazing, but a little disconcerted by the statement that the device's passcode can also be used to unlock 1password. I would rather have that disabled and have my master password as backup. Don't know if that is possible.
Rating: 5 Votes
13 weeks ago
Hopefully LastPass does something similar.

I conceptually like 1Password but it's just so god damned expensive…
Rating: 5 Votes
13 weeks ago
This is exactly what I wanted to see. :cool:
Rating: 5 Votes

[ Read All Comments ]