Git + Touch ID, plus four more reasons why developers love 1Password
by Amanda Crawley & Andi Titu on
Recent breaches at Uber and Slack highlight the risks of storing secrets in plaintext on disk. But that’s just the way it works, right?
1. Your daily git pull is as easy as scanning your fingerprint
With our SSH Agent we’ve made your morning git pull as easy and secure as unlocking 1Password – only a scan of your fingerprint required! New keys can be generated in 1Password and synced with Git clients in seconds, then used without the private key ever leaving 1Password. You can use the SSH agent not only for authenticating Git in your daily work, but also to SSH into remote machines. Plus, when you work from other devices, you can take all your keys with you.
2. Shell plugins make the magic happen with all your CLIs
Why should the magic stop at Git? Shell Plugins allow you to authenticate with biometrics to all the CLIs you know and love, saving you from unnecessary typing or storing keys in plain text on your disk. Not only do we have over two dozen CLIs currently supported, but you can also build your own – it’s open source!
3. Verified commits for all your team’s projects
Sign your git commits and tags with SSH keys generated and stored in 1Password – no typing, no sensitive secrets on your filesystem, no figuring out archaic GPG keys – and be confident that every team member is who they say they are. This includes your open source projects! (Did you know you can get a free 1Password Teams account for open source projects?)
4. Collaborate without revealing plaintext secrets in your code
Now that you’re reasonably sure that none of your teammates are secretly two kids in a trench coat, let’s talk sharing. With 1Password CLI you can reference secrets stored within 1Password – underneath several encryption layers – directly in code. This means you can share them securely within your team without plainly saving any sensitive data or sending secrets by carrier pigeon (and let’s be honest, with remote work, trip latency would be guaranteed). 1Password even has integrations with the VSCode and JetBrains IDEs to flag plaintext secrets and make sure you’re sticking to best practices.
5. Securely automate secrets in production
Having all of your secrets at your fingertips (pun intended) in the terminal means you can spend less time figuring out key management and more time solving the fun problems you really care about. Not only can you provision secrets in your infrastructure with 1Password, but your organization can roll out 1Password to everyone using SCIM.
In conclusion…
Now that you know why other developers are using 1Password, take it for a spin yourself with a free two-week trial. If you decide to move from another password manager, we’ll even help cover the cost by crediting the remainder of your invoice when you switch.
Amanda Crawley & Andi Titu
Tweet about this post