DEVOPSdigest

1Password launched Developer Tools – a set of features created to help developers easily and securely generate, manage and access secrets within development workflows, starting with Git.

Developer Tools will help simplify complex processes and improve security practices to ensure data is protected, without slowing down the development pipeline. It will also provide developers with secure access to the secrets they need wherever they are, regardless of the device they are using.

"Developers encounter a lot of complexity when building and deploying secure software, and it can often seem like security and convenience are irreconcilable," said Akshay Bhargava, Chief Product Officer and GM of Emerging Solutions at 1Password. "1Password Developer Tools aims to make their lives easier by making complex security processes more convenient, and making doing the secure thing, the easy thing."

Cutting corners for the sake of efficiency can be tempting, but doing so can expose individuals and businesses to potential security breaches. In addition to protecting personal passwords and information, Developer Tools will enhance developer productivity, enabling quick generation of SSH keys, seamless access to data via the command line interface (CLI) using biometric authentication and secure secrets management in one app.

SSH Key Management: Developers can generate, store and use SSH keys with just a few clicks. To help avoid errors, 1Password for the browser will autofill their public keys into popular sites, including GitHub, GitLab, BitBucket and Digital Ocean. Then, with a built-in SSH agent, users can push code to GitHub and authenticate other SSH workflows in a terminal by simply scanning their fingerprint, increasing security with less effort. Developers no longer need to remember or type key passphrases, manually copy keys to new devices, or store files on their disk, thereby avoiding weak encryption of SSH keys and other security risks.

CLI 2.0 with Biometric Unlock: With a revamped CLI (including improved syntax) and new biometric unlock capabilities, developers can quickly manage secrets, provision users or automate workflows in a terminal without switching from their development tools or manually typing passwords. Developer Tools also simplifies key management with CLI inject and run commands, allowing developers to code with secret references that are substituted for actual API keys from their vault at runtime.

Secrets Management: Instead of hardcoding secrets or storing them in unsecure plaintext, configuration files or spreadsheets, developers can manage and access their secrets in one place within their preferred tools and workflows. Storing secrets in encrypted vaults, and as one of several default item types – including API credential, AWS account, database, server, or SSH key – will help prevent breaches caused by leaked secrets. Developer Tools also facilitates collaboration by providing secure access to secrets across a team. For organizations looking to automate infrastructure secrets, these tools continue to build on Secrets Automation.