Watch the stream
Electron and web apps may never be the first choice for security-conscious developers, but they are an industry reality. We recently faced this dilemma at 1Password when we set out to build the new Linux desktop client for our flagship password manager.
Compromising on security was not an option. At the same time, building a web app was the only practical option. Undeterred, we set out to harden Electron to meet our unique client-side requirements.
I am not going to pretend we made it all the way — no software framework ever will. But we did end up with an app we are proud to call 1Password, and to entrust with our user’s most sensitive data.
I hope to share what we learned so that others in a similar situation will have an easier time. At the same time, I invite the community to see what we’ve built and look at what we’ve gotten right — or wrong.
Mitchell Cohen Product Lead, 1Password
Mitchell is Product Lead at 1Password, where he specializes in delivering usable security in the browser and on the desktop. Before he joined the joined the dark side and became a software developer, Mitchell followed a circuitous path through technical writing, journalism, and liberal arts. His interests span from operating systems, to UX, to linguistics, to the history of science and technology. Mitchell lives in a tiny Toronto apartment with his partner and cat. He will make you a great cup of coffee if you ask.