Brendan: Hello, and welcome to PodRocket. I'm Brendan, Director of Engineering here at LogRocket. And joining me today is Andrew Beyer, Senior Engineering Manager at 1Password. Andrew, welcome. It's great to have you on the pod. Andrew Beyer: Hey, welcome. Thank you for having me. It's really exciting. I did not know about this podcast until I got reached out to, and then I've been listening to some of the back catalog and it's become one of my favorite tech podcasts. So super excited to be here. Brendan: Great. Well, we're excited to add another great episode to that list. So I think a lot of people are probably already familiar with 1Password, especially with all of the sort of fundraising and publicity you guys have done recently. But for anyone who isn't, can you tell us a little bit about what 1Password is and what you do there? Andrew Beyer: Yeah. So I'll start with what 1Password is. It's actually kind of a hard question it feels like these days. I was just previous, kind of before I came on this interview, I was talking to one of the founders and he was like, "I hate answering that question," because I think it gets complicated, right? So the elevator pitch has changed a lot during our journey. For consumers, I like to say 1Password is kind of the easiest way for you and your family to kind of generate unique passwords, store them and then use them. Andrew Beyer: Oftentimes you have to go into, why is it important to have unique passwords between web services? Well, there's this little thing about web services getting hacked and if they can get your passwords or crack those hash tables and get your passwords, and then next thing you know you're using the same password at your bank account or your email, oh, that kind of unlocks the keys to your digital life, right? Andrew Beyer: And so it is very important that folks use unique passwords, especially online. And 1Password at its start really just tried to make that easier. Once you get your passwords into 1Password, I think we also make it easier to use these long and unique passwords by making it easy to fill online or fill within apps on, say your iPhone for example. Andrew Beyer: But in reality, 1Password I think can do a lot more than passwords, right? It's really the best place in my opinion, to digitize and securely store everything in your life. So I recently got married and had a kid so we have our wedding license and birth certificate scanned in, in 1Password, end to end encrypted. It's the place that I feel safe to have important documentation like that, have copies of driver's license, passwords. Andrew Beyer: One of the use cases that I always find interesting to share is, every holiday we get some amount of gift cards, right? So I put those into 1Password and share them with my wife so that we don't have to worry about this plastic hunk of thing and we both know, how much money do we have at Target to spend or whatever. Brendan: This is great. I'm taking notes. Andrew Beyer: There's a lot of power user features. For businesses, it's really the same. For your users of the business, it's the same concept, but we've made it easier to share with larger groups. The big example I like to use there is, almost every business nowadays has a social media team, right and they need the ability to access the Twitter account or whatever platforms you might be on. So you could have a social media vault that you share with a select set of users and you don't give that password to everyone. I think one of the big hacks was Sony and they just had kind of an Excel spreadsheet or something like that with their Twitter passwords. Andrew Beyer: So, right when they got hacked, next thing you know, their Twitter account is hacked. So it's just kind of, it escalates out from there. But we also add a bunch of advanced reportings so that your organization can actually quantify their security posture as well as, a big one is, when someone leaves your organization, what credentials do they have access to? What do you need to change? I don't remember the report, but it's an outstanding ... A survey was run about, you've left a company, what access do you still have? Andrew Beyer: And you'd be surprised what people can still access, networks, VPNs, servers directly. It's just wild, right? And so we sprinkle on a lot extra features for businesses, additional security via firewall, enforcing 2FA and stuff like that. And then we've also started to platformatize some of it. So for example, we have secrets automation. So your DevOps team can start using secrets in 1Password in production server environments, like on your Kubernetes cluster and that kind of thing. Andrew Beyer: So it's, like I said, kind of a hard question to answer, I feel like, but I think that's a fairly good overview of what 1Password is today. As for my role, I've been here for five years. Pretty interesting story. When I joined, we were about 50 employees and everyone was like, holy cow, it's getting so big. We just doubled in size. I just hit my five year mark. And as of today, we're at 738 employees. So it's pretty huge growth there. Andrew Beyer: I'm essentially in charge of, it's awesome to be on a web development podcast, because I'm in charge of our web extensions, saving and filling items on the web, kind of like a core functionality of a password manager is how well can you get information in and out of said password manager. And then also we've been doing some pretty cool service integration stuff on my team. Andrew Beyer: For example, for any fans of Fastmail or privacy.com, we've done integrations directly with them. So if you're a 1Password user and you use privacy.com to generate unique kind of one time credit card numbers, you can do that directly within 1Password within our web extension. Same for Fastmail, they have a masked email kind of email alias system that if you're signing up for a website, not only can you create a unique password, but you can use Fastmail to create a unique email address, right? And that helps you. And it blocks spam or just know where spam's coming from. And we built that directly into 1Password, which is cool. Brendan: Is that something you built in partnership with those services or was this sort of your team seeing an opportunity to leverage the functionality they already had and build that into 1Password? Andrew Beyer: Yeah. Both of those examples are built with partnership and I think that's the only way we could have had that really deep integration. There are areas where we saw ... We want to do unique email addresses, but we don't want to run mail servers, right? So we identified a company that had similar privacy values as us and we approached them and they were like, let's build something. It's also something where, as we progress into the future, we want to open that up and make it so that any email service could potentially build the same thing on top of it. So, that's kind of the long goal. Brendan: I mean kind of another angle to what you were saying about offering more platform type services where people and partners can build against. I want to go back to where we started, which is just sort of how much you have seen 1Password grow in your time there. And obviously you guys have had a lot of recent investment, you're hiring a lot. I'd be really curious to hear sort of, how have things changed in your part of the organization in the five years you've been there and what are you excited about? And what's been sort of more challenging as the company's grown? Andrew Beyer: That's a great question. There's a lot that could be unpacked there. For growth in particular, I think when we were 50, I like to say we were engineering led customer service focused and that really aligned with our basically two teams, right? We had people building the product and we had people kind of doing customer service and we actually overlapped a lot, right? Andrew Beyer: So all developers helped with customer service and we've always had a kind of drive of, making our customers happy. As we've grown, I think one of the big outcomes is we now actually have a sales team, we have a marketing team, we have people that specialize in project management and product management and those kind of things. And of course I think that builds a higher quality end product than a bunch of kind of software engineers making some of those decisions. Andrew Beyer: So I think that's what you see when you get kind of a big organizational growth. A great example of this is just what we can offer our folks internally. And when we had one person doing all of HR and all of finance, all of the accounting, we didn't have the programs in place to do as many benefits for employees. And now we do, right? Andrew Beyer: As someone who lives in the United States, even though we're a Canadian company, one of the huge benefits of working at 1Password is they take care of everything. They take care of your healthcare, 100% paid vision, dental, all of those things that didn't exist when I first joined the company. And now I think we've built kind of just a really great place to work as well as we have a bunch of these organizations that are focused on more specific tasks and help us deliver a way better product, if that makes sense. Brendan: And how has the engineering org evolved over that time? You kind of hinted that you were sort of all one team when you started, but how has that sort of changed and grown and become more specialized as the team's gotten bigger? Andrew Beyer: So engineering wise, I think the big change is going from building individual apps, right so having a couple folks that are building a Windows app, to having a large foundation cross platform library, and some of that was organizational and a lot of that was technology decisions. So we adopted Rust and we use it to build a ton of the backend for all of our client apps, including on the web. So Rust compiles the WebAssembly. And so the same code that for example, generates that unique password is actually written once and used everywhere across all of our clients and including the web. And to kind of build that out, I think one of the big organizational changes is we have, one of the largest parts of engineering is focused on building and maintaining that cross platform library. Brendan: I think, everyone's pretty excited about Rust and especially those sort of Rust to WebAssembly toolchain. I think there's a lot of excitement around it, but it's also, still a pretty nascent technology and supply chain for delivering software. I'm curious, what's that experience of like adopting Rust and working with WebAssembly extensions been like? Has it been sort of technically challenging? Has it been easy to adopt? What's your kind of report from the front? Andrew Beyer: So I think a little bit of history is helpful. We've always had some level of cross platform shared code. So what we call the 1Password Brain is a great example. That's the library that's essentially in charge of analyzing pages and computing how to fill or save information from that page. We've shared that between the web as well as our desktop apps and mobile apps and those kind of things, and it's traversed many languages. Our infrastructure's written in Go. So we really enjoyed Go. Andrew Beyer: And we initially kind of built some of our initial first take on cross platform code in Go. At the time, and I don't honestly know what the state of affairs is today, I apologize, but at the time it just, it wasn't a great way to go to WebAssembly. I think we actually shipped some of that code and one of the fundamental issues was the memory usage, for example. Andrew Beyer: It would just allocate a gigabyte of memory for WebAssembly right on initialization, which is definitely a problem for most people. It's a non-starter for folks on things like Chrome OS at the time. So we were attracted to Rust for a few reasons. One was, some of our Windows developers were already using it in the Windows app and they really were pushing the forefront of at least the WebAssembly tooling. Andrew Beyer: So you could go from some Rust code to WebAssembly, have that packaged into an mpm package, have it generate TypeScript types, all of that using wasm-pack, is the name of the library or the package that kind of does that for you. So, we were super attracted to that. And I think Rust in general is a very decent language for writing kind of performant code. Andrew Beyer: It forces you into thinking about memory management and the borrow checker. And to be honest it's not an easy to go from, not worrying about those things to now learning Rust. I think it was a challenge for a lot of our developers internally to kind of make that switch. I myself wrote a lot of the early versions of the code. It probably took me a month before I felt like I was getting anywhere with Rust and to this day, I'm not in code every day, but I would not say I'm a Rust mastermind or anything like that. Andrew Beyer: What we did, and I think, you alluded to some of the investment is we ended up going out and hiring a lot of people that were knowledgeable in this field and bringing them into help us kind of really fully invest in this big bet, which was adopting a new technology. And I think today we've already seen, like Rust is way more mainstream two years later than when we started using it two years ago. And it was similar with Go, we were early adopters into Go for infrastructure and now Go is just the common, everybody uses that. So I think we're seeing a lot of that. I think 1Password, invests a lot into the community. So we invest into individual open source projects that we think could be the future for us, as well as we are a part of the Rust foundation. Brendan: I was going to ask how much of that sort of evolution of the language is tied to sort of the early adopters giving back to it, and supporting the language community and giving it that sort of feeling of momentum, I think matters a lot to developers. Andrew Beyer: I think it does. Rust also seems to have attracted a lot of diversity in developers, which is really awesome to see. I mean, if you've gone to RustConf or attended one of them virtually, you'll see, it's a very diverse community of people that are very interested in it at the very least. And, I think that has spawned a lot of the excitement. When I was in the early days of hiring folks to join the team as Rust developers, a lot of people were really just applying because they wanted to work with Rust, right? They didn't have any opportunities there yet. So I do think that there's kind of excitement behind it, but fundamentally it's a really great language too. It's a very modern version of a low level language. Brendan: So the browser extensions in 1Password in a lot of ways, I think are sort of one of your flagship features, the thing that I think a lot of people are probably most familiar with is like, I go to a site and it just automatically fills in my credentials that I don't have to worry about digging them out. I'm curious what sort of goes into managing the release process and life cycle of extensions across all of the different browsers and devices that you support. That seems just from my perspective, as someone who tries to wrangle browser SDKs day to day, that seems like a really big challenge to deal with extension stores and packaging and testing. How do you sort of manage all that complexity? Andrew Beyer: Ooh, that's a good question. And I will say it's difficult. So I'm glad we're touching upon this because I'm finding myself becoming a web extensions advocate, I think. I think the underlying platform is becoming a very interesting place to work if that makes sense. And what I mean by that is when I first joined 1Password, for example, I don't know if Firefox had embraced the new WebExtensions APIs or if they just had, but essentially as a little bit of a back history, Chrome started this, what we call the WebExtension API. Andrew Beyer: Firefox adopted it. And two years ago, Safari adopted it on Mac OS and one year ago Safari adopted it on iOS. So it's actually a really cool platform because you can build something that is web-based and it will work cross platform across every major web browser to include iOS on mobile. And I suspect we'll see it on Android here soon as well, right? Andrew Beyer: So you can kind of have desktop and mobile. Now that being said, the release process is a little challenging, almost every web browser on every OS, there's some little edge cases, don't allow you to just go to a random website and install a browser extension, right? You have to go to the Chrome web store or the Firefox add-on gallery or Safari Mac app store, or- Brendan: Probably on balance an okay thing. Andrew Beyer: It is because of the power that web extensions have, right? They can be a source of vulnerability, if you don't trust the developer, if you don't know what they're doing. And there has been a lot of ... some changes there. Google's pushing kind of Manifest V3, which is an overhaul of the underlying APIs. And it's going to push for kind of a better permission model among other things. Andrew Beyer: But I think one of the big challenges, if anybody's getting into the web extensions game and they want to target every browser, every platform is you have to deal with every major company, right? Every major tech company. You have to deal with Microsoft's review process, Apple's review process, Chrome, Google's review process and Mozilla with Firefox. Andrew Beyer: So I think from when we decide, hey, we want to launch an extension to when that would be fully published across all the stores is about a solid seven or eight days. And that's mostly because Microsoft takes seven days every time. And so that is challenging, especially with a security product, you want to be able to make immediate bug fixes if there are immediate problems. And I think that's one of the larger challenges is the distribution. Andrew Beyer: The upside is, all of these things are free. You can go build a web extension today and distribute them through these various channels. You don't really pay anything. You don't have to worry about signing. You don't have to worry about the distribution. So, that's the upside. But to your point, one of the important factors of our release pipeline is, testing. Andrew Beyer: So, kind of that cross platform library has unit tests. We do a lot of tests on the actual frontend code. We actually just adopted Playwright as our end to end testing framework for the extension. And everything's a little bit harder as an extension than just loading a random website, right? You have to get this into a web browser that loads an extension, but luckily there's tooling out there to do that. Andrew Beyer: So for example, Selenium has a Docker image that you can just run as part of your CI/CD pipeline, and you can programmatically load in an extension and do full end to end testing there. So, that's definitely an important component to our kind of release structure. On top of that, we do the typical things where we do internal testing, as well as we have a Beta channel and Stable channel and all of that kind of normal stuff. Brendan: One of the things that was occurring to me as you were talking about that was, this is in many ways the classic problem, right of balancing quality with speed in a release cycle, but obviously you are also a security focused product. And so that quality and trust with your users in the product is even that much more important than your average web application. Is there anything sort of, that's really specific to your product or really specific to the sort of security identity use case that's part of your testing workflow? Andrew Beyer: Nothing comes to mind. I think, a lot of our security is handled by that cross platform framework. So we do a lot of crypto in Rust for decryption of items and those kind of things. And they're very hardened and tested at the unit level. So I can't think of anything specific with regards to our extensions that I think we would do at an extreme or different than what everyone should fundamentally do when testing code. I think the biggest difference there is when you run a web app on a website, you make a mistake, you can deploy instantly, right? Andrew Beyer: You could basically deploy a new version instantly. With an extension, you could have a week of that being out in the wild. So I think that's kind of the big difference. We have some controls, right since our service is built server side. We could potentially turn off specific APIs for specific clients if we have to, but luckily we haven't had to use anything like that recently. Andrew Beyer: I think the biggest one that comes to mind as another factor of challenge at least is web browsers update quite frequently as well. And we have some additional security measures in place that other companies probably wouldn't. So, a great example of this is when the extension connects to the Mac app, for example, we actually validate the underlying process. Andrew Beyer: So we validate that yes, this browser was signed by Google, for example, and just a few weeks ago, Google changed their certificate. So, they updated their certificate and it changed the name. So it failed our validation. So now we have to kind of release new apps to handle that edge case and that kind of thing. So, we try to test a lot of our stuff in the very early channels of Chromium, for example. Brendan: So, you're always sort of testing against the upcoming builds of browsers. And that gives you, in addition to just knowing about what are the features and APIs coming to the browsers, it gives you sort of an early warning when something just breaks kind of out of nowhere, that maybe the browser maker wasn't realizing would be a breaking change for your app. Andrew Beyer: Oh yeah. And we have seen it, right? We have seen bugs as bad as, we use IndexedDB as the backend for the extension, we've seen bugs as bad as the browser updates and that entire database just gets wiped down, right? So there are a lot of things that get caught in those early days. So the upside is, I think we are large enough that we've built relationships with a lot of the browser manufacturers, so we can reach out to them. Web extensions also eight months ago, or so timelines are hard these days, but started a ... the W3C started a web extensions working group, community group. Andrew Beyer: So as a lot of these transitions are happening with the large browsers to new APIs, there's community input, and anybody can kind of just go join this community group and kind of get input on some of the things they need and don't need. And we actually, I have a developer on my team who's had some recent success there and it was pretty awesome to see his proposal mentioned in Safari's release notes or technically it was WebKit's release notes, right? Brendan: This actually touches on something I had sort of written down that I wanted to ask you about, which is, how do those relationships with the browser makers and then the web standards community generally get built? Is that having developers on your team who have connections to those organizations, is that sort of just putting yourself into the channels and the spaces where people are having those conversations? How do you go from being somebody just consuming web APIs to actually participating in the dialogue about building them and how those systems are evolving? Andrew Beyer: I think it's a little bit of both really. I think it starts with getting involved in those spaces, which isn't as easy as other things, right? Rust, you can just go join a Discord and get a part of the community and those kind of things. When you're dealing with web browsers, they're primarily put out by Google, Microsoft, and Apple, Mozilla, these are large companies, very large companies that have their own timelines and timetables. Andrew Beyer: And so you have to really kind of continue the conversation, pick up where ... Get involved in every event that you can. So WWDC is a great one for Apple. They now do the kind of sessions and they'll have a web extension one and you'll go meet the handful of engineers that kind of work on Safari web extensions, it's not a large team over there. Andrew Beyer: We actually probably employ more people consuming the APIs than all of the major tech companies employ building them, right? So once you know that, that dynamic exists, I think you have to, like all things, it's a little bit of ... I see some of the channels just blow up with people irate that, oh, why have you broken my extension and all of these things and just getting super toxic, but you really have to approach it from a professional mentality. Andrew Beyer: Let them know, from your perspective how these things are affecting you and your product and your users and as a security product. I think we've been able to push things in certain directions based on, look, if this changes, we can actually bring meaningful security benefits to our user base, right? And a lot of the engineers are receptive to that, but outside of jumping into the communities, which is oftentimes bug trackers, right? Andrew Beyer: That's one of the points of communication is through a bug tracker, but WebKit or Chromium, they're open source. One of our developers commits patches. And once you commit a patch to Chromium, you get into their Slack, you can start having a lot of more kind of involvement in that community. So it just takes a ton of effort from your side. And I'm not sure that an indie developer could probably commit to that. But I think when you have a larger organization that relies on this fundamental platform, it's worthwhile identifying people on your team that can kind of build those relationships and pursue them. Brendan: Another thing that I've been really excited to see more features around and 1Password building more things into is the sort of command line or developer focused use case. I know there's some stuff with managing secrets in Kubernetes, you guys recently shipped much better support for SSH through 1Password. I'm curious if you have any more to say on what your vision is for how 1Password fits into the workflow for developers and software engineers in general in the future. Andrew Beyer: That's a good question. We have a heck of a vision for sure. We are developers ourselves, right? We have a ton of developers internally. We use our product internally. So we're always looking for opportunities to make fundamental changes to the product, to make our own workflows better, as well as the entire developer community. I think as part of the interesting 1Password story, which we didn't go into too much depth on, but we've been around for over 15 years and only recently are we this large company, right? Andrew Beyer: We were a very small company focused on kind of the product and the use cases there. Now that we're a larger organization, we have a team dedicated to filling that developer persona. And so recently we've launched some pretty incredible features. From the browser side, you can go to a website like GitHub and generate and fill an SSH key, directly onto GitHub and it'll save it into 1Password. Andrew Beyer: And then within the desktop app, there's actually an SSH agent. So you no longer have to keep your private keys in a .ssh folder, make sure your change mob correctly. And if someone has access to your user space, they'll immediately have access to your SSH keys. No, now they can all live in 1Password and you can access it directly from the command line. Andrew Beyer: And there's a couple other, really cool things in the pipeline that I can't talk about, but essentially our vision is to solve a lot of these pain points that I think nobody else is attacking. And being that we have these integration points on the desktop, in the browser, we're a trusted place for all of your secrets. We can solve a lot of those problems. Brendan: Do you find that having been sort of, I guess, for a lack of a better word, a consumer solution so long, and having built trust with people as individuals that, that translates to trust in you as a vendor that they want to sort of bring you to work and bring you to part of their product security posture? Andrew Beyer: Absolutely. I think that was our entire early days growth history for when we've launched a service and we started having business clients. It was all word of mouth, bottom ups growth. And I think the developer initiatives also translate into that, right? If you're a developer and you're already using 1Password and you join an organization and it makes your workflow better, that's going to be a selling point for you to recommend using our solution versus one of the competitors. Andrew Beyer: So it all kind of ties together. But fundamentally, we still believe that if you build a really good product, the people will come. And a lot of that is let's be honest, the technical people within an organization have a lot of say over what products, enterprisey type products that the company adopts. It's one of the reasons why, when we migrated to a cross platform desktop app built on Electron, that made it so that we had a desktop app on Linux, right? Andrew Beyer: We weren't going to build a GTK app. We could not have the business justification for doing that. But now that we're on Linux, even if that's obviously kind of the smallest of the user basis, it fits a lot of that need for, DevOps people who use Linux at their company can now recommend 1Password where previously they couldn't. So there's a lot of value there for those things. Brendan: And I thought we might end with sort of a really kind of fun, big picture question, which is, 1Password obviously best known as a password manager, but I think over the year, two years, passwords have been getting a lot of hate in the sort of online and security communities of being hard to remember, being the kinds of things you have to keep in a password manager. And there's been a lot of sort of emphasis on alternate methods of identity and authentication. And I'm curious, what's the future of passwords, password managers, digital identity in your view? What are we going to be doing in 10 years? Andrew Beyer: So, that's a great question. Passwords are terrible. I think we all know that. The concept of oh, change your password every six weeks or 30 days, or whatever the security that NIST was putting out was, it's just terrible. It's always been terrible. That being said, they're not going anywhere, right? There's still going to be places where username and password just kind of exists forever. And so, we actually have as part of our series C funding round, we talked about this a lot with investors and we actually created a website, it's future.1Password.com. Andrew Beyer: And one of the headlining, it's pretty abstract, but one of the headlining features of what we're working on is something that we're calling Universal Sign On. And that is basically we are positioned to be this really good third party aggregate, right? We're not Apple, so we don't have sign in with Apple. We're not Google, we're not Microsoft. We work everywhere and we want to work with every kind of form of authentication. Andrew Beyer: So one of the big ones that I think you'll see us attacking is the, can your password manager start remembering what kind of forms of social login do you use? Right? So do you use login with Twitter? Do you use login with Google? It's actually kind of a hard problem for the user because you end up on this login page and you have to have the cognitive overload of remembering, did I use my Google account or did I use my Twitter account? And you know what ends up happening? You end up with three different accounts with three different login providers and it's terrible, right? I think Single Sign-on was something that we thought was going to be awesome. Andrew Beyer: And now so many people got into that space that it's kind of terrible. And that's one of the reasons why we're not in that space. Instead, what we're going to do is we're going to build a way for 1Password to track all of this for you, to know that hey, if I close down this Google account, which services am I going to lose access to? And on top of that, of course you have things like U2F, you have email based kind of login. There's all sorts of different methods nowadays for authentication. Andrew Beyer: And fundamentally, I think where we're well positioned is essentially remembering for the users, all of those methods and how you authenticate with your various services and still having the one place you can go to know if you have an account somewhere to click a button and go and authenticate with that account. And I think that's essentially the answer to your question. Brendan: I'm looking forward to it. I want to live in that world. Awesome. Anything else you'd like to point our listeners to? Where can they find you online? Andrew Beyer: So, one topic we didn't cover that I'll cover real quickly, just because this is a web developer focused podcast, and I do want to mention that one of the things web developers can do for every password manager, not just 1Password is start building forms that are password friendly, password manager friendly, and the very easy way to do that is go dig into the HTML auto fill spec and specifically the auto complete HTML attribute. Andrew Beyer: And just evaluate that spec, go look at your website and see if you're kind of meeting it, because once you do that, you're going to actually make your users have a much better experience for their password managers and generating passwords, filling them. And it goes way more in depth than I think most people know. So for example, TOTP, there is an auto complete attribute for onetime code, even address fields. You can divide it up between shipping and billing. Andrew Beyer: If you go make this fundamental little change, you'll make your website a little bit more accessible, but you'll also make it password manager friendly. So that's my little tidbit for the web developer audience. You can find me on Twitter at FireBeyer. It's F-I-R-E-B-E-Y-E-R. I do talk about kind of 1Password things when we have launches, I also just post random pictures. Like, I'm working on our 30 foot airstream that we're moving into. Andrew Beyer: So it's not necessarily the best source of all developer knowledge. It's more kind of a little bit of a picture into my life. Of course, 1Password.com, you can find a ton there. We're doing webinars now, security focused stuff. I would advocate you sign up there. We're also hiring a ton more people. So if you're looking to get into this field, please reach out to us. We have a jobs page on there. We have a ton of positions. We are a remote first company. So if you kind of live in one of the entities where we can employ people, you have a shot at having a job with us. Brendan: Awesome. I don't know if you're the first person to point our audience at a web specification in this section, but I love it. Andrew, thanks so much for being on the pod with us, really enjoyed our conversation. Andrew Beyer: Me as well. I like the topics that we covered. I could talk for days about organizational, about password managers. There's just, there's a ton. So I do enjoy it. So thank you very much for having me. Brendan: Awesome. We'll see you online. Speaker 3: Thanks for listening to PodRocket. You can find us at PodRocketPod on Twitter, and don't forget to subscribe, rate and review on Apple Podcast. Thanks.