Motivation
This kind of all started when my daughter asked me: "What is password?". She is 3 years old and heard my wife and me talking about passwords. I tried to explain it to her but it was difficult for a child to understand that we want to keep secrets... In the end, the analogy to a key that opens our apartment made sense to her.
I'm a big fan of Gamification and we use it a lot to bring new topics closer to our daughter. So when I saw this Hackathon I wanted to create a base layer and an example for teaching password-related concepts through a game.
Showcase
Approach
The 1Password CLI integration was something I had a few glances on but could not yet see a way to use it, since I just use the 1Password.app. But now I wanted to couple a game with my 1Password Vault to make the gamification approach have a direct link to the real use case of managing passwords. So for this, the CLI is perfect.
The Documentation gives you a really easy and nice start for installing and running the CLI.
I chose to use the Unity3D Engine since I already have experience with it. Also, it seems to be the most adapted engine in the gamification space.
Unity OnePassword Library
To interact with the 1Password CLI from our Unity game we need a solid API/Library that does the heavy lifting for us. This includes managing multiple commands in parallel and maintaining the subprocesses which run the op
command line tool. This layer must also be able to parse the output from op
and make it usable in the Game. Thankfully we are living in a world of open source so I found the fantastic C# library OnePassword.NET which seemed perfect. Unity does use C# but it is based on Mono and also uses an outdated C# version. (This is because Unity has to convert the game code to C++ and every new C# feature must first be implemented for this conversion). So I made some heavy adjustments to get the code compiling for Unity. Also, we had to marry the static C# library with the Runtime/Update driven Unity lifecycle. So now we have OnePasswordUnityManager
.cs
which handles all of this and feels native to Unity.
Consent and Safety
While developing this project I noticed that I have to give my game full access to my 1Password Vaults. Yes, plural. You either get access to no vaults or all of them.
I could not change the permission model. So I added a disclaimer at game start that this game accesses the 1Password CLI. When the game starts to interact with the 1Password CLI it creates its own Vault and exclusively operates in this Vault. This gives me peace of mind that I don't change/check any secrets that are personal to the user.
As feedback to the 1Password Team: I would wish that we could restrict the 1Password CLI to only use a specific Vault. That would make me feel much safer using 1Password CLI apps from other people. I know that there is 1Password Automation Flow. But in this kind of case, it is very cumbersome to set up.
Laying a foundation
To not let this project die in the hackathon stage I put a lot of care into reusability and documentation. A separate .unitypackage is released with each version of the game. So other Unity developers can quickly import this .unitypackage with two clicks and get up and running with the 1Password integration into their game/experience. Documentation and README files are also provided.
Test/Play
The game source code is published on GitHub. To play you can go to the Releases Page and download the ready app. Or clone and open the project yourself in Unity (See README)
Conclusion
This hackathon was fun. I hope I could inspire some people to create more gamification in this space and show younger people how to properly use passwords. Although we are approaching PassKeys quickly I still think that currently, you still need a good understanding of passwords. Good and unique passwords matter. 1Password has changed the way we interact with our daily secrets. Thank you https://hashnode.com/ and https://hshno.de/2vBgtSn for organizing this Hackathon!