RA

Random but Memorable

1Password

How to start vibe coding without compromising security with Jeff Malnick

Jun 9, 20261h 16m
Summary

In this episode of Random but Memorable, the hosts explore the rise of vibe coding—also referred to as agentic development—and how this trend is reshaping software creation. Vibe coding allows users to generate functional applications, websites, and workflows using natural language prompts without requiring deep technical expertise. The discussion highlights how this movement has democratized software development, enabling individuals from various professional backgrounds to build useful tools quickly and efficiently. However, the hosts emphasize that this rapid pace of innovation introduces significant security risks. Because AI-generated code is often created without traditional development guardrails, many projects suffer from vulnerabilities, including hardcoded secrets and unintended public exposure of sensitive data. The conversation stresses that the primary challenge is not necessarily the AI-generated code itself, but the lack of established security culture and infrastructure surrounding these projects. To mitigate these risks, the team advocates for adopting secure credential management, implementing consistent review protocols, and ensuring that AI-built applications are treated with the same visibility and oversight as traditional software. The episode concludes with a forward-looking perspective on how developers and non-technical builders alike can leverage these powerful AI tools while maintaining a security-first approach.

Updated Jun 11, 2026

About This Episode

Anyone can build software with AI now, and millions of people are giving it a try. But when AI can spin up an app in minutes, are security risks slipping through the cracks? 👀💻 In our season finale of Random but Memorable, we dive into the promise and pitfalls of building software with AI.

First, in Crash Course, Roo breaks down what vibe coding actually means, why it’s suddenly taken off, and how people are using AI tools to build apps, websites, games, and workflows. Then, in Watchtower Weekly, we look at the security risks, including exposed data and leaked API keys, and why AI-built apps still need real software guardrails.📲

Later, Wade sits down with Jeff Malnick, 1Password’s VP of Engineering for Developer & AI, to discuss how to start vibe coding without creating a cybersecurity risk. From code review and developer best practices to the future of AI-assisted software development, this conversation is packed with practical advice for anyone experimenting with AI and code.🤖👨‍💻

🏰  Watchtower Weekly

Thousands of Vibe-Coded Apps Expose Corporate and Personal Data

👨‍🏫  Crash Course

Vibe coding 👨‍💻

🎙  Guest Interview – Jeff Malnick

🗣 #Ask1Password – Ask Us Anything! 

Please send us an email at: podcast@1password.com

Ask us a question in the 1Password Community forum

📲  Follow Us…

❤️  Review Us...

If you're loving the show, please leave us a review on

More Episodes

Fact or Fiction: Cybersecurity Edition | Bonus Episode

Jul 7, 202633 minSummary

In this bonus episode of Random but Memorable, the hosts dive into a lively game of Fact or Fiction, tackling common cybersecurity myths that often circulate on social media. Through an engaging discussion, they examine whether high-resolution selfies can truly be used to replicate fingerprints and if public USB chargers pose a genuine threat to device security via juice jacking. The conversation expands into the nuances of digital privacy, clarifying that Incognito mode primarily stops local data storage rather than offering total anonymity. The hosts also dispel the notion that the Dark Web is exclusively a hub for hackers and hitmen, explaining its legitimate utility for activists and journalists. Furthermore, they address the invasive nature of smart TVs and their use of automatic content recognition. Finally, the episode explores the debate around password managers as a single point of failure and why text-based two-factor authentication is increasingly being replaced by more secure methods. By separating technical reality from public perception, the hosts provide listeners with practical insights into how to better secure their digital lives against modern threats.

BONUS EPISODE: Answering YOUR listener questions

Jun 23, 202618 minSummary

In this bonus episode of Random but Memorable, the hosts open the floor to address a variety of listener questions gathered from the community. The discussion begins with the technical benefits of environment variable management, explaining how developers can move away from insecure, plain-text files toward more centralized, vault-based systems. The conversation shifts toward the human side of technology, exploring the challenges of product development, where security-focused features sometimes fail to align with real-world user behavior. The hosts also debunk common cybersecurity myths, emphasizing that staying safe is often simpler than many people perceive—relying on basic habits like strong, unique passwords rather than complicated rituals. The group further explores the ongoing transition to passkeys and the role of artificial intelligence in daily workflows. They share insights into how AI agents are becoming more autonomous, highlighting both the impressive problem-solving capabilities of these systems and the security risks that arise when they operate without strict boundaries. Ultimately, the episode provides a thoughtful look at how to navigate the evolving digital landscape securely, balancing innovation with practical safety.

Cybersecurity tips for the modern traveler with Gerald Auger

May 26, 20261h 10mSummary

In this episode of Random but Memorable, the hosts delve into essential cybersecurity strategies for the modern traveler, highlighting how to protect digital identities while on the move. Alongside a discussion on the evolving landscape of education-sector cyberattacks, the episode provides practical, actionable advice for securing personal data. A significant portion of the conversation focuses on OnePassword’s Travel Mode. The hosts explain how this feature allows users to temporarily remove sensitive information from their devices while traveling, providing peace of mind during border crossings or in situations where device privacy may be compromised. By organizing data into specific vaults and designating which ones remain accessible, users can ensure their most critical information is not stored locally during their journey. Additionally, the hosts share valuable security tips from their listeners, such as utilizing expiration reminders for important documents, using one-time viewing links for sensitive credentials, and the importance of allowing security software to proactively alert users to compromised accounts. Through these insights, the episode emphasizes that effective security is not just about having the right tools, but about cultivating a mindset of preparation, constant vigilance, and proactive data management.

All podcast names and trademarks are the property of their respective owners. Podcasts listed on Podtastic are publicly available shows distributed via RSS. Podtastic does not endorse nor is endorsed by any podcast or podcast creator listed in this directory.