1Password is a very safe basket

—– The right way to build reliable systems is to put all your eggs in one basket, after making sure that you’ve built a really good basket. —– When you use a password manager, you are putting a great deal of valuable and sensitive information in one place. The expression, putting all your eggs in […]

No, you do not need to change passwords in response to the OpenSSL CCS bugs

For the third time this year, there is yet another flaw in an underlying security technology used across the net: the recently fixed OpenSSL bugs announced on June 5. For our customers, we are happy to report that 1Password is not affected by bugs in SSL implementations, nor do these bugs require that most people change passwords. 1Password is not affected […]

Introducing the 1Password Watchtower service for Heartbleed and beyond

When news of the internet’s Heartbleed bug broke last week, we published what we knew about it and the implications for 1Password and 1Password users. To recap: 1Password is not affected by Heartbleed, but there are steps you need to take to protect your passwords from sites that may have been affected. Today, we’re introducing a […]

Heartbleed: Imagine no SSL encryption, it’s scary if you try

A major flaw has been found in the software websites use to encrypt much of our secure communications. 1Password is not affected, but there are some things to be aware of while going just about anywhere on the web right now.

Large even prime number discovered

You have probably been taught that two is the only even prime number. But today mathematicians at the University of Southern North Dakota at Hoople have discovered a new, large, even prime. It is more than a million digits long and is equal to the value of 3²²³⁷⁵⁶¹+3¹¹¹⁸⁷⁸¹. Many people are under the erroneous belief […]

Crackers report great news for 1Password 4

oclHashcat v1.02 support added to crack 1Password Cloud Keychain: http://t.co/Mk9qnu5LhL — hashcat (@hashcat) March 9, 2014 To understand why this is really good news for us and for 1Password users, it is important to know what “crack” means in this context. I’ll come back round to that and why we encourage the developers of hashcat, […]

1Password security doesn’t depend on SSL

The security of your 1Password data does not depend on the security of SSL/TLS. 1Password keeps your data encrypted with your Master Password. This means that, even if an attacker is able to intercept the communication between your system and a sync server, they will not be able to decrypt your 1Password data. From the beginning, […]

Your Master Password is your defense from Dropbox breaches, real and imagined

Rumors of a Dropbox data breach spread this weekend, a breach that ultimately turned out to be false. But even in instances of false alarms, it is useful to remind 1Password users that their 1Password data cannot be decrypted without the Master Password. So let me take this opportunity to remind everyone that your 1Password data […]

The NSA can do what to my iPhone?

After Der Spiegel, along with Jakob Appelbaum at the 30th meeting of the Chaos Computer Club, published an astonishing trove of documents revealing a great deal of the extent of their penetration of the network and capabilities to install spying mechanisms into individuals’ computers and devices, one of the least significant documents is getting the most […]

Time to give 1Password 4 for Mac’s Security Audit a whirl

It was bound to happen eventually. A massive Adobe data theft of 130 million customer names, emails, encrypted passwords, source code, and more will enable almost limitless password reuse attacks in the coming weeks. Suppose you are one of the 130 million people who’s oddly encrypted passwords were among the Adobe password breach. Suppose that […]