1Password is a very safe basket

—– The right way to build reliable systems is to put all your eggs in one basket, after making sure that you’ve built a really good basket. —– When you use a password manager, you are putting a great deal of valuable and sensitive information in one place. The expression, putting all your eggs in […]

No, you do not need to change passwords in response to the OpenSSL CCS bugs

For the third time this year, there is yet another flaw in an underlying security technology used across the net: the recently fixed OpenSSL bugs announced on June 5. For our customers, we are happy to report that 1Password is not affected by bugs in SSL implementations, nor do these bugs require that most people change passwords. 1Password is not affected […]

Password reuse lands Find My iPhone users in expensive hot water

There are plenty of examples as to why friends shouldn’t let friends reuse passwords, but some users of Apple’s Find my iPhone have become the latest omen of why this practice is so dangerous. On Tuesday, May 27, The Verge reported that Apple’s Find my iPhone feature was being used to lock devices for ransom. […]

Introducing the 1Password Watchtower service for Heartbleed and beyond

When news of the internet’s Heartbleed bug broke last week, we published what we knew about it and the implications for 1Password and 1Password users. To recap: 1Password is not affected by Heartbleed, but there are steps you need to take to protect your passwords from sites that may have been affected. Today, we’re introducing a […]

Heartbleed: Imagine no SSL encryption, it’s scary if you try

A major flaw has been found in the software websites use to encrypt much of our secure communications. 1Password is not affected, but there are some things to be aware of while going just about anywhere on the web right now.

Your Master Password is your defense from Dropbox breaches, real and imagined

Rumors of a Dropbox data breach spread this weekend, a breach that ultimately turned out to be false. But even in instances of false alarms, it is useful to remind 1Password users that their 1Password data cannot be decrypted without the Master Password. So let me take this opportunity to remind everyone that your 1Password data […]

The NSA can do what to my iPhone?

After Der Spiegel, along with Jakob Appelbaum at the 30th meeting of the Chaos Computer Club, published an astonishing trove of documents revealing a great deal of the extent of their penetration of the network and capabilities to install spying mechanisms into individuals’ computers and devices, one of the least significant documents is getting the most […]

Time to give 1Password 4 for Mac’s Security Audit a whirl

It was bound to happen eventually. A massive Adobe data theft of 130 million customer names, emails, encrypted passwords, source code, and more will enable almost limitless password reuse attacks in the coming weeks. Suppose you are one of the 130 million people who’s oddly encrypted passwords were among the Adobe password breach. Suppose that […]

1Password and The Crypto Wars

Of all of the revelations about the NSA that began in June and continue to this day, the one that has shocked me the most is the fact that the United States National Security Agency has been deliberately inserting weaknesses into security products and even into NIST standards. In light of this, it is fit […]

How long should my passwords be?

“How long should my passwords be?” A question like this depends on what kinds of password we’re talking about. The requirements for your 1Password Master Password, which you need to be able to remember and type, are very different from passwords you generate using the Strong Password Generator, which you never even have to look […]