Time to give 1Password 4 for Mac’s Security Audit a whirl

It was bound to happen eventually. A massive Adobe data theft of 130 million customer names, emails, encrypted passwords, source code, and more will enable almost limitless password reuse attacks in the coming weeks. Suppose you are one of the 130 million people who’s oddly encrypted passwords were among the Adobe password breach. Suppose that […]

More than just one password: Lessons from an epic hack

Mat Honan, a 1Password user and writer for Wired, did everything right. He had strong, unique passwords everywhere. Yet he was the victim of an “epic hack”, and had to put a great deal of effort into getting his digital life back. A very brief account of this Homer-worthy hack is that someone talking to […]

Password reuse strikes again, and a bit closer to home at Dropbox

Not so long ago, I wrote about a case where attackers were taking passwords that were leaked from one site to go after users on another. In that case, the target was Best Buy. Today’s case hits a bit closer to home for 1Password users, as Dropbox accounts are being attacked using passwords stolen from non-Dropbox […]

Friends don’t let friends reuse passwords

We’ve written about password reuse before, and we’ll be writing about it again. Password reuse—using the same password for multiple sites or services—is both rampant and dangerous. There is real evidence that people are getting robbed because they are reusing their passwords. Thieves systematically exploit reused password to pay for retail items or hijack accounts […]

On password breaches and security processes

Today it was reported LinkedIn had a password breach. This is the most frustrating sort of security problem, because even if you’re using all the security available on the longest most complex password you can generate, that doesn’t help if someone else gets ahold of it. As more and more services are offered online, and […]

Two thirds of web users re-use the same passwords

I may never get tired of talking about password reuse (using the same password on different sites), but you may get tired of hearing me go on about this. So I will keep this post short. Troy Hunt has done an excellent analysis of the passwords of the most recent Sony breach. There are lots […]

Tips: How to Find Duplicate Passwords

We have talked a lot about the issue with password reuse but we haven’t mentioned on how to find them in 1Password for Mac. The best way to do this is to first know the password you’re looking for, enter it into the search field of 1Password and press the enter key. You’ll get a bar that drops […]

When websites are breached, 1Password saves the day!

If you are anything at all like me you have accounts on scores – or hundreds – of different websites. The sad fact of the matter is that the chances are high that several of those sites will suffer a serious security breach over the course of a year. WordPress.com, which hosts a large number […]

Security firm falls victim to password reuse

There is a great deal of discussion at the moment in the security community about the conflict between a group calling itself Anonymous and the security firm HBGary Federal. I just want to highlight one technical aspect of this, the role that password reuse played in the take over of HBGary Federal and rootkit.org. Password […]

xkcd Hits Nail on Head

Via our awesome Twitter friends, we bring you a very apropos comic from xkcd.com: xkcd.com Homer says it best: Don’t be the victim of unsavory online practices. Use a different, secure password on every site, and protect yourself from a world of potential trouble. Of course, the easiest way to do that is, you guessed […]