1Password 4.2 for iOS has been released with a really nifty sharing feature. This allows you to conveniently share items with other people and keep them updated. Before getting into the details, it is important to know that the data is well encrypted within 1Password, but it is not encrypted when it is not in [...]

In my discussion of Dropbox’s new two-step authentication, I skimped on the cryptography. Because we had to move quickly, I wanted to focus at the time just on our recommendations, so I told a few fibs about how the way the six digit codes “get” to your phone. Now I want to explain how it [...]

The net is atwitter with discussion of Jeremi Gosney’s specially crafted machine with 25 GPUs that can test hundreds of billions of passwords per second using hashcat, a password cracking system. Password crackers, like hashcat, look at the cryptographic hashes of user passwords and repeatedly make guesses to try to find a password that works. [...]

Mat Honan, a 1Password user and writer for Wired, did everything right. He had strong, unique passwords everywhere. Yet he was the victim of an “epic hack”, and had to put a great deal of effort into getting his digital life back. A very brief account of this Homer-worthy hack is that someone talking to [...]

We’ve written about password reuse before, and we’ll be writing about it again. Password reuse—using the same password for multiple sites or services—is both rampant and dangerous. There is real evidence that people are getting robbed because they are reusing their passwords. Thieves systematically exploit reused password to pay for retail items or hijack accounts [...]

I am not giving anyone health advice. Instead, I’m going to use the example of the recent LinkedIn breach to talk about hashes and salt. Not the food, but the cryptology. Before you dive into this article, you should certainly review the practical advice that Kelly has posted first. Also Kelly’s article has more information [...]

It seems that my ability to predict the future with respect to Mac malware is, indeed, on par with Digitime’s ability to predict anything. Just recently I wrote, “on the Mac, Leopard and Tiger are no longer being updated”. To prove me wrong (yeah, I’m sure that’s why they did it), Apple has just released [...]

It’s tough to make predictions, especially about the future. —Yogi Berra In Part 1 of this series I discussed how your 1Password data may (or may not) be threatened if your computer gets infected with some kind of malware, particularly Flashback. In Part 2, I reviewed the few simple things everyone should do to keep [...]

If you have been using Apple’s FileVault to encrypt your home folder on OS X, read on. There is an important security bug and action you should take. This is an Apple security issue that does not affect 1Password 3 or Knox for Mac, but it is an important enough issue that I’m announcing it [...]

Over the last couple weeks, a topic in tech news has been Flashback, malware that seems to have gotten itself installed on (at least) about 600,000 Macs running OS X. Although there has been malware for Mac OS X for a long while, Flashback is the first to reportedly affect a substantial number of users. [...]