iOS 8 and its app extensions will enable a tremendous amount of power and convenience for apps, especially 1Password. But with great power comes the need for great security, and here is how your 1Password data will stay safe.
A major flaw has been found in the software websites use to encrypt much of our secure communications. 1Password is not affected, but there are some things to be aware of while going just about anywhere on the web right now.
oclHashcat v1.02 support added to crack 1Password Cloud Keychain: http://t.co/Mk9qnu5LhL — hashcat (@hashcat) March 9, 2014 To understand why this is really good news for us and for 1Password users, it is important to know what “crack” means in this context. I’ll come back round to that and why we encourage the developers of hashcat, […]
Rumors of a Dropbox data breach spread this weekend, a breach that ultimately turned out to be false. But even in instances of false alarms, it is useful to remind 1Password users that their 1Password data cannot be decrypted without the Master Password. So let me take this opportunity to remind everyone that your 1Password data […]
Of all of the revelations about the NSA that began in June and continue to this day, the one that has shocked me the most is the fact that the United States National Security Agency has been deliberately inserting weaknesses into security products and even into NIST standards. In light of this, it is fit […]
1Password only decrypts what you need at the time you need it. If Molly (one of my dogs) is using 1Password to log in to SquirrelsAreEvil.net, only her SquirrelsAreEvil Login details are decrypted. Her RabbitRecipies Login, along with all her other hundreds of items, remain encrypted. I’d like to explain why this is such an […]
1Password 4.2 for iOS has been released with a really nifty sharing feature. This allows you to conveniently share items with other people and keep them updated. Before getting into the details, it is important to know that the data is well encrypted within 1Password, but it is not encrypted when it is not in […]
In my discussion of Dropbox’s new two-step authentication, I skimped on the cryptography. Because we had to move quickly, I wanted to focus at the time just on our recommendations, so I told a few fibs about how the way the six digit codes “get” to your phone. Now I want to explain how it […]
The net is atwitter with discussion of Jeremi Gosney’s specially crafted machine with 25 GPUs that can test hundreds of billions of passwords per second using hashcat, a password cracking system. Password crackers, like hashcat, look at the cryptographic hashes of user passwords and repeatedly make guesses to try to find a password that works. […]
Mat Honan, a 1Password user and writer for Wired, did everything right. He had strong, unique passwords everywhere. Yet he was the victim of an “epic hack”, and had to put a great deal of effort into getting his digital life back. A very brief account of this Homer-worthy hack is that someone talking to […]