Convenience is Security

Posted on by

We often hear people say that there is a trade-off between security and convenience. Although there is some truth to that, I want to explain why, more often than not, security actually requires convenience. I should warn you, though, that this is going to be one of my most boastful articles to date. Users of [...]

Posted in 1Password, security | Tagged

AES Encryption isn't Cracked

Posted on by

An otherwise excellent article over at The Inquirer has a very unfortunate title: AES encryption is cracked. AES is the Advanced Encryption Standard and is at the heart of so much encryption used today by governments, militaries, banks, and all of us. It is used by 1Password and less directly by Knox for Mac. It [...]

Posted in 1Password, Knox, security | Tagged ,

Better Master Passwords: The geek edition

Posted on by

I’ve always wanted to write a technical followup to an earlier post, Toward Better Master Passwords, but this time going into some of the math behind it. Today’s xkcd comic does that for me: Indeed, what took me nearly 2000 words to say in non-technical terms, Randall Monroe was able to sum up in a [...]

Posted in 1Password, security | Tagged , ,

JavaScript grows up and plays in a sandbox

Posted on by

About 12 years ago I was fighting a losing campaign against JavaScript’s ubiquity. There was a time when JavaScript was a security nightmare, and I ranted and raved against it. Things have changed enormously since then, all for the better. A few of the slogans that I and my colleagues shouted from the rooftops in [...]

Posted in 1Password, Browsers, security | Tagged ,

Dropbox Terms

Posted on by

When in the course of network events rumors start flying about Dropbox a decent respect for the concerns of 1Password users compels me to blog about it. 1Password users certainly enjoy the convenience of syncing their data across Mac, Windows, iPhone, iPad, iPod Touch, Android and Windows 7 Phone. This is managed using Dropbox, and [...]

Posted in 1Password | Tagged ,

Toward Better Master Passwords

Posted on by

1Password is great for generating strong random passwords for sites without you ever having to memorize (or even see) those passwords. But there are a few passwords that we all do need to remember. I have a small number (I wish I could say just one) high security passwords that I need to remember. One, [...]

Posted in 1Password | Tagged ,

Dropbox security revisited: Plus ça change

Posted on by

Plus ça change, plus c’est même chose — Jean-Baptiste Alphonse Karr Summary: Dropbox remains safe for 1Password use despite some high profile discussion of its security. Keeping up with news about security issues can make your head spin. It certainly does that to me. Most often important news gets little public attention, and at other [...]

Posted in 1Password | Tagged ,