by
Jeffrey Goldberg
For the third time this year, there is yet another flaw in an underlying security technology used across the net: the recently fixed OpenSSL bugs announced on June 5. For our customers, we are happy to report that 1Password is not affected by bugs in SSL implementations, nor do these bugs require that most people change passwords.
Continue reading
by
Jeffrey Goldberg
When news of the internetâs Heartbleed bug broke last week, we published what we knew about it and the implications for 1Password and 1Password users. To recap: 1Password is not affected by Heartbleed, but there are steps you need to take to protect your passwords from sites that may have been affected. Today, weâre introducing a new service to âŚ
Continue reading
by
Jeffrey Goldberg
Only two months ago, in the wake of the âgoto failâ bug, we had to point out that 1Passwordâs security does not depend on SSL/TLS. Today, with the far more damaging Heartbleed bug in OpenSSL, we need to tell you the same. 1Passwordâs technology is not built upon SSL/TLS in general, and not upon OpenSSL in particular. 1Passwordâs encryption remains âŚ
Continue reading
by
Jeffrey Goldberg
You have probably been taught that two is the only even prime number. But today mathematicians at the University of Southern North Dakota at Hoople have discovered a new, large, even prime. It is more than a million digits long and is equal to the value of 3²²³âˇâľâśÂš+3šššâ¸âˇâ¸Âš.
Continue reading
by
Jeffrey Goldberg
To understand why this is really good news for us and for 1Password users, it is important to know what âcrackâ means in this context. Iâll come back round to that and why we encourage the developers of hashcat, John the Ripper, and cryptohaze to take a crack at 1Password. But first, letâs talk about this news and what it says about your password âŚ
Continue reading
by
Jeffrey Goldberg
The security of your 1Password data does not depend on the security of SSL/TLS. 1Password keeps your data encrypted with your Master Password. This means that, even if an attacker is able to intercept the communication between your system and a sync server, they will not be able to decrypt your 1Password data.
Continue reading