SECURITY
Staying ahead with security
by
Jeffrey Goldberg
We just released 1Password 3.8.11, and this seemingly minor update packs some important security changes under the hood. I’d love to share those with you all.
Continue readingBlog | 1Password
SECURITY
Defending against 1Password harvesters
by
Jeffrey Goldberg
We have some bad news and good news today about the state of Mac security. The bad news is that there’s a new malware variant out for the Mac, a trojan called DevilRobberV3, that tries to collect various pieces of data, including your 1Password data file. The good news is that your 1Password data is very well encrypted, but we still want to take …
Continue reading
TIPS & ADVICE
Steamed up and ready to change passwords
by
Jeffrey Goldberg
The details are still vague, but it appears that the encrypted passwords of 35 million Steam users have been captured by bad guys. Note that there were two breaches. One was of Steam forums, the other is of their main user database. I am just discussing the later here as it involves many more users.
Continue readingSECURITY
What is multi-factor authentication, and does 1Password use it?
by
Jeffrey Goldberg
Editor’s note: This blog post was written in 2011. You can now protect your 1Password account with two-factor authentication, using an app like Authy or a security key. Teams can also use Duo’s authentication app as an extra layer of protection for employee accounts.
Continue readingSECURITY
Facebook and Caps Lock: Unexpectedly Secure
by
Jeffrey Goldberg
It has recently been noted over at ZDNET that if your Facebook password is PattyAndMolly, Facebook will also accept pATTYaNDmOLLY as a valid password. This may initially seems look something that weakens users’ security. However it actually is a good thing.
Continue readingTIPS & ADVICE
SECURITY
Who do you trust to tell you who to trust?
by
Jeffrey Goldberg
The big security news of the past few days is the story of the compromise of the DigiNotar Certificate Authority and the subsequent issuing of fraudulent SSL certificates, leading to actual Man in the Middle attacks against Gmail users in Iran. If that previous sentence was gobbledygook, this post should explain some of it. It will also give you …
Continue reading