SECURITY
TOTP support comes to 1Password
by
Jeffrey Goldberg
Editor’s note: this blog was published in 2015, and refers to versions of 1Password that are no longer available.
Continue readingBlog | 1Password
ANDROID
SECURITY
Avoiding the clipboard with 1Password and Lollipop
by
Jeffrey Goldberg
Copy & Paste clipboards (or “pasteboards” as they are called on Mac and iOS) can be dangerous places for secrets if you have malicious software running on your device. On most operating systems – mobile and desktop alike – most running applications can read from the system clipboard. When you copy a secret to the system clipboard, a malicious …
Continue readingSECURITY
Viewing Drupal from the 1Password Watchtower
by
Jeffrey Goldberg
When a large number of websites are discovered to have been vulnerable, as is the case with websites running recent versions of Drupal, people need clear and unambiguous advice that you can act on. And so, our clear and unambiguous advice is: If you have a username and password on a site which has been using Drupal for its content management, you …
Continue readingSECURITY
Shellshock is bad, unique passwords are good
by
Jeffrey Goldberg
A new security bug, commonly known as Shellshock (Officially CVE-2014-6271, is bad. It is fair to say that a large number of servers (particularly web servers) were vulnerable to serious attack for some time. It is likely that many still are, and we are unlikely to learn about most of them.
Continue readingSECURITY
Watch what you type: 1Password’s defenses against keystroke loggers
by
Jeffrey Goldberg
I have said it before, and I’ll say it again: 1Password and Knox cannot provide complete protection against a compromised operating system. There is a saying (for which I cannot find a source), “Once an attacker has broken into your computer [and obtained root privileges], it is no longer your computer.” So in principle, there is nothing that …
Continue reading
IOS
Filling with your approval: On 1Password’s App Extension and iOS 8 security
by
Jeffrey Goldberg
iOS 8 has an incredible feature coming called App Extensions, and we’re thrilled to say we have a 1Password extension ready for developers to use right in their apps! In apps that gain support for our extension, you will no longer have to copy and paste passwords from 1Password. Yes, it really is a game changer, and you can see it in action for …
Continue reading