Wednesday, 21 October 2015

1Password Password Manager Will Tighten Security

The popular password manager 1Password is security tightening after criticism from a Microsoft engineer. Engineer Dale Myers discovered the metadata for users, such as URLs, is stored unencrypted. A problem four years ago, even though it was reported.

For storage of data used 1Password two methods. The first is the AgileKeychain, which was followed by the OPVault in 2012. According to the developers 1Password possessed in the early days did not have enough computing power to decrypt and, for example searching logins. Because of these limitations, it was decided not to encrypt the URL and name of websites.

In 2012 the new OPVault format was launched, it offered more encryption. However, it was decided to upgrade users do not automatically safer this format, because users who use older versions of 1Password then not be able to access their accounts. Although AgileKeychain according to its developers is safe, it is now time to move on. Therefore OPVault the standard will be and there will be an automatic migration for all users.

No comments:

Post a Comment