Read first: Previous version support information

ISE - Extracted Master Password from Memory

JOeMTC
JOeMTC
Community Member
in 1Password 7 for Windows

Hello 1Password.
I found this article from the Independent Security Evaluators (ISE).
https://www.securityevaluators.com/casestudies/password-manager-hacking/

In short, they were able to extract the master password, secret key and individual items and respective passwords from memory. It was done either when 1Password was in an unlocked state or locked state. The only way to clear memory was to exit out of the application totally.

It doesn't say how the sync was made (families, teams, dropbox, etc.) but I don't think it matters as what they had done was in the memory of the host machine.

If this is true, will it be fixed in future updates? Also, is this something present in other operating systems (MacOS, OS X, iOS,
Android)?

Thank you.

1Password Version: 7.2.576
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: Not Provided

Comments

  • Greg
    Greg
    1Password Alumni

    Hi @JOeMTC,

    We have a big discussion about this research paper here. Please feel free to join and read the responses from our Chief Defender Against the Dark Arts, Jeff Goldberg in that discussion.

    Let me know if you have any other questions. Thanks! :+1:

    Cheers,
    Greg

  • JOeMTC
    JOeMTC
    Community Member

    Thank you!

  • Greg
    Greg
    1Password Alumni

    @JOeMTC: You are always welcome! :+1:

This discussion has been closed.