New York Times on Secure Passwords (Updated)
In the middle of an article about secure passwords ( http://nyti.ms/1iukw35 ), a New York Times writer today wrote, "Indeed, at a security conference in Amsterdam earlier this year, hackers demonstrated how easily the cryptography used by many popular mobile password managers could be cracked." (That quote included a link to this: http://www.blackhat.com/html/bh-eu-12/bh-eu-12-briefings.html )
So what was the crack they accomplished and how does it relate to managers like 1Password?
This might be a good topic for the blog.
UPDATE: the article is actually a repost of an article from 2012. So...never mind.
Comments
-
Hi @joeholmes,
You're right, that's an awesome topic for a blog post. :)
In fact, we've already written one that addresses that specific NYT article:
Don’t trust a password management system you design yourself!
And since that blog post was written back in 2012, it is about 1Password 3. The security of your 1Password data has continued to evolve, with several substantial changes in 1Password 4. You will find explanations of 1Password 4's security design at various levels of detail here:
Security in 1Password 4
Please let us know if you have any other questions!
0 -
I should have noticed it was dated 2012 -- the NYTimes twitter feed that linked to it didn't mention that it was dated.
0 -
Not a problem. Most of the points in that blog post still apply today anyway. :)
0