Survey users for method of sync?

PWChinook
PWChinook
Community Member
in Mac

Is there a way for 1PW to survey its users for the method they use for syncing? I use Dropbox (when I started with 1PW, network syncing was not possible with one or more of the versions). I'm concerned that Dropbox may have compromised my passwords via heartbleed and one user suggested I change.

I'm curious about what percentage of 1PW users use the different sync methods.

Thanks

Comments

  • Megan
    Megan
    1Password Alumni

    Hi @PWChinook,

    I am so glad you are thinking strongly about the security of your data - thats what we like to see! While I can't comment much on alternative sync methods (as I've always been content with Dropbox for my own data), I do want to give you just a bit more information about how your data is stored when you sync using a cloud service, to hopefully calm some of your worry here.

    We are very confident about storing 1Password data in the cloud, as your data file is encrypted with an exceedingly secure encryption algorithm called AES. Even if someone were to acquire a copy of your 1Password data file, it would be extremely difficult (approaching impossible in a human lifetime) for them to actually gain access to your passwords without your Master Password. In short, we believe it is just as secure as having the data on your laptop. To learn more about cloud data security, have a read through the following article.

    http://help.agilebits.com/1Password3/cloud_storage_security.html

    And you can see the thoughts behind our data format's design here.

    http://learn.agilebits.com/1Password4/Security/keychain-design.html

    Also, you can check out our blog for many more articles that go into the nitty gritty math behind what makes 1Password so secure.

    http://blog.agilebits.com/tag/cryptography_/

  • PWChinook
    PWChinook
    Community Member

    Thanks, Megan

    I have complete confidence in 1PW and the cloud. My concern right now has to do with heartbleed and Dropbox. It would really help if you could issue a general statement to your users about what they should do to maximize PW protection in this instance.

  • PWChinook
    PWChinook
    Community Member

    Sorry, I meant to add one sentence to my last comment: IS IT SAFE TO SYNC WITH DROPBOX? Thanks

  • Jasper
    Jasper

    We've got a blog post regarding Heartbleed here: http://blog.agilebits.com/2014/04/08/imagine-no-ssl-encryption-its-scary-if-you-try/

    Please let us know if you have any other questions!

This discussion has been closed.