Really...how safe is syncing via DropBox?
I have an iMac, a MB Pro, an iPhone and an iPad. Lucky me!
All are running the latest version of their respective OS.
I keep them all in sync using Dropbox, but I have so far not committed to using 1Passwords for my banks or financial sites or my credit cards. I cannot be the only one worried about this because there are numerous posts from 1Password users exploring the use of their LAN/WiFi to sync between OSX and iOS devices, but not between two or more computers using OSX. For that, you have to do some workaround or other. I have asked on these forums exactly which 1Password file I would have to use in order to sync 1Password between my iMac and MB Pro, but have not received a clear answer yet.
1Password's Watchtower notes this about DropBox:
Secure - This site is not vulnerable to Heartbleed.
Recommended Action - If your password has not been changed since April 10, 2014 then you should change it now.
So, at bottom, my question is: if someone hacked your account at Dropbox, are the two 1Password.agilekeychain files I see in my Dropbox account absolutely hack proof?
I can't imagine the hell in which you would find yourself if some felon has access to your retirement account, your checking account, etc., via hacking into your Dropbox account.
Many thanks
Comments
-
Hi @BikerBob
I am so glad you are thinking strongly about the security of your data - thats what we like to see!
We are very confident about storing 1Password data in the cloud, as your data file is encrypted with an exceedingly secure encryption algorithm called AES. Even if someone were to acquire a copy of your 1Password data file, it would be extremely difficult (approaching impossible in a human lifetime) for them to actually gain access to your passwords without your Master Password. In short, we believe it is just as secure as having the data on your laptop. To learn more about cloud data security, have a read through the following article.
http://help.agilebits.com/1Password3/cloud_storage_security.html
And you can see the thoughts behind our data format's design here.
http://learn.agilebits.com/1Password4/Security/keychain-design.html
Also, you can check out our blog for many more articles that go into the nitty gritty math behind what makes 1Password so secure.
0 -
Thank you Megan. At the same time I have been corresponding with you, I became involved in a long thread on the Mac-L Discussion List where any number of members have expressed interest in 1Password (hard on the heels of the Heartbleed mess) and I hope you don't mind that I pasted the URLs you gave me there so folks could further research whether 1Password is right for them
0
