Read first: Previous version support information

1Password vulnerable to KeeFarce attack too?

narbie
narbie
Community Member
in 1Password 4 for Windows

Is 1Password vulnerable to KeeFarce attack too?

ArsTechnica article: by Dan Goodin - Nov 2, 2015 11:16am MST

"Hacking tool swipes encrypted credentials from password manager
'KeeFarce' targets KeePass, but virtually all password managers are vulnerable."

http://arstechnica.com/security/2015/11/hacking-tool-swipes-encrypted-credentials-from-password-manager/

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @narbie: It's irrelevant. The first sentence of the article says it all:

    Using a password manager is one of the biggest ways that average computer users can keep their online accounts secure, but their protection is pretty much meaningless when an end user's computer is compromised.

    When your machine is "owned" by an attacker, you should assume that they can access any data that you can. In the case of 1Password, your data is encrypted, so simply having your machine infected won't put your data at risk...but you will put it at risk when you have 1Password decrypt something for you. So then it's simply a matter of them waiting and collecting data as you access it normally. This is essentially what KeeFarce is doing, except making it more "user-friendly" by taking into account the way KeePass works in order to streamline things.

    However, 1Password only decrypts data on demand: entering your Master Password does not decrypt your entire vault. Instead, individual items are decrypted as you access them. So that's one key difference. So in the end, 1Password can't protect your from yourself, but we go to a lot of trouble to minimize the damage that can be done (i.e. you'd need to access each item individually for an attacker to collect the data). I hope this helps! :)

  • MikeT
    MikeT
    edited November 2015

    Just to be clear, there is nothing we can do to protect your data in 1Password once your system is fully compromised, consider your data to be at risk until you take the control of the system back. Be careful with anyone that claims otherwise, it is most likely they think they can but it can be proven wrong.

    You must take actions to shut down the network access and clean up before you start to use 1Password again.

This discussion has been closed.