secure download

mjk

I am downloading 1Password 6.1 for the first time. I'd like to make sure that the download was secure against Man-In-the-Middle attacks. Many websites post the md5 for sha codes so that I can confirm via the openssl or shasum unix commands that the download was uncompromised. I was not able to find these security codes on your website.

Any help is much appreciated!

---

1Password Version: 6.1
Extension Version: None yet
OS Version: OS X 10.11.4
Sync Type: None yet
Referrer: forum-search:secure download

chadseld

Hi mjk,

Our server hosts MD5 hashes for each of the download links. Just append .md5 to the download URL for the location of the hash.
For example, if you download https://cache.agilebits.com/dist/1P/mac4/1Password-6.1.zip, you can find the hash at https://cache.agilebits.com/dist/1P/mac4/1Password-6.1.zip.md5

Once the app is downloaded in placed in /Applications, you can check the code signature in the terminal with
"codesign -dvvv /Applications/1Password.app"

If you don't want to use the terminal, you can download an app called RB App Checker from the Mac App Store that does this.
https://itunes.apple.com/cz/app/rb-app-checker-lite/id519421117?mt=12

Our auto-updater performs these steps when downloading updates.

I hope that helps.