Does this affect 1password? GrayKey iPhone unlocker poses serious security concerns
GrayKey is a gray box, four inches wide by four inches deep by two inches tall, with two lightning cables sticking out of the front. Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift.After the device is unlocked, the full contents of the filesystem are downloaded to the GrayKey device. From there, they can be accessed through a web-based interface on a connected computer, and downloaded for analysis. The full, unencrypted contents of the keychain are also available for download.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: iOS 11.2.6
Sync Type: Not Provided
Comments
-
The short answer is no, it doesn’t really have much / any effect on 1Password.
The longer answer is that this is yet another device that brute forces the iOS PIN code. We recommend using a long alphanumeric passcode instead of the default 4/6 digit PIN to unlock iOS. Of course your 1Password Master Password should also be long and not easily guessed. It should also be different from your iOS passcode or any other password that you use.
Ben
0 -
Good to know, thanks!
Regards0 -
No problem. :+1: :)
Ben
0
