1password-iconI’ve been a fan and user of 1Password on both Mac and iOs for probably close to a decade and still would swear by the app, but like any piece of software, bugs can pop up or allow data to bleed out. Unfortunately, with this one being related to passwords, it’s crucial for people to understand what’s exposed and how to fix.

While it sounds like the file format here doesn’t expose logins and password — the ultimate fear for password applications, it does expose the name and address of every stored item — not great for privacy and a bigger attack surface for phishing and social engineering.

Regardless, 1Password makers, AgileBits have already been transitioning users to a new format and what and who’s vulnerable and who’s not.

Their blog offers steps on how to switch to the new vault format which will allow users complete encryption and privacy:

AgileBits Blog Post: When a Leak Isn’t a Leak

1Password To Change File Formats After Key File Found To Contain Unencrypted Data

Leave a Reply

Your email address will not be published. Required fields are marked *