Thursday, August 8, 2024

If you use 1Password on Mac, you need to get patching

Le sigh:

Password manager 1Password is warning that all Mac users running versions before 8.10.36 are vulnerable to a bug that allows attackers to steal vault items.

...

Think you might be vulnerable? No mitigations were provided by 1Password, so patching up to version 8.10.36 is your only shot at securing those credentials.

Password Managers are great security tools because they make it easy to have very strong passwords (basically, random gobledy gook) for your online accounts.  They remember these passwords so that you don't have to.

But they're not magic, they're software.  That means that even they can get security bugs.  If you use 1Paddword on Mac, make sure you upgrade it to 8.10.36 which fixes this.

 

5 comments:

Aesop said...

Butbutbut...I thought it was carved in stone that hackers don't target Apple.

HMS Defiant said...

I just laughed and laughed when friends said I should store all my passwords on my computer.

Richard said...

Simple solution. Don't use password managers.

Old NFO said...

I'm a luddite. I still do it the old fashioned way.

Jonathan H said...

I don't understand why anyone who has the slightest clue about security would store their passwords online, no matter what.
The best security for passwords is the same as for encryption updates - out of band transmission.
I've always felt that we'd come to a point where encryption was useless due to the power of computers to break it - I didn't think we'd get there due to stupidity!
Jonathan