Following on from a blog post written by Dale Myers after examining the 1Password .agilekeychain format. Agile Bits company responsible for developing the 1Password, password management software has today announced they have boosted the security within their code.
The post by Dale Myers raised some questions among 1Password users and the wider technology community Agile Bits explains, over concern about how the AgileKeychain handles item URLs
Agile bits the creators of 1Password have now taken this on and explain more about the security upgrade :
While we widely documented this design decision and shared it publicly, Dale was surprised to find out that we didn’t encrypt URLs within the keychain. We want to reassure users that rely on AgileKeychain that their password data is safe and secure, and take the time to walk through our data formats to explain the issue completely.
Despite the security of AgileKeychain remaining intact, Dale reminded us that its time to move on. The OPVault format is really great in so many ways and we should start sharing it with as many users as possible.
We’ve already started making changes to use OPVault as the default format. In fact, the latest beta of 1Password for Windows does this already. Similar changes are coming to Mac and iOS soon, and we’re planning on using the new format in Android in the future. Once all of these things are complete, we will add an automatic migration for all 1Password users.
For more information on the new 1Password changes jump over to the Agile Bits website for full details and links to the relevant areas to get you started via the link below.