Critical vulnerability of 1Password Mac and how to fix it Critical vulnerability of 1Password Mac and how to fix it

1Password is one of the most popular password managers in the world. Apple’s OS X has the Keychain Access app for certificates, keys, account information, and passwords, but not everyone likes it, obviously, thus the third-party products with similar features. 1Password, for example, boasts over 6 million users worldwide, as of this writing, and then, there are other password management programs like KeePass, Kaspersky Password Manager, Bitwarden, etc. (you’ll find links to pages where you can download this software at the end of this post).

The popularity of alternative sensitive data storage software means that vulnerabilities in such programs are of critical importance, and they are reported by the developers, it’s the best scenario (for everyone) realized. AgileBits, the company behind 1Password, understands this perfectly; on August 6, 2024, they published a post to their blog describing a vulnerability and suggesting a remedy for it.

1Password 8 vulnerability

Designated as CVE-2024-42219, it allows attackers to exfiltrate vault items without triggering the app's security protections. This flaw is found in all versions prior to 8.10.36; it was discovered by Robinhood's security team during assessment of the software.

Important: currently, there’s no evidence that this vulnerability has been exploited in the wild, but its public disclosure increases the risk of potential attacks, so the first thing you need to do upon hearing the news is update your 1Password 8 for Mac. AgileBit claims to have patched everything already and released the next version, devoid of the reported flaw. To simplify this process and to keep all your programs updated (and secure!), install Mac Informer automated updater (free, no strings attached, no ads):

Download Mac Informer

Should you wish to switch to a different password manager for Mac…

Even with AgileBits honestly reporting a critical flaw in their software, you may feel inclined to switch to a different program that does the same as 1Password. We’ve got you covered; here are 3 possible replacements:

1. KeePassX, one of the most popular password and account data managers in the world; totally free.

Download KeePassX for Mac

2. Kasperksy Password Manager, a specialized program for keeping sensitive bits of data in a secure environment from one of the leading cybersecurity companies on the planet.

Download Kasperksy Password Manager for Mac

3. Bitwarden, a perfect solution when you need to not only store passwords and other credentials securely, but also share them.

Download Bitwarden for Mac

Author's other posts

CES 2025: 10 devices you can actually find useful
Article
CES 2025: 10 devices you can actually find useful
Uncover practical innovations from CES 2025, like Roborock Saros Z70's with an arm, Samsung's AI fridge, or FaceHeart CardioMirror for health checks. Find your next gadget!
Five things to do about your computer during winter holidays
Article
Five things to do about your computer during winter holidays
Use your winter break wisely! Clean up hardware and software, organize files, explore software alternatives, and consider hardware upgrades to enhance performance.
Last-minute gifts: stores offering fast delivery
Article
Last-minute gifts: stores offering fast delivery
Discover stress-free gift shopping! From Apple's fast delivery to Amazon's vast inventory, find same-day and next-day delivery options worldwide. Say goodbye to 'stressmas'.
Windows 10 to 11 upgrade: how to clean drive afterwards
Article
Windows 10 to 11 upgrade: how to clean drive afterwards
Upgrade from Windows 10 as support ends soon. Windows 11 is streamlined and easy to install. Learn how to migrate and clean up your system without losing essential data.