Mac

Critical vulnerability of 1Password Mac and how to fix it

AgileBits reported a critical flaw in 1Password, its password manager. Updating remedies the situation, but if switching has crossed your mind, here are the alternatives.
J
  • Jim Richards,
  • 29 days ago
  • Editor Informer Technologies, Inc.

Critical vulnerability of 1Password Mac and how to fix it Critical vulnerability of 1Password Mac and how to fix it

1Password is one of the most popular password managers in the world. Apple’s OS X has the Keychain Access app for certificates, keys, account information, and passwords, but not everyone likes it, obviously, thus the third-party products with similar features. 1Password, for example, boasts over 6 million users worldwide, as of this writing, and then, there are other password management programs like KeePass, Kaspersky Password Manager, Bitwarden, etc. (you’ll find links to pages where you can download this software at the end of this post).

The popularity of alternative sensitive data storage software means that vulnerabilities in such programs are of critical importance, and they are reported by the developers, it’s the best scenario (for everyone) realized. AgileBits, the company behind 1Password, understands this perfectly; on August 6, 2024, they published a post to their blog describing a vulnerability and suggesting a remedy for it.

1Password 8 vulnerability

Designated as CVE-2024-42219, it allows attackers to exfiltrate vault items without triggering the app's security protections. This flaw is found in all versions prior to 8.10.36; it was discovered by Robinhood's security team during assessment of the software.

Important: currently, there’s no evidence that this vulnerability has been exploited in the wild, but its public disclosure increases the risk of potential attacks, so the first thing you need to do upon hearing the news is update your 1Password 8 for Mac. AgileBit claims to have patched everything already and released the next version, devoid of the reported flaw. To simplify this process and to keep all your programs updated (and secure!), install Mac Informer automated updater (free, no strings attached, no ads):

Download Mac Informer

Should you wish to switch to a different password manager for Mac…

Even with AgileBits honestly reporting a critical flaw in their software, you may feel inclined to switch to a different program that does the same as 1Password. We’ve got you covered; here are 3 possible replacements:

1. KeePassX, one of the most popular password and account data managers in the world; totally free.

Download KeePassX for Mac

2. Kasperksy Password Manager, a specialized program for keeping sensitive bits of data in a secure environment from one of the leading cybersecurity companies on the planet.

Download Kasperksy Password Manager for Mac

3. Bitwarden, a perfect solution when you need to not only store passwords and other credentials securely, but also share them.

Download Bitwarden for Mac

Author's other posts

5 free games for Mac for a quick break from work
Article
5 free games for Mac for a quick break from work
Did you know that games ward off Alzheimer's? This means that you have one more good reason to play! Here's a list of free games perfect for short bursts.
How to make a clean boot in Windows
Article
How to make a clean boot in Windows
Clean boot is a valid troubleshooting technique when you want to find out what program out of those launched at startup causes trouble. Here's how it's done.
OpenAI's co-founder receives $1 billion for his new startup
Article
OpenAI's co-founder receives $1 billion for his new startup
Ilya Sutskever is now with Safe Superintelligence, an AI startup prioritizing safety. They've recently raised $1 billion from venture capitalists. Let's see what's what.
iMovie’s top and less popular features
Article
iMovie’s top and less popular features
If you've been looking for a video editor for Mac or iPad, don't go farther than iMovie, the default option in the Apple ecosystem. This post gives you some reasons why.