Critical vulnerability of 1Password Mac and how to fix it Critical vulnerability of 1Password Mac and how to fix it

1Password is one of the most popular password managers in the world. Apple’s OS X has the Keychain Access app for certificates, keys, account information, and passwords, but not everyone likes it, obviously, thus the third-party products with similar features. 1Password, for example, boasts over 6 million users worldwide, as of this writing, and then, there are other password management programs like KeePass, Kaspersky Password Manager, Bitwarden, etc. (you’ll find links to pages where you can download this software at the end of this post).

The popularity of alternative sensitive data storage software means that vulnerabilities in such programs are of critical importance, and they are reported by the developers, it’s the best scenario (for everyone) realized. AgileBits, the company behind 1Password, understands this perfectly; on August 6, 2024, they published a post to their blog describing a vulnerability and suggesting a remedy for it.

1Password 8 vulnerability

Designated as CVE-2024-42219, it allows attackers to exfiltrate vault items without triggering the app's security protections. This flaw is found in all versions prior to 8.10.36; it was discovered by Robinhood's security team during assessment of the software.

Important: currently, there’s no evidence that this vulnerability has been exploited in the wild, but its public disclosure increases the risk of potential attacks, so the first thing you need to do upon hearing the news is update your 1Password 8 for Mac. AgileBit claims to have patched everything already and released the next version, devoid of the reported flaw. To simplify this process and to keep all your programs updated (and secure!), install Mac Informer automated updater (free, no strings attached, no ads):

Download Mac Informer

Should you wish to switch to a different password manager for Mac…

Even with AgileBits honestly reporting a critical flaw in their software, you may feel inclined to switch to a different program that does the same as 1Password. We’ve got you covered; here are 3 possible replacements:

1. KeePassX, one of the most popular password and account data managers in the world; totally free.

Download KeePassX for Mac

2. Kasperksy Password Manager, a specialized program for keeping sensitive bits of data in a secure environment from one of the leading cybersecurity companies on the planet.

Download Kasperksy Password Manager for Mac

3. Bitwarden, a perfect solution when you need to not only store passwords and other credentials securely, but also share them.

Download Bitwarden for Mac

Author's other posts

Five very viable Apple AirPods alternatives
Article
Five very viable Apple AirPods alternatives
Exploring AirPods alternatives: Beats Fit Pro, Bose QuietComfort, Sony WF-1000XM5, Anker Soundcore, and Nothing Ear. Discover quality sound and features for every budget!
What is Google’s Learn About AI educational companion?
Article
What is Google’s Learn About AI educational companion?
Learn new things with Learn About, Google's AI-driven educational companion, offering dialogue-driven learning, visualization, and personalized responses.
No old dogs: Microsoft adds AI features to Paint and Notepad
Article
No old dogs: Microsoft adds AI features to Paint and Notepad
Windows classics Paint and Notepad evolve into AI-powered tools. Try generative fill and erase in Paint or rephrase sentences with AI in Notepad by joining the Canary Channel now!
macOS 15.1 out: what’s inside? And what’s promised for 15.2?
Article
macOS 15.1 out: what’s inside? And what’s promised for 15.2?
macOS 15.1 gives you Apple Intelligence features and more.