Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Thanks for the comments. The crypto is open source. We use the ring library: https://github.com/briansmith/ring - Ben, 1Password


How can I verify this claim? De-compiling?

Also it's very easy to use proper crypto in the wrong way. How can I know this is not the case here?


You make a very fair point and raise a reasonable concern. We do participate in external security audits, and will be having Cure53 do an in-depth one of 1Password for Linux. https://support.1password.com/security-assessments/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: