This morning I had an alert that my 1Password* (1P) master password was part of a “data leak.” Digging into things, and eventually contacting support at 1P, it turns out it’s an APPLE data leak. 😡 Apparently I said yes to Apple Keychain storing my 1P info at some point (not my norm and I know better!), and somehow Apple didn’t keep my keychain secure. 😡 Now my entire credit life/life has been compromised. 😡 Thanks a ton, Apple. 😡
I’ve now gone into my account at 1P’s site, changed my master password, had it un-log every device, remove any devices that are no longer in use, and now all is right with my world. I hope. I’m praying I caught this in time before someone got into my 1P account.
The morale of this tale is to not trust Apple’s Keychain. Get thyself a password program and use it, not the keychain or the browser. 😉
*1Password data is kept safe by AES-GCM-256 authenticated encryption.
