|
|
|
|
|
|
by tprynn
3356 days ago
|
|
|
1Password uses TLS, and SRP inside TLS. If TLS is broken as in Cloudbleed, SRP hopefully still protects the channel - at least against non-active attacks such as Cloudbleed. The security still ultimately relies on TLS. Having not read the document fully, I think those would be against initial registration or in an active MITM allowing password-guessing. I'm looking at page 52 of https://1password.com/teams/white-paper/1Password%20for%20Te.... |
|
|