|
|
|
|
|
|
by sbarre
3301 days ago
|
|
|
I'm also a 1Password customer and just went back to their site to confirm this. I was pretty sure they didn't store my master password or my secret key, because that would be insane.. I wonder if in this case OneLogin was the victim of a MITM attach while the attacker had access to their infrastructure? So they didn't decrypt data at rest that they obtained but rather they captured activity in transit? Either way it sounds like OneLogin had some implementation issues. |
|
|