Jeffrey GoldbergDec 28, 2022

I and my employers, #1Password, have never directly criticized a competitor before. But #LastPass's claim that it would take "millions of years" to crack the data made available from the breach needed to be addressed explicitly.

I also take the opportunity to explain why 1Password's distinct security architecture would keep users safe if we were to be breached.

https://blog.1password.com/not-in-a-million-years/

Not in a million years: It can take far less to crack a LastPass password | 1Password

How 1Password goes above and beyond to protect you in the event of a data breach.

1Password Blog
Show threadD. CreemerDec 29, 2022
@jpgoldberg love #1password but respectfully think this post is a bad move. Discussion here https://awscommunity.social/@Quinnypig/109593951007096454
Quinnypig (@[email protected])

Blunder by 1Password on this blog post. You stay above the fray when your competitor screws up like this and the entire rest of the internet is rightly piling onto them. If I worked there I’d be putting out content pieces for a month on how awesome their security was in all the ways LastPass’s is crap, but even the CIA couldn’t waterboard me into mentioning the LP breach by name as I’m doing it. https://blog.1password.com/not-in-a-million-years/

AWSCommunity.social
Show threadJeffrey GoldbergDec 29, 2022
@dcreemer thank you.You may be right. And perhaps our anger at aspects of the LastPass announcement got the better of us. But at the moment it feels like we couldn't not say this.
Show threadD. Creemer
@jpgoldberg Understood -- there's probably a lot of worry that their errors will reflect badly on 1Password. IMHO it's easy to think the rest of the world must be viewing you this way, but I think most folks will just look for other cloud-based alternatives (like 1Pass). Anyhow - please keep up the great work and don't listen to your VC's too much 🙂
Dec 29, 2022 at 2:16amWeb