Crack 1Password’s Vault to Win up to $100,000

AgileBits, the developers of 1Password app for iOS and Mac, have quadrupled the maximum possible reward in their bug bounty program from $25,000 to $100,000 (via TNW). In order to earn the full reward, researchers must demonstrate an ability to crack the secure vault technology used by 1Password to store credentials.

1Pass

A special researcher vault has been created by AgileBits, which contains some bad poetry, which the researchers are to target. To assist further, 1Password provides supplemental documentation containing real recent issues, in order to give direction to where more issues may be present.

Reward Guidelines

Only capturing the unencrypted “bad poetry” flag is eligible for the $100k reward. See below for more details. All other findings will be prioritized as per the Bugcrowd Vulnerability Rating Taxonomy.

Priority – Reward Amount (*up to)

  • P1 –  $5,000
  • P2 –  $1,000
  • P3 –  $200
  • P4 –  $100
1Password will also accept flaw-hypothesis submissions, without penalty, and will work with you to develop a reasonable hypothesis into a working exploit, should one be possible.

Users can opt-in by emailing ju***@*******ts.com with their Bugcrowd username, after which they’ll be provisioned account access to the vault where 1Password provides supplemental information for testing against the application, including documentation on real issues that were recently found, and more.

For more information, click here.

Want to see more of our stories on Google?

Add iPhone in Canada as a Preferred Source on Google

P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!

Subscribe
Notify of
guest
2 Comments
Oldest
Newest Most Voted
Kate Foster
9 years ago

I have made 104,000 thousand dollars last year by doing an online job from my house and I did it by wor­king part-time f­­o­­r 3+ hours a day. I followed work opportunity I stumbled upon from this website i found online and I am so excited that i made such great money. It’s user friendly a­­n­­d I’m just so blessed that I found out about it. Check out what I did… http://s­.­id/1dR

Michal
Michal
Reply to  Kate Foster
9 years ago

wow, this sounds totally not fake… even the legit looking url
/s

2
0
Would love your thoughts, please comment.x
()
x