Edit: I’ll contact 1Password. Thanks for the reality check!
Hi everyone,
This morning I got a notification that my 1Password master password had been discovered in some data leak/breach and I should change it immediately. I haven’t used 1Password in awhile because I switched back to the Apple password manager.
I guess it’s time anyway to go through and fix all the logins that Apple suggests are compromised. But I looked online for articles about this 1Password leak and found nothing. Was this a spam notification? It popped up while I was adding an Exchange account to Apple Mail - I wasn’t doing anything with 1Password. Just wondering if I’ve missed some important security news. I know how to change my passwords - just so tedious.
Happy Monday to all.
Emily
I suspect @blackhorse16a meant to click on the from email, not a link in the body of the text.
But yes, never respond to or click any links in a message like this. Always look elsewhere for contact info (number on the back of a credit/debit card; website; etc.).
What it sounds like to me is that you stored your 1Password master password in the Apple Passwords app. Apple Passwords recognized that password as having been found online as a published password (from other leaks/hacks).
This may happen if you use a common password that other people may have chosen (eg, “pencil123”), even if your specific accounts were never hacked; or, if you use the same password in multiple places (eg, your pet’s name plus birthday), and one of your other accounts had been hacked.
In summary: it’s a warning that the password has been published online and is now vulnerable to “brute force attacks”.
The warning is a good one. It doesn’t mean that you have been hacked, but it does mean that you should change the password.