Security Standards Support

mwmiller55

I have used all versions of 1Password but have recently run into a question from my work IT staff that I need help with. Before I can install my browser plugins I have to show that Password meets FIPS-140 security standard ([url="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm"]http://csrc.nist.gov.../140val-all.htm[/url] and this [url="http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf"]http://csrc.nist.gov...-2/fips1402.pdf[/url]). Can anyone point me to the definitive answer for 1Password?

khad

Welcome to the forums, mwmiller55! Thanks for asking about this. From the "[url="http://help.agilebits.com/1Password3/agile_keychain_design.html"]Agile Keychain Design[/url]" section of the 1Password User Guide:



[color=#333333]When creating, reading, or manipulating the Agile Keychain, 1Password uses a combination of the [/color][url="http://www.openssl.org/"]OpenSSL library[/url][color=#333333], [/color][url="http://opensource.apple.com/source/CommonCrypto/"]CommonCrypto[/url][color=#333333], or Windows cryptography libraries depending on platform and version for all of its encryption and key generation needs. [b]These libraries are compliant with the [/b][/color][b][url="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2006.htm"]FIPS 140-1 and FIPS 140-2[/url][color=#333333] Federal Information Processing Standards.[/color][/b]