security

1Password Product Enhancements [Winter Edition]: Mobile Improvements, Better Item Creation, and Even More Security Features

1Password updates in 2024 focus on user experience with enhancements in mobile usability, item creation, security features, and feedback implementation. Key improvements include simplified mobile item management, new search functionality, QR code setup for devices, faster item creation, autosave for 2FA codes, live security alerts, Touch ID for the Safari extension, and memorable password generation in multiple languages. The updates aim to make password management intuitive and secure, while ongoing user feedback continues to shape the platform's evolution.

https://blog.1password.com/product-update-improvements-and-features/

1Password Acquires Trelica, a Trailblazer in SaaS Access Management

1Password acquires Trelica to enhance SaaS access management, boosting security without hindering productivity. Trelica's platform addresses critical issues like Shadow IT and user access management, aiding IT teams while simplifying processes. The acquisition advances 1Password’s Extended Access Management vision, fostering a secure and user-friendly ecosystem that harmonizes security with employee productivity.

https://blog.1password.com/1password-acquires-trelica/

Replace .env With 1Password SDKs: Get Started With Secure Programming

1Password simplifies secure app development by replacing hardcoded .env files with secure references to cloud-stored secrets via their CLI and SDKs. The migration process involves installing the 1Password VS Code plugin, creating shared vaults for secrets, and accessing these secrets programmatically using SDKs. Users can organize and share secrets securely, rotate keys easily, and ensure sensitive information isn't stored in version history or hardcoded files. The transition enhances security and management of application configurations.

https://blog.1password.com/env-file-migration-secure-programming-best-practices/

Stolen Device Protection

First introduced in iOS 17.3, the Stolen Device Protection security feature is designed to prevent unauthorized access to your data and accounts if your iPhone is lost or stolen.

How Stolen Device Protection Works

When enabled, Stolen Device Protection requires Face ID or Touch ID authentication for specific actions on your iPhone when it is away from familiar locations like your home or work. This includes accessing passwords and credit cards stored in Keychain, using saved payment methods in Safari, and making changes to Find My and Apple ID settings.

In addition, a security delay of one hour is triggered before you can make critical changes like turning off Find My, erasing the device, or removing Stolen Device Protection. This delay is meant to prevent thieves from being able to perform these actions quickly.

What's New in iOS 17.4

The iOS 17.4 update builds upon the initial version of Stolen Device Protection in a couple of crucial ways:

  1. You can always keep Stolen Device Protection on, regardless of location. Previously, it only activated when away from familiar places.

  2. Attempting to turn off Stolen Device Protection when not at a known location will start the security delay before you can disable it, providing an additional safeguard.

Importance of Find My and Activation Lock

Stolen Device Protection works with the Find My app and Activation Lock to secure your iPhone. Find My allows you to locate and mark a missing device as lost, lock it, or erase it remotely.

Activation Lock prevents anyone else from using your iPhone if it is lost or stolen. When Find My is enabled, your Apple ID is securely stored on Apple's activation servers and linked to your device. This means your Apple ID password or device passcode is required before Find My can be turned off, the device erased, or reactivated.

Enabling Stolen Device Protection

To turn on this feature, your iPhone must be running iOS 17.3 or later and have the following enabled:

  • Two-factor authentication for your Apple ID
  • A device passcode
  • Face ID or Touch ID
  • Find My
  • Significant Locations (in Location Services settings)

Then navigate to Settings > Face ID & Passcode, enter your passcode, and toggle on Stolen Device Protection.

Remote Erase as a Last Resort

If you can't recover a lost or stolen iPhone, erasing it remotely using Find My should be a last resort. A remote wipe deletes all data on the device, but the custom message you set when marking it as lost will still display.

Remember that the device needs to be powered on and have a network connection to receive the remote erase command. Regularly backing up your iPhone is crucial in case you ever need to restore your data to a new device.

In conjunction with Find My and Activation Lock, Stolen Device Protection provides multiple layers of defense to help keep your data safe, even if your iPhone ends up in the wrong hands.

About Stolen Device Protection for iPhone: https://support.apple.com/en-us/HT212510

Scroll to Top