14 DAY TRIAL // If you can break into a 1Password vault and obtain a plain text file full of "bad poetry," AgileBits, the developer behind the service, will pay you a bug bounty of $100,000.
In the past, this type of "capture the flag" bug bounty had a price tag that was a mere $25,000. Sure, even that sum is quite high when it comes to bug bounties but seems like pocket change when compared to the new value.
AgileBits seems to want, through all means necessary, to demonstrate its service is safe, taunting security researchers to find vulnerabilities if they can.
Huge payout to prove a point
The bug bounty can be found on Bugcrowd, which is a platform for crowdsourcing bug hunts. Companies can easily reward researchers for their discoveries. This one is the biggest bounty that's currently on the platform as AgileBits tries to prove a point - it takes security seriously.
Of course, that's how it should be given how 1Password is a password manager, keeping all your login credentials in the same place. If cracked, it could pose a serious security problem to all users.
“We owe it to our customers to do everything in our power to keep them and their information secure. This means using the ingenuity of real people to help us continually improve the security of 1Password. It was important to us to demonstrate how seriously we take this contribution and have increased the prize to prove it,” AgileBits' Jeff Shiner told Tom's Hardware.
So how does this all work? The bug bounty specifies a particular account that white hats will have to breach to get the bad poetry file. Of course, most users wouldn't be targeted by an attack like the one this particular account will be, but it's a good test for the service. With the increased popularity of password managers, 1password wants to prove its service is safe.