1Password has announced that it has increased its top bug bounty reward for finding potential security flaws in its password manager to $1 million.
Not only is the highest bounty in the history of Bugcrowd, but it's also one of the largest rewards in the industry.
1Password CEO Jeff Shiner noted that the move will attract additional security experts and white hat hackers while also strengthening the security of its password manager.
Strengthening its platform
1Password regularly engages both external security experts and white hat hackers as part of its normal day-to-day operations in an effort to discover any blind spots in its platform. By expanding its bug bounty program though, the company will be able to enlist thousands of researchers to continue these efforts.
Since starting its bug bounty program in 2017, 1Password has paid out $103k to Bugcrowd researchers with an average bounty of $900.
Although all of the bugs detected so far have been minor and didn't put any sensitive customer data at risk, the company was able to resolve them quickly which also helped reduce the risk of attacks.
Besides its bug bounty program, 1Password conducts over a dozen external penetration tests annually and releases the results to the public.
However, the company also has a Security Ambassador Program to train and develop security expertise in its development teams as well as an Eyes of the Month program that rewards employees who report the most impactful security issue of the month.
"No one should have to choose between safety and convenience, and we're making this major investment to demonstrate our commitment to keeping 1Password customers secure. Increasing our bug bounty to $1 million will attract another layer of outside expertise to make sure our systems are as secure as possible," added Shiner.
"Together, we will deepen our security leadership so our customers can live their lives online with ease and confidence."
- We've also featured the best business password manager
