1Password breaks the bug bounty record by offering a million dollar reward

Password manager company 1Password is increasing its top bug bounty reward to $1 million, making it the highest bounty in Bugcrowd history and one of the largest rewards in cybersecurity.

Since beginning the bug bounty program in 2017, 1Password has paid out $103,000 to Bugcrowd researchers, averaging $900 per reward. While all detected bugs have been minor, showing no threat to the secrecy of sensitive customer data, 1Password was able to resolve them quickly to reduce the risk of attacks.

“No one should have to choose between safety and convenience, and we’re making this major investment to demonstrate our commitment to keeping 1Password customers secure,” says Jeff Shiner, CEO of 1Password. “Increasing our bug bounty to $1 million will attract another layer of outside expertise to make sure our systems are as secure as possible. Together, we will deepen our security leadership so our customers can live their lives online with ease and confidence.”

As part of its normal day-to-day operations, 1Password regularly engages external security experts and white-hat hackers to point out any blind spots to strengthen its platform. This program expands that initiative by enlisting thousands of researchers whose collective intelligence enables 1Password to consistently deliver a user-friendly and reliable product.

“The researcher community has long been a pivotal piece of the security puzzle, and is especially important today as hackers become savvier with their techniques and threats escalate from Russia,” says Ashish Gupta, CEO of Bugcrowd. “1Password has held our top bug bounty reward spot since 2017, and their new top prize of $1 million underscores their respect for the value our community provides.”

You can find out more on the 1Password blog.

Image Credit: ra2studio / Shutterstock

Author: Martha Meyer