Hashcat sped up cracking the 1Password Agile Keychain due, in part, to a design flaw in PBKDF2. I tell the story of the flaw, how it bit us, and our response from the defender's point of view.
Jeffrey Goldberg, aka jpgoldberg, is Chief Defender Against the Dark Arts for AgileBits, the makers of 1Password, where he helps craft and writes about the security design of 1Password. Previously, as mail/sysadmin at a university, he thought passwords would go away "in three to five years". Contrary to popular belief, he is *not* a Sith lord in disguise.