unreachable.cloud
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
Wothe@lemmy.world to Memes@lemmy.ml · 2 years ago

Add-on: same password, same identity.

lemmy.world

message-square
174
fedilink
1.3K

Add-on: same password, same identity.

lemmy.world

Wothe@lemmy.world to Memes@lemmy.ml · 2 years ago
message-square
174
fedilink
  • vsis@feddit.cl
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    2 years ago

    There are libre off-line password managers. Variants of Keepass for example.

    Indeed it’s a bad idea to store passwords in a propietary system. Specially a cloud based one being hacked time to time, like 1password.

    • qqq@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      3
      ·
      edit-2
      2 years ago

      A lot of weird hate for 1Password on Lemmy the past couple days. I highly recommend reading their white paper, I think most of the hate comes from ignorance of what they are actually doing.

      https://1passwordstatic.com/files/security/1password-white-paper.pdf

    • TrickDacy@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      3
      ·
      2 years ago

      I’m unaware of 1password ever getting hacked.

      Even if they did, there’s some really smart technology at play here. I think your paranoia here is unjustified. I felt the same way until I read about their technology. At that point I felt comfortable using their service.

      • GissaMittJobb@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        2 years ago

        I mean, just three days ago we had this incident, which is probably what they are referring to: https://blog.1password.com/okta-incident/

        Anyway, iirc, 1password is architected in a way where a breach won’t actually disclose the passwords of their users, but I’m too tired to do the requisite double-checking to verify it

        • TrickDacy@lemmy.world
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          2 years ago

          https://www.forbes.com/sites/daveywinder/2023/10/24/no-1password-has-not-just-been-hacked-your-passwords-are-safe/?sh=583d97333a09

          Yeah I did my research long ago. I don’t think this anything to worry about

      • vsis@feddit.cl
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        2 years ago

        I’m unaware of 1password ever getting hacked.

        https://cybersecuritynews.com/1password-hacked/?amp

        I think your paranoia here is unjustified

        You are right in a way. I always assume company sysadmins have access to company data, even if they say the opposite, and I always assume there are undisclosed data leaks. Which may seem a little paranoid.

        It’s like closing your car’s door when leaving it alone: Is it paranoid to assume that always there are someone willing to steal stuff?

        • TrickDacy@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          2 years ago

          https://www.forbes.com/sites/daveywinder/2023/10/24/no-1password-has-not-just-been-hacked-your-passwords-are-safe/?sh=583d97333a09

          1password employees don’t have access to the data let alone anyone else. The encryption is not bullshit

          • vsis@feddit.cl
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            2 years ago

            1password employees don’t have access to the data let alone anyone else.

            That’s a common good practice.

            It’s still good idea to assume the opposite.

            If you can see plain text passwords, some malicious actor at their side can too. No matter if it’s encrypted at rest.

            • TrickDacy@lemmy.world
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              2 years ago

              No, I don’t think it’s healthy to move through life in such a paranoid state. If I thought that, I wouldn’t use a password manager and that would leave several problems unsolved, chiefly I would only be able to remember a couple passwords, opening my identity up for hacking several orders of magnitude likelier to actually happen than 1password’s entire technology stack failing at its one job.

Memes@lemmy.ml

memes@lemmy.ml

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 465 users / day
  • 2.37K users / week
  • 6.44K users / month
  • 17.6K users / 6 months
  • 1 local subscriber
  • 52.9K subscribers
  • 11.6K Posts
  • 158K Comments
  • Modlog
  • mods:
  • ghost_laptop@lemmy.ml
  • sexy_peach@feddit.de
  • Cyclohexane@lemmy.ml
  • Arthur Besse@lemmy.ml
  • BE: 0.19.5
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org