this post was submitted on 28 Jul 2024
1 points (100.0% liked)

Technology

59587 readers
5464 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L4s@lemmy.world
L3s@fry.gs
L4s@fry.gs
enu@lemmy.world
1
Google Says Sorry After Passwords Vanish For 15 Million Windows Users. (www.forbes.com)
submitted 3 months ago by ModerateImprovement@sh.itjust.works to c/technology@lemmy.world
169 comments fedilink hide all child comments
(page 2) 50 comments
sorted by: hot top controversial new old
[–] Beaver@lemmy.ca 0 points 3 months ago (3 children)

Switches to Proton Pass

load more comments (3 replies)
[–] InternetUser2012@lemmy.today 0 points 3 months ago

"Here's what you need to know" - Avoid anything Google.

[–] communism@lemmy.ml 0 points 3 months ago

Me when I don't use Chrome, I don't use Windows, and I don't use browser password saving either

[–] krimson@lemmy.world 0 points 3 months ago (14 children)

Recently started using Bitwarden and it works really well. You can even ditch authenticator because it has OTP built in too.

I selfhost it though because I trust nobody with this type of sensitive data, encrypted or not.

[–] redditReallySucks@lemmy.dbzer0.com 0 points 3 months ago (4 children)

By storing your passwords and otp in the same place it becomes 1 factor authentification

[–] EddoWagt@feddit.nl 0 points 3 months ago

Not really as you're still protected from password breaches, which is most likely to happen anyways, especially if you self host.

If you're actively being targeted for your bitwarden password, you likely have bigger problems

[–] paholg@lemm.ee 0 points 3 months ago (1 children)

Not if you use 2 factor to access the password manager.

[–] faerbit@sh.itjust.works 0 points 3 months ago (1 children)

It's still just one factor. You just secured it better.

[–] Godnroc@lemmy.world 0 points 3 months ago (6 children)

To set a scene, you awake in the middle of the night because your phone is making noise. Blearily you unlock it, glance at a prompt, and then approve a login and fall back asleep. The intruder now has access to your password manager!

They attempt to log into your bank and drain your life savings, but despite having your password it sends another prompt to your phone. This time, you wake up enough to realize something is wrong. This time, you deny the prompt.

The entire second paragraph cannot happen if your MFA is a single factor. Don't store MFA in your password manager!

load more comments (6 replies)
load more comments (2 replies)
load more comments (13 replies)
[–] MrsDoyle@lemmy.world 0 points 3 months ago (13 children)

A friend has a notebook next to her computer with all her passwords in it. Initially I was horrified - what if you're burgled? - but actually it's genius. Much more secure than letting a browser remember them, and she doesn't even need to memorise a Bitwarden password.

[–] flerp@lemm.ee 0 points 3 months ago (3 children)

I just make all of my passwords password123 then I don't have to worry about memorizing them

[–] braindamagebuddy@lemmy.world 0 points 3 months ago

Yeah, these newfangled password requirements ruined my life. I refuse to sign up for any website that doesn't let me use hunter2.

[–] don@lemm.ee 0 points 3 months ago (4 children)

*********** that’s what I see

load more comments (4 replies)
load more comments (1 replies)
[–] captain_aggravated@sh.itjust.works 0 points 3 months ago

In a household it's probably not that bad. There aren't many people breaking into homes looking for account details.

I've had my identity stolen several times, and every single time it was stolen from a Fortune 500 company.

[–] PlexSheep@infosec.pub 0 points 3 months ago (1 children)

It's a primitive password manager, primitive because unencrypted and not integrated into your devices, but far better than not having a password manager.

[–] viking@infosec.pub 0 points 3 months ago (1 children)

Assuming the laptop is running bitlocker (often on by default), has a user password, and is offline, that's pretty decent.

[–] MenacingPerson@lemm.ee 0 points 3 months ago (1 children)

Notebook refers to a paper notebook. Not a laptop.

[–] MenacingPerson@lemm.ee 0 points 3 months ago (2 children)

And in which world is bitlocker on by default? Nope.

load more comments (2 replies)
load more comments (10 replies)
[–] robocall@lemmy.world 0 points 3 months ago (1 children)

[–] shiypc@lemm.ee 0 points 3 months ago

feel like "aaand it's gone" would fit better here

load more comments
view more: ‹ prev next ›