Comment on God ****** dammit, here we go again
Godort@lemmy.ca 3 weeks agoI assure you, the rare security issues for password managers are far preferable to managing compromises every couple weeks.
Comment on God ****** dammit, here we go again
Godort@lemmy.ca 3 weeks agoI assure you, the rare security issues for password managers are far preferable to managing compromises every couple weeks.
Kyrgizion@lemmy.world 3 weeks ago
I’ve only really been in one breach. This one is actually a breach of a “security firm” (incompetent idiots) who aggregated login data from the dark web themselves, essentially doing the blackhats’ work for them.
This is also EXACTLY why requiring online interactions to be verified with government ID is a terrible idea. Hackers will similarly be able to gain all possible wanted data in a single location. It’s simply too tempting of a target not to shoot for.
Darkassassin07@lemmy.ca 3 weeks ago
I currently have 110 unique user+password combos. I wouldn’t want to change all those even once, if I were breached and had used similar credentials everywhere.
Bitwarden keeps them well managed, synced between devices, and allows me to check the whole database for matches/breaches via haveibeenpwned integration. Plus because I prefer to keep things in-house as much as possible, I even self-host the server with vaultwarden walled off behind my own vpn, instead of using the public servers. (this also means it’s free, instead of a paid service)
wreckedcarzz@lemmy.world 3 weeks ago
You’ve only been in one breach that you know about so far!
JohnEdwa@sopuli.xyz 3 weeks ago
Lucky you, I’ve been in at least 21 confirmed breaches so far.
Which I don’t really care about, as I’ve been using unique passwords and managers for well over two decades now.
thenoirwolfess@lemmynsfw.com 3 weeks ago
One of my breaches was just Google Chrome (back when I used it) logging me entering my password in a self-hosted local web app via https but with no cert… Google. My breach was Google.
sugar_in_your_tea@sh.itjust.works 3 weeks ago
If you think you’ve only been in one breach, you’re probably mistaken or very young. I don’t know how many breaches I’ve been involved in, but it’s at least double digits.
I’m American, and my Social Security number has been leaked multiple times. Each time I’ve done everything possible to secure my accounts (random passwords, TOTP 2FA where possible, randomized usernames, etc), yet there’s always a new breach that impacts me.
I’m not too worried though. My important accounts are pretty secure. I use one of the few banks (brokerage actually) that provides proper 2FA. My email and password manager use 2FA. My credit is frozen. Breaches happen, the important thing is to limit the impact of a breach.