Technology

59157 readers

2528 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

233

1Password discloses security incident linked to Okta breach (www.bleepingcomputer.com)

submitted 1 year ago by leo@lemmy.linuxuserspace.show to c/technology@lemmy.world

42 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Appoxo@lemmy.dbzer0.com 34 points 1 year ago (5 children)

1Password is still by far THE most secure password manager.

Now that is a very confident statement. Any sources to back that up? Maybe even a comparison to other password managers like Bitwarden, LastPass, etc.?

[–] Lime66@lemmy.world 27 points 1 year ago (1 children)

Don't compare it to last pass, you'll have an answer very shortly

[–] Appoxo@lemmy.dbzer0.com 3 points 1 year ago (1 children)

First password manager coming to mind because of such things.
Nothing is unhackable.

[+] hystericallymad@lemmy.ml -7 points 1 year ago* (last edited 1 year ago) (2 children)

Hmm. Why don’t you let everyone know what you know about encryption. Or, let everyone know how much you don’t know about encryption by just stating, “Nothing is unhackable”.

[–] dangblingus@lemmy.world 3 points 1 year ago (1 children)

Opsec is a treadmill. Everything is hackable. This is why companies hire penetration testers.

[–] ChaoticEntropy@feddit.uk 1 points 1 year ago* (last edited 1 year ago)

I mean... also, insecure things are eminently hackable and you don't know until someone has tried. That's the main reason companies hire penetration testers.

[–] Appoxo@lemmy.dbzer0.com 2 points 1 year ago* (last edited 1 year ago) (1 children)

I think my knowledge suffices to say that equal to physical security no security is forever safe. At some point a weak point will be exposed.
And if you can get a hand on encrypted content and live long enough with the right ressources and determination you might be able to crack something.

Because afaik it's all math at some point. Math is logic and logic can be cracked.

[–] hystericallymad@lemmy.ml 0 points 1 year ago

Interesting. Currently, I guess if you have hundreds of years to sit at the most advanced computers currently available you too can crack modern encryption…

[–] ram@bookwormstory.social 21 points 1 year ago

Please don't bring up LastPass in this conversation. They aren't relevant to anything wrt security, and worse yet, they remain extremely opaque with their security protocols.

[–] douglasg14b@lemmy.world 14 points 1 year ago (1 children)

Yeah definitely not worth doing a comparison to LastPass but doing the comparison to bitwarden and then local only ones like keypass/KeepassXC may be worthwhile

[–] Appoxo@lemmy.dbzer0.com 6 points 1 year ago

Oh yeah. How secure is a local encrypted password safe that is synced via things like Dropbox/OneDrive/GDrive/Syncthing or Resilio in comparison to something like Bitwarden and 1Password.

[–] qqq@lemmy.world 5 points 1 year ago

Not sure if you've read this but it might help get started.

https://1passwordstatic.com/files/security/1password-white-paper.pdf

[–] dangblingus@lemmy.world 1 points 1 year ago

Considering we're hearing about a lot of password managers getting hacked, saying you're the most secure is not really that impressive.