Leo@lemmy.linuxuserspace.show to Technology@lemmy.worldEnglish · 1 year ago1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comexternal-linkmessage-square45fedilinkarrow-up1262arrow-down17cross-posted to: technology@lemmy.ml
arrow-up1255arrow-down1external-link1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comLeo@lemmy.linuxuserspace.show to Technology@lemmy.worldEnglish · 1 year agomessage-square45fedilinkcross-posted to: technology@lemmy.ml
minus-squareGigglyBobble@kbin.sociallinkfedilinkarrow-up7·edit-21 year agoI hope they don’t have your master password either. The decryption key sounds like just a longer password or salt with extra steps. What if the generation algo is cracked? Also, you can go multi-factor with every password manager I know.
minus-squareqqq@lemmy.worldlinkfedilinkEnglisharrow-up7·edit-21 year agoThey don’t have your password in any form. The random key is generated with a CSPRNG, we don’t know how to crack those. They aren’t hiding behind secrets: it’s all documented right here https://1passwordstatic.com/files/security/1password-white-paper.pdf 1Password is quite good.
minus-squaredangblingus@lemmy.worldlinkfedilinkEnglisharrow-up1arrow-down9·1 year agoNot good enough clearly.
minus-squareKairuByte@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up2·1 year agoYou clearly don’t understand what happened, nor what it would take to get into a users password store.
I hope they don’t have your master password either. The decryption key sounds like just a longer password or salt with extra steps. What if the generation algo is cracked?
Also, you can go multi-factor with every password manager I know.
They don’t have your password in any form. The random key is generated with a CSPRNG, we don’t know how to crack those. They aren’t hiding behind secrets: it’s all documented right here https://1passwordstatic.com/files/security/1password-white-paper.pdf
1Password is quite good.
Not good enough clearly.
You clearly don’t understand what happened, nor what it would take to get into a users password store.