I've been hacked!!

[Rastalovich]

lmao at that sig, my connection is over 10x that now

 

[WillSK]

Highly recommend a password manager. I put it off for years as it looked like a pain in the ass to sort but recently opened an account with 1password (others are available) and feel so much more secure since I did. Admittedly, getting it set up perfectly and swapping all passwords was time consuming, but not difficult as such.

Integrated nicely with my phone as well as my browsers and desktop.

 

[Dawelio]

Highly recommend a password manager. I put it off for years as it looked like a pain in the ass to sort but recently opened an account with 1password (others are available) and feel so much more secure since I did. Admittedly, getting it set up perfectly and swapping all passwords was time consuming, but not difficult as such.

Integrated nicely with my phone as well as my browsers and desktop.

The problem with such big services is that they get attacked and think that 1password got hacked a few years back with loads of accounts got compromised.

This is why I don’t feel comfortable keeping all of my accounts and passwords stored in such a service. Maybe I’m just being paranoid, but still though…

 

[hmmblah]

The problem with such big services is that they get attacked and think that 1password got hacked a few years back with loads of accounts got compromised.

This is why I don’t feel comfortable keeping all of my accounts and passwords stored in such a service. Maybe I’m just being paranoid, but still though…

It was lastpass that was hacked. Their db even stored the websites you used cleartext. Passwords were encrypted, but with data leaks and matching reused passwords it definitely left people vulnerable. 1password is annoyingly secure.

 

[WillSK]

The problem with such big services is that they get attacked and think that 1password got hacked a few years back with loads of accounts got compromised.

This is why I don’t feel comfortable keeping all of my accounts and passwords stored in such a service. Maybe I’m just being paranoid, but still though…

1password is one of the ones yet to be hacked as far as i'm aware. LastPass and Dashlane I think both got attacked.

Main difference with 1password is that to set up on a new device, not only do I need my master password and 2FA, but when you first open your account you get a unique long number which is needed on top of the other 2 things every time you set up a new device.

Makes it pretty hard to hack, even if someone got your master password.

 

[Dawelio]

It was lastpass that was hacked. Their db even stored the websites you used cleartext. Passwords were encrypted, but with data leaks and matching reused passwords it definitely left people vulnerable. 1password is annoyingly secure.

1password is one of the ones yet to be hacked as far as i'm aware. LastPass and Dashlane I think both got attacked.

Main difference with 1password is that to set up on a new device, not only do I need my master password and 2FA, but when you first open your account you get a unique long number which is needed on top of the other 2 things every time you set up a new device.

Makes it pretty hard to hack, even if someone got your master password.

Even though I understand you folks and despite it being ”annoyingly secure” etc, nothing is fully secure and being so popular makes it an target. It’s basically just an matter of time before it will most likely be breached. And hence this is why I don’t feel comfortable using said services, despite of how ”secure” they may be…

 

[hmmblah]

Even though I understand you folks and despite it being ”annoyingly secure” etc, nothing is fully secure and being so popular makes it an target. It’s basically just an matter of time before it will most likely be breached. And hence this is why I don’t feel comfortable using said services, despite of how ”secure” they may be…

Would I use it to secure nuclear codes? Definitely not. Do I feel safe having it store passwords for websites that are most likely less secure than a password manager? Yes. If you re-use passwords at all on multiple sites you should be instead using a password manager. Also, enable MFA where ever you can whether you use a password manager or not. I prefer not to store my passkeys and 2fa codes within my password manager. I see most are offering that now and it makes no sense to me.

 

[NeverBackDown]

Would I use it to secure nuclear codes? Definitely not. Do I feel safe having it store passwords for websites that are most likely less secure than a password manager? Yes. If you re-use passwords at all on multiple sites you should be instead using a password manager. Also, enable MFA where ever you can whether you use a password manager or not. I prefer not to store my passkeys and 2fa codes within my password manager. I see most are offering that now and it makes no sense to me.

When I was doing web development backend server stuff I would just download an encryption package and 5 seconds later plus 5-10 lines of code my server was "encrypted"... I never trusted it but hey it was the standard practice we were told to do ^_^

If I remember right that package was 128bit AES. Stronger than nothing but definitely not what I consider very secure. Most of the safety features were in who was able to access or not access certain data.

 

[WillSK]

Would I use it to secure nuclear codes? Definitely not. Do I feel safe having it store passwords for websites that are most likely less secure than a password manager? Yes. If you re-use passwords at all on multiple sites you should be instead using a password manager. Also, enable MFA where ever you can whether you use a password manager or not. I prefer not to store my passkeys and 2fa codes within my password manager. I see most are offering that now and it makes no sense to me.

Agreed, I still use a secondary authenticator to the one built into my manager.

As you state, I was that guy finding myself using 3-5 passwords over and over. Figured it was time to bump up my security a tad