Leo to Technology@lemmy.worldEnglish • 8 months ago1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comexternal-linkmessage-square46arrow-up1267arrow-down18cross-posted to: technology@lemmy.mlhackernews
arrow-up1259arrow-down1external-link1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comLeo to Technology@lemmy.worldEnglish • 8 months agomessage-square46cross-posted to: technology@lemmy.mlhackernews
minus-squareGigglyBobblelinkfedilink7•edit-28 months agoI hope they don’t have your master password either. The decryption key sounds like just a longer password or salt with extra steps. What if the generation algo is cracked? Also, you can go multi-factor with every password manager I know.
minus-square@qqq@lemmy.worldlinkfedilinkEnglish7•edit-28 months agoThey don’t have your password in any form. The random key is generated with a CSPRNG, we don’t know how to crack those. They aren’t hiding behind secrets: it’s all documented right here https://1passwordstatic.com/files/security/1password-white-paper.pdf 1Password is quite good.
minus-square@KairuByte@lemmy.dbzer0.comlinkfedilinkEnglish2•8 months agoYou clearly don’t understand what happened, nor what it would take to get into a users password store.
minus-square@PoliticalAgitator@lemm.eelinkfedilinkEnglish1•8 months agoNot as clearly as you seem to think. You’ll struggle to find qualified people with criticism of their response.
I hope they don’t have your master password either. The decryption key sounds like just a longer password or salt with extra steps. What if the generation algo is cracked?
Also, you can go multi-factor with every password manager I know.
They don’t have your password in any form. The random key is generated with a CSPRNG, we don’t know how to crack those. They aren’t hiding behind secrets: it’s all documented right here https://1passwordstatic.com/files/security/1password-white-paper.pdf
1Password is quite good.
Not good enough clearly.
You clearly don’t understand what happened, nor what it would take to get into a users password store.
Not as clearly as you seem to think. You’ll struggle to find qualified people with criticism of their response.