Leo to [email protected]English • 2 years ago1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comexternal-linkmessage-square46fedilinkarrow-up1267arrow-down18cross-posted to: [email protected]
arrow-up1259arrow-down1external-link1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comLeo to [email protected]English • 2 years agomessage-square46fedilinkcross-posted to: [email protected]
minus-squareGigglyBobblelinkfedilink7•edit-22 years agoI hope they don’t have your master password either. The decryption key sounds like just a longer password or salt with extra steps. What if the generation algo is cracked? Also, you can go multi-factor with every password manager I know.
minus-square@[email protected]linkfedilinkEnglish7•edit-22 years agoThey don’t have your password in any form. The random key is generated with a CSPRNG, we don’t know how to crack those. They aren’t hiding behind secrets: it’s all documented right here https://1passwordstatic.com/files/security/1password-white-paper.pdf 1Password is quite good.
minus-square@[email protected]linkfedilinkEnglish2•2 years agoYou clearly don’t understand what happened, nor what it would take to get into a users password store.
minus-square@[email protected]linkfedilinkEnglish1•2 years agoNot as clearly as you seem to think. You’ll struggle to find qualified people with criticism of their response.
I hope they don’t have your master password either. The decryption key sounds like just a longer password or salt with extra steps. What if the generation algo is cracked?
Also, you can go multi-factor with every password manager I know.
They don’t have your password in any form. The random key is generated with a CSPRNG, we don’t know how to crack those. They aren’t hiding behind secrets: it’s all documented right here https://1passwordstatic.com/files/security/1password-white-paper.pdf
1Password is quite good.
Not good enough clearly.
You clearly don’t understand what happened, nor what it would take to get into a users password store.
Not as clearly as you seem to think. You’ll struggle to find qualified people with criticism of their response.