259
1Password discloses security incident linked to Okta breach
(www.bleepingcomputer.com)
This is a most excellent place for technology news and articles.
It’s not as simple as brute forcing the password, it’s also encrypted using a secret key. You essentially have 2 factor encryption on the vaults.
If a user was social engineered, not very tech savy to catch on to it and revealed the master password, you'd only need to guess the encryption key, no?
Yes, but the encryption key is very likely more secure than the users password to begin with.