98
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
(www.helpnetsecurity.com)
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
That probably works well for people who are able to self host.
I use cloud password storage. I don't have the knowledge, time, or inclination to self host.
In this context "self host" can ironically mean using a cloud service for hosting. You can use a file based password manager and just sync the database. Solutions like KeePass have apps for many platforms, and they can often even directly load from cloud storage, like Google drive, OneDrive or DropBox. The password database is strongly encrypted, and even if your storage gets compromised, your passwords are still safe (assuming a good password or some then better security was used to encrypt it).
You give up the convenience of having a single service and having to get each device to access the file. But that's it. It's not that hard and so much better than a password service, even if just for their attack surface, or the "likely target" these are.