Post AOGipkNpSFxt6ts8dk by ozoned@mastodon.technology
 (DIR) More posts by ozoned@mastodon.technology
 (DIR) Post #AOGZgjxQlkxPb19ftY by ozoned@mastodon.technology
       2022-10-05T15:38:31Z
       
       0 likes, 0 repeats
       
       Currently at work watching a #cybersecurity presentation and they're suggesting using Google or MS accounts everywhere as logins so you don't have to worry about passwords ...WOW ... really?  🤦 🤮
       
 (DIR) Post #AOGZgkSGv5cx8faIy0 by cy@mstdn.io
       2022-10-05T19:08:27Z
       
       0 likes, 0 repeats
       
       @ozoned I went to a security presentation at a local computer reseller nonprofit called FreeGeek around here, and the first thing he said was you should use a password manager by going to lastpass dot com. Then he started going on about how much easier lastpass made it manage your employees' passwords, by letting you take away their passwords quickly and efficiently, as if you couldn't just delete their logins on the company server. He didn't know what public keys were.
       
 (DIR) Post #AOGZgkuzCKb0Zj1Eiu by ozoned@mastodon.technology
       2022-10-05T15:51:30Z
       
       0 likes, 0 repeats
       
       Wow ... and now they said if you're on a public wifi and you're not using a VPN then anyone can see your passwords and pictures ... So this entire presentation is bunk apparently.And then they go on to talk about how social media is bad for your mental health.  The technology isn't, what people consume on it does.  Maybe let's not support shit social media?
       
 (DIR) Post #AOGipkNpSFxt6ts8dk by ozoned@mastodon.technology
       2022-10-05T20:50:55Z
       
       0 likes, 0 repeats
       
       @cy oh great ... full organizational control of passwords ... no way this could EVER go wrong ...
       
 (DIR) Post #AOGjcRGRKOtK0EdMlU by cy@mstdn.io
       2022-10-05T20:59:44Z
       
       0 likes, 0 repeats
       
       @ozoned Multi-organizational control!  Lastpass uh "serves" multiple companies around the world this way, I imagine.One person there was just some lady who wanted to know how to keep her kids' accounts from being hacked. Not exactly an audience of filthy business managers.
       
 (DIR) Post #AOGjtaYy0aKLlWTfiy by ozoned@mastodon.technology
       2022-10-05T21:02:48Z
       
       0 likes, 0 repeats
       
       @cy oh I absolutely believe in password managers.  I recommend #bitwarden to absolutely anyone that asks, including my 65+ parents.  But allowing an ORG MANAGER to control access to your passwords ... ugh.  We have a password manager at my job, but we're also allowed to run #passwordsafe locally on our machine which only we control the password to.
       
 (DIR) Post #AOGsBFhd6XBdukSmCO by cy@mstdn.io
       2022-10-05T22:35:40Z
       
       0 likes, 0 repeats
       
       @ozoned I tend to recommend https://www.keepassx.org/ but yeah. I wish we could use public keys more. Those can't be cracked without breaking into each individual user's machine, so password database leaks, or even sniffers are useless. Personally I use my own password manager: git://fedicy.us.to/passphrasegen but I sure can't expect people to do something crazy like actually using source of their open source software.