Post ARLQQAV7sFgW2EDpb6 by ebmarquez@twit.social
(DIR) More posts by ebmarquez@twit.social
(DIR) Post #ARHR1TMlv32QcvGMK0 by leo@twit.social
2023-01-03T22:42:12Z
0 likes, 0 repeats
As I hoped, Steve discusses the Lastpass breach on today's episode. He also makes a recommendations for current users. https://twit.tv/sn. The episode should be available later today or watch us live at https://twit.tv/live.
(DIR) Post #ARHRRjXMQ2pyJCjnqi by joelpomales@mastodon.social
2023-01-03T22:47:00Z
0 likes, 0 repeats
@leo highlight of my week. Steve just bats it out of the park.
(DIR) Post #ARHRcRFwj9RcnThGtM by enda@enda.mccallig.com
2023-01-03T22:48:53Z
0 likes, 0 repeats
@leo Have been waiting for this one. Great show so far.
(DIR) Post #ARHRqGbX7wvVobO71M by rockyd@aus.social
2023-01-03T22:51:20Z
0 likes, 0 repeats
@leo They confirmed my suspicion not to trust online password managers. As they would most definitely be a target for hackers. I use a DIY setup of Keepass and online storage. Still liable to be hacked but no as likely as a password manager site.
(DIR) Post #ARHS0EsEPtULLLxAqe by hobiehenning@techhub.social
2023-01-03T22:53:13Z
0 likes, 0 repeats
@leo Oh nice! I'm looking forward to hearing about that š
(DIR) Post #ARHSWJdSFSUtNVKxSS by DoctorSynth@twit.social
2023-01-03T22:58:50Z
0 likes, 0 repeats
@leo I have always feared storing personal passwords through an internet service. Security is HARD, so I keep my passwords in a Filemaker Go database on my phone (protected by FaceID), and in Filemaker Pro (protected by a password) on my Mac & Windows computers.
(DIR) Post #ARHU7jBwIH1pJ9s1Lc by samir@mastodon.functional.computer
2023-01-03T23:16:59Z
0 likes, 0 repeats
@leo Really looking forward to it. I have switched to 1Password and Iām going through the slow process of switching passwords and deleting accounts Iāve had kicking around for 10+ years (thanks to your and Steveās original recommendation).I hope Steve doesnāt tell me 1Password is just as bad. šAt least this time Iām not making the mistake of keeping 2FA tokens on the same provider. Fool me onceā¦
(DIR) Post #ARHXdRbVWFkvtFe2C0 by ringslinger@mastodon.social
2023-01-03T23:56:21Z
0 likes, 0 repeats
@leo Echoing the crowd. Glad to hear from Steve. Now it's only to decide what's better for my family, bitwarden or 1Pass. Cheers.
(DIR) Post #ARHmnUpXsQiw6ZSiHY by mbwelch@twit.social
2023-01-04T02:46:12Z
0 likes, 0 repeats
@leo for those wanting a similar experience but self-hosted within your network (no cloud), check out https://www.enpass.io
(DIR) Post #ARID9IW8vzVx61RXRw by haagen@twit.social
2023-01-04T07:40:49Z
0 likes, 0 repeats
@leo I will for sure listen to Steve's thoughts! In the "Highlight of the year" episode there is a few FIDO discussions. There wasn't really that great break trough as we had hoped? I mean, passwords are still the way to authenticate - even when setting up new accounts on services. Will that change?
(DIR) Post #ARIUzEEDpB5K4aPQ8m by Patagium@equestria.social
2023-01-04T11:01:20Z
0 likes, 0 repeats
@leo Iāll wait to hear the details before I cancel Lastpass. In the past when journos talked about ābreaches,ā they turned out to be the kind of attacks that you just know all the password managers have (e.g. credential stuffing). I donāt believe in punishing a company for transparency.
(DIR) Post #ARIp46DV2MhVkxffYu by jtb@toot.wales
2023-01-04T14:46:19Z
0 likes, 0 repeats
@leo I see Steve is on mastodon here: https://infosec.exchange/@SGgrc/with_replies but is there something odd about that server? It does not seem to show my replies or anyone's by default.
(DIR) Post #ARIv5DCz7wVrSILOvQ by leo@twit.social
2023-01-04T15:53:47Z
0 likes, 0 repeats
@haagen Passkeys are still a coming attraction. I'd bet that they'll start to be much more common this year, but I also expect that we'll be using passwords in many places for years to come. Check back in a year for the best of 2023 to see if I'm right!
(DIR) Post #ARIx9gcDvyMhj6PWaG by francismuir@twit.social
2023-01-04T16:16:24Z
0 likes, 0 repeats
@leo another great Security Now show. LastPass abandoned their Windows desktop app a while ago. I used to use it all the time and then one day it stopped working. More money saving?
(DIR) Post #ARJlJJlGktCjRwQa7E by barryzee@twit.social
2023-01-05T01:38:59Z
0 likes, 0 repeats
@leo Thanks to you and Steve for cutting through the hysteria around Lastpass and giving me some usable timelines to use. I did move to Bitwarden about 10 days ago. However, as you pointed out, I will feel much safer changing all the passwords anyway. All 300 of them <SIGH>. In any event, I'm doing about 10 a day starting with the most critical and working my way down the list. But I do feel better after Security Now that I have a little time.
(DIR) Post #ARJvjl70ghprLZqMrY by ryanpaaz@mstdn.social
2023-01-05T03:35:48Z
0 likes, 0 repeats
@leo This is one I watched the video on. (Typically I just listen on stitcher ove my commute). Gotta ask Leo, when are you going to gently *shove* Steve onto mastodon?
(DIR) Post #ARLQQAV7sFgW2EDpb6 by ebmarquez@twit.social
2023-01-05T20:53:46Z
0 likes, 0 repeats
@leo this was an excellent show. I've been thinking about the lastpass issue. It's time to move on, it's going to be painful to migrate the family. So many shared passwords....
(DIR) Post #ARNEdQAe7DvNGS7E48 by jfparis@rouge.eu.org
2023-01-06T17:51:41Z
0 likes, 0 repeats
@leoYour advice not to import the vault and only the passwords you have changed is actually quite inspired
(DIR) Post #AROTyKU49APQB9aRhQ by mrforgetful@mastodon.cloud
2023-01-07T08:18:16Z
0 likes, 0 repeats
@leo excellent episode- really helpful analysis- looking forward to further feedback and info!
(DIR) Post #ARiHhIWJPVOZqoC87k by alexckwok@sfba.social
2023-01-16T21:34:55Z
0 likes, 0 repeats
@leo Super helpful episode - Thanks! I too had a backup on LastPass from when I switched to BitWarden. Just deleted it earlier this month after hearing Steve's reasoning on why he couldn't recommend LastPass anymore. That 500 iterations default setting (from way back when) was the last straw!