this post was submitted on 10 Jul 2023
356 points (99.2% liked)
Fediverse
17776 readers
44 users here now
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
- What is the fediverse?
- Fediverse Platforms
- How to run your own community
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
oh, really? maybe i'll turn mine off then.....Thanks for the heads up!
Mostly a risk on initial setup.
I’ve been waiting a bit for it to stabilize and just using huge random passwords
If you're using a password manager you'd be doing this for every site and without even having to think about it. Bitwarden is a great choice.
I like KeePass. Bitwarden currently has an nginx exposure in the Dockerfile published in their git repo (may have been fixed since a couple of days ago). That said, I used Bitwarden for many years and switched out of an abundance of paranoia, and am definitively not recommending against it. Just basically use one of the following:
And stay far the fuck away from LastPass
my uni is currently still recommending lastpass as of now, tho I’ve heard they might be looking for alternatives …
LastPass has had a few security incidents lately. I do not trust them at all.
This was not the first and it won't be the last. They've had issues going as far back as 2015. Don't keep your credentials with a paid platform. Use something you can fully audit and control yourself like Bitwarden or KeePass
KeePass +1
I don't know that 1password should be on that list. The first two are free and open source. The last one is paid and proprietary.
Don't put your credentials in the hand of a company that requires you to trust them to not fuck up. Everyone thought LastPass was great until they weren't