Even if they did, there’s some really smart technology at play here. I think your paranoia here is unjustified. I felt the same way until I read about their technology. At that point I felt comfortable using their service.
Anyway, iirc, 1password is architected in a way where a breach won’t actually disclose the passwords of their users, but I’m too tired to do the requisite double-checking to verify it
You are right in a way. I always assume company sysadmins have access to company data, even if they say the opposite, and I always assume there are undisclosed data leaks. Which may seem a little paranoid.
It’s like closing your car’s door when leaving it alone: Is it paranoid to assume that always there are someone willing to steal stuff?
A lot of weird hate for 1Password on Lemmy the past couple days. I highly recommend reading their white paper, I think most of the hate comes from ignorance of what they are actually doing.
There are libre off-line password managers. Variants of Keepass for example.
Indeed it’s a bad idea to store passwords in a propietary system. Specially a cloud based one being hacked time to time, like 1password.
I’m unaware of 1password ever getting hacked.
Even if they did, there’s some really smart technology at play here. I think your paranoia here is unjustified. I felt the same way until I read about their technology. At that point I felt comfortable using their service.
I mean, just three days ago we had this incident, which is probably what they are referring to: https://blog.1password.com/okta-incident/
Anyway, iirc, 1password is architected in a way where a breach won’t actually disclose the passwords of their users, but I’m too tired to do the requisite double-checking to verify it
https://www.forbes.com/sites/daveywinder/2023/10/24/no-1password-has-not-just-been-hacked-your-passwords-are-safe/?sh=583d97333a09
Yeah I did my research long ago. I don’t think this anything to worry about
https://cybersecuritynews.com/1password-hacked/?amp
You are right in a way. I always assume company sysadmins have access to company data, even if they say the opposite, and I always assume there are undisclosed data leaks. Which may seem a little paranoid.
It’s like closing your car’s door when leaving it alone: Is it paranoid to assume that always there are someone willing to steal stuff?
https://www.forbes.com/sites/daveywinder/2023/10/24/no-1password-has-not-just-been-hacked-your-passwords-are-safe/?sh=583d97333a09
1password employees don’t have access to the data let alone anyone else. The encryption is not bullshit
A lot of weird hate for 1Password on Lemmy the past couple days. I highly recommend reading their white paper, I think most of the hate comes from ignorance of what they are actually doing.
https://1passwordstatic.com/files/security/1password-white-paper.pdf