|
duTrieux. posted:the solution is to educate people on basic digital security, not to dumb everything down so as to be worse than nothing How's that one working out?
|
#
?
Jun 1, 2017 17:53
|
|
|
|
| # ? May 18, 2024 18:55 |
|
|
anthonypants posted:when i paid for lastpass, keep rear end was still an open sores nightmare where you needed third-party plugins for anything you actually wanted to use it for, and a lot of plugins weren't compatible between keep rear end v1 and keep rear end v2. i've since switched to 1password but i don't believe keep rear end has gotten any better. like, if i wanted to get chrome integration with keep rear end, i'd go to their plugins page, ctrl+f chrome, the first result is a plugin called KeeForm, here is their website, whoops it doesn't actually work with chrome I'm not sure why you need a plugin for this, when the builtin keyboard shortcut autotype functionality works perfectly well. That webpage describes opening keepass, selecting it and using autotype from there, but that is not the best way to do it.
|
|
#
?
Jun 1, 2017 17:53
|
|
|
Volmarias posted:How's that one working out? Pretty well actually. My users are technological idiots for a large part, but when I explain things like "don't share accounts" and "don't email passwords that belong to other people", they understand and learn. Sure, they forget their passwords after a long weekend, but they know the complexity requirements and why, and not to store PII on Dropbox.
|
|
#
?
Jun 1, 2017 17:58
|
|
|
what worked well for my family (notorious non computer touchers) was to move them to laptops with biometrics & dell ddpe some of them are using pure ddpe with the ie plugin, others (myself included) are using keep rear end with ddpe's sign-in:  biometrics have their own issues, but it removes a lot of friction in user adoption
|
|
#
?
Jun 1, 2017 18:00
|
|
|
https://twitter.com/wendynather/status/870094831082651648
|
|
#
?
Jun 1, 2017 18:01
|
|
|
duTrieux. posted:the solution is to educate people on basic digital security, not to dumb everything down so as to be worse than nothing the path to paradise goes straight up mount giveafuck and edgar from personnel showed up in flipflops today
|
|
#
?
Jun 1, 2017 18:04
|
|
|
Volmarias posted:So it was a rhetorical question but also a real question? it was a rhetorical question that was treated like a real question, yeah Volmarias posted:Sure, but don't cluck at non-technical end users for picking the thing that appears to be good enough when there's no reasonable alternative for them. ah ok i think i see the disconnect, i didn't interpret it as clucking at general end users but as clucking at thread posters, i guess i can see how it could be either 
|
|
#
?
Jun 1, 2017 18:18
|
|
|
Volmarias posted:How's that one working out? i actually work in field of training/instructional design/screaming into the void so in short, it's not working very well at all!
|
|
#
?
Jun 1, 2017 18:29
|
|
|
all of human history is a struggle against the fact that we're all goddamn animals
|
|
#
?
Jun 1, 2017 18:29
|
|
|
our sophos license renewal is coming up, the sales rep has this in his email signature
|
|
#
?
Jun 1, 2017 18:31
|
|
|
lastpass and other browser plugin password managers are bad because they are constantly revealed to be vulnerable to a litany of attacks that give away all the users' credentials, making it worse than just writing things down because it gives the user a false sense that they are being safe when they are not.
|
|
#
?
Jun 1, 2017 18:35
|
|
|
anthonypants posted:our sophos license renewal is coming up, the sales rep has this in his email signature you know there were like 10 meetings about that image. makes me want to see the mockups that were rejected.
|
|
#
?
Jun 1, 2017 18:35
|
|
|
anthonypants posted:our sophos license renewal is coming up, the sales rep has this in his email signature river city ransomware
|
|
#
?
Jun 1, 2017 18:43
|
|
|
anthonypants posted:our sophos license renewal is coming up, the sales rep has this in his email signature thE EnD oF rAnSOmWarE
|
|
#
?
Jun 1, 2017 18:50
|
|
|
flakeloaf posted:river city ransomware are you a bad enough dude to demand 2 btc from a slovenian grandma
|
|
#
?
Jun 1, 2017 18:53
|
|
|
flakeloaf posted:river city ransomware cis autodrag posted:are you a bad enough dude to demand 2 btc from a slovenian grandma
|
|
#
?
Jun 1, 2017 19:31
|
|
|
cis autodrag posted:are you a bad enough dude to demand 2 btc from the NHS
|
|
#
?
Jun 1, 2017 19:33
|
|
|
wannabarf
|
|
#
?
Jun 1, 2017 19:41
|
|
|
to unlock your account send 3 bitcoins to qBh3Dds9'3aZ hfHb8f7pbf7 7'Hi9k3xsXn
|
|
#
?
Jun 1, 2017 19:56
|
|
|
cis autodrag posted:are you a bad enough dude to demand 2 btc from a slovenian grandma please don't doxx my grandma
|
|
#
?
Jun 1, 2017 20:13
|
|
|
You should put this as your signature when you reply:
|
|
#
?
Jun 1, 2017 20:33
|
|
|
Optimus_Rhyme posted:You should put this as your signature when you reply: holy poo poo yes please do this maybe you'll be able to negotiate a discount and embezzle the money
|
|
#
?
Jun 1, 2017 22:34
|
|
|
isn't 1password good? though the sync via dropbox seems like a weak link
|
|
#
?
Jun 2, 2017 00:58
|
|
|
WAR DOGS OF SOCHI posted:isn't 1password good? though the sync via dropbox seems like a weak link the browser plugin gives some people uncomfortable feelings i think sync via dropbox is gone and it's now 'sync via our server for as long as you subscribe' or something
|
|
#
?
Jun 2, 2017 01:04
|
|
|
WAR DOGS OF SOCHI posted:isn't 1password good? though the sync via dropbox seems like a weak link
|
|
#
?
Jun 2, 2017 02:08
|
|
|
I feel like the wheel has yet to stop on dashlane, but so long as it hasn't yet I'm going to feel like a superior decision maker wrt butt-managers LET ME HAVE THIS OKAY
|
|
#
?
Jun 2, 2017 02:12
|
|
|
El Mero Mero posted:I feel like the wheel has yet to stop on dashlane, but so long as it hasn't yet I'm going to feel like a superior decision maker wrt butt-managers nothing can escape the gaze of Tavis, he will come for your program soon.
|
|
#
?
Jun 2, 2017 02:22
|
|
|
El Mero Mero posted:I feel like the wheel has yet to stop on dashlane, but so long as it hasn't yet I'm going to feel like a superior decision maker wrt butt-managers Dashlane got popped by tavis last year https://twitter.com/taviso/status/773218040758448128?lang=en quote:This results in a universal XSS, allowing any site to XSS any other site - and therefore access cookies and user data, steal passwords and credentials for any website, etc, etc. Something like this should work:
|
|
#
?
Jun 2, 2017 02:35
|
|
|
Anyone ever hear of Dashlane?
|
|
#
?
Jun 2, 2017 02:59
|
|
|
Raere posted:Dashlane got popped by tavis last year god damnit 
|
|
#
?
Jun 2, 2017 03:08
|
|
|
I really started to wonder if this person was actually this stupid or just sarcastic. I found no answer.
|
|
#
?
Jun 2, 2017 04:02
|
|
|
endlessmonotony posted:I really started to wonder if this person was actually this stupid or just sarcastic. 
|
|
#
?
Jun 2, 2017 04:56
|
|
|
lastpass doesn't solve the problem of "my passwords aren't secure". it solves the problem "i have to keep entering all these passwords"
|
|
#
?
Jun 2, 2017 07:59
|
|
|
the keepass autotype thing scares me because so much poo poo can pop up on a computer in 1-5 seconds and steal focus
|
|
#
?
Jun 2, 2017 08:13
|
|
|
Jewel posted:keepass especially since it has a funy name "keep rear end"
|
|
#
?
Jun 2, 2017 11:07
|
|
|
Keep rear end, the funy passowrd manager
|
|
#
?
Jun 2, 2017 12:00
|
|
|
next.js is a really nice react.js framework with server side rendering integration but they didn't reliably filter paths that include ".." so... https://github.com/zeit/next.js/releases/tag/2.4.1
|
|
#
?
Jun 2, 2017 12:11
|
|
|
like i said earlier, i was on vacation and got some email from kohl's thanking me for creating an account with them; obviously someone just using my email address. so i got home today and did the old reset password to lock the idiot out. saw that i could edit the account info, and figured i'd just change the email to something else:  i'm dyin'
|
|
#
?
Jun 2, 2017 12:30
|
|
|
Gul Banana posted:lastpass doesn't solve the problem of "my passwords aren't secure". it solves the problem "i have to keep entering all these passwords" and it keeps "if I use the same password everywhere I won't forget it" from being the easiest solution to dealing with all the passwords you need these days. I've been using 1Password to keep track of my logins but I don't use autofill and generally pull up the password on my iphone while I type it in using my computer keyboard. it basically makes it a glorified password notebook with Dropbox backup in case my house burns down or something and I figure it is good enough. is bitcoin drama considered too much of a low hanging fruit for the tread? I hope not because this guy losing $8k in 15 minutes is just stuffed full of fun fuckups. first you have yet another example of how using SMS is no good because the attacker simply convinced Verizon to transfer the number to a new SIM, allowing them to reset his Gmail password. Verizon did send him a text to let him know someone was on the phone with Verizon making changes to the account, but the "not you? call us immediately" number is only staffed weekdays 8am-11PM. then you have Coinbase allowing a password reset, new device activation, and complete emptying out of all funds within four minutes. this might be my favorite comment "solution": quote:consider switching to a non-traditional phone company like Google Project Fi.. can’t socially engineer them because you can’t even contact them featurenotabug!
|
|
#
?
Jun 2, 2017 13:50
|
|
|
|
| # ? May 18, 2024 18:55 |
|
|
I can't wholeheartedly endorse 1Password anymore, because I don't agree with their recent decisions to remove external cloud sync and local vault capability and move to a subscription-only model, BUT they're basically the only password manager aside from Keepass that hasn't been sabered open by Tavis like a cheap bottle of Brut. Edit: to express my displeasure with AgileBits, here's an effortpost to use 1Password for free with Windows with Dropbox sync intact: 1. Uninstall 1Password6 if you have any version installed past 6.4.377 2. Download version 6.3.359 directly from AgileBits and install it. 3. Set up sync with at least one vault via Dropbox, OneDrive, or whatever you want to use. 4. Download version 6.4.377 directly from AgileBits and upgrade your previous install. 5. Never upgrade past that, and you'll maintain DropBox sync. Automatic sync is non-existent or unreliable, so you have to manually trigger a sync through options. Also, you can't edit or add vault entries. But if you sync multiple vaults it's nicer than 1Password 4, and the interface is consistent with the rest of the 1Password ecosystem. Also, AgileBits alleges that they dropped Dropbox support because DropBox will be changing APIs soon (or, they already have). Time will tell if this method continues to work, but I have a feeling they're full of poo poo and dropped external cloud support to pimp their own product. They're so evasive about it on their forums it must be true. bobfather fucked around with this message at 15:14 on Jun 2, 2017 |
|
#
?
Jun 2, 2017 14:28
|
|
