Collaborate Disseminate
First of all, I know that passwords generally do not have to be stored in a JWT or JWS since the token in itself can be used to authenticate. My circumstances are very specific though.
In my program, I need to startup a process as the user… Continue reading Is it bad practice to store passwords in a JWE? If so, why?
I recently changed my password for my local Windows 10 account and found out that my usernames/passwords in Brave’s password manager are no longer visible.
Unfortunately, I executed Brave after the password change and I’m told that this ch… Continue reading Recovering Lost Brave Browser Usernames and Passwords
Is it safe not to have a 2FA for a password manager itself?
It seems that using an app for TOTP authentication for a password manager could increase the security. But it turns out that in this case I should remember by heart the password f… Continue reading Security of password managers vs. risk of losing access
Okta’s formula for multi-device identity authentication for a hybrid workforce: extract passwords, add ease of passkeys across devices.
The post Okta moves passkeys to cloud, allowing multi-device authentication appeared first on TechRepublic.
Continue reading Okta moves passkeys to cloud, allowing multi-device authentication
Encryption tech is obviously intended to secure things that we want to be private over an insecure medium. When I log into a site for example, my password is transmitted over HTTPS, hashed by the reciever (hopefully), and then compared to … Continue reading Is a leaked encrypted password more secure than a leaked hash?
Consider a home user who runs Linux on a laptop with full-disk encryption and uses a cloud-based password manager. Assume the laptop is firewall-protected with no SSH access. It seems reasonable to reuse the same passphrase for the OS user… Continue reading What are the risks of reusing the same passphrase for FDE, user account, and password manager?
I’m attempting to reduce the number of passphrases that I must memorize. Currently I need a different passphrase for each of:
Password manager
FDE for my personal computer
User account for my personal computer
FDE for my work computer
Use… Continue reading How can I reduce the number of passphrases that I must memorize (password manager, FDE, user accounts)? [closed]
I created an app that requires users to make multiple different logins within the app. Is it possible to use Google’s Identity API to ensure that the different required login credentials are stored/retrieved by Google whenever they are nee… Continue reading Credential management for an app requiring multiple different logins within a single application [closed]
I’m a customer of a big KYC provider and am using their API. The process to authenticate at the API requires a secret key that they are sending to me by email. If I want to revoke the key and get a new one I have to send a mail to their su… Continue reading Sending secret API Keys via email
Keeper used to be free so I had stored most of passwords on that app a few years ago from a past device. When I tried to access the passwords after five years, the app had turned into a subscription model and held my passwords as hostage. … Continue reading Password managing apps seem to have access to my passwords